SASE and SD-WAN

The promise of digital transformation is based on operational simplicity, better application performance, more business agility and increased responsiveness to external variables such as competition and technology innovation. While the virtualization of compute and storage resources coupled with innovations in DevOps, the WAN was largely ignored and has remained stagnant while everything else has evolved. Cloud (public, private and hybrid) is the passing lane in the digital transformation journey. To achieve these transformation benefits, enterprises migrate their workloads and applications to public cloud Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) targets. These migrations have increased demands on the WAN while putting additional stress on the performance and security control points that have traditionally resided in an enterprise data center. Network traffic supporting users wanting access to cloud applications have to “trombone” back to central data centre sites to be validated and authorized and then bounce back out of the data centre to reach the cloud destination. This is very inefficient especially in a global setting. TCP/IP conversation profiles, latency, packet loss and variable network performance means poor and irregular end user experiences, the result of poor overall application performance.

Some Legacy Telco history. Telco (Carriers) are historically, the main providers of WAN services to enterprises. Historically, they also provided legacy voice services. Voice services over PSTN (Public Switched Telephone Network) could migrate to VoIP (Voice Over Internet Protocol) but sound quality issues were visible in the early adoption. In a cloud enabled world, SD-WAN is an excellent cloud connectivity solution. This perceived easy, low disruption solution had Enterprises turn to their telco managed service provider for solutions for cloud connectivity by aggregating solution components and inter carrier relationships under a single, complicated offering.

Another SD-WAN decision point is the question of construction (aka DYI, CapEx, asset purchase) or consumption (aka Managed Service, OpEx, subscription). For companies that have contractual commitments to MPLS, utilize Dedicated Internet Access (DIA) in remote locations/branches and maintain the necessary IT Network resources to manage the environment, introducing the DYI SD-WAN model may be adequate to keep the lights on. Troubleshooting poor cloud application performance, security breaches, cloud and SaaS applications integration, the inability to “scale up or down” on demand and last but not least, the “snailnet” responsiveness and speed of legacy telcos that enterprise has been conditioned to expect, can be a showstoppers for successful digital transformation success stories. Precedent has been established with the subscription based cloud consumption model. The same principles can be applied to create a complimentary network consumption model.

SASE (Secure Access Secure Edge), pronounced “sassy”, is this emerging cybersecurity concept coined by Gartner in a report called “The Future of Network Security in the Cloud in August 2019. Digital organizations needed a new approach for network security in a world of cloud services, remote users, SaaS applications and essentially a data centre bypass from users wanting to access non-data centre applications like those provided by Cloud Service Providers (CSPs) such as Google, MS Azure, AWS and Oracle Cloud. It is based on entity identification. These identities can be associated with people, groups (branch offices), devices, applications, services, IOT (Internet Of Things) systems or edge computing locations. In summary, SASE results from the integration of the Security Service Layer and the Network Service Layer. The Security Service Layer includes: FWaaS – Firewall as a Service; CASB-Cloud Access Service Broker; ZTNA-Zero Trust Network Access; Cloud SWG-Secure Web Gateway. The Network Service Layer includes: SD-WAN-Software Defined Wide Area Networks.



Popular Use Cases

MPLS Migration

MPLS contract renewal avoidance

Cloud application acceleration

Branch Office technology simplification

Global optimized connectivity

Regional optimized connectivity

Remote worker access and security

Branch access to internet

Cloud application connectivity

UCaaS Optimization

CCaaS Optimization

CapEx displacement

Global Reach

CAD/CAM Design Collaboration

Remote Video Monitoring for Manufacturing

Company Mergers & Acquisitions





CATO Networks Logo and hotlink to website

Cato Networks provides Canadian enterprise with a converged SD-WAN and network security platform, delivered as a global cloud security service. This platform is aligned with Gartner’s Secure Access Service Edge (SASE) framework. Cato optimizes and secures application access for all users and locations. Using Cato, customers easily migrate from MPLS to SD-WAN, optimize connectivity to on-premises and cloud applications, enable secure branch Internet access everywhere, and seamlessly integrate cloud datacenters and mobile users into the network with a zero-trust architecture. Cato was founded in 2015 by one of the co-founders of Check Point Software who created the first commercial Firewall and Imperva, the innovator of the web Application Firewall. In Canada, Cato Networks has established POPs (Points Of Presence) in Vancouver, Calgary, Toronto and Montreal in addition to their 50+ POPs located in strategic locations around the world.

Aryaka Networks Logo and hotlink to website.

Aryaka has been delivering global, optimized connectivity as a service before the term “SD-WAN” became popular. Aryaka delivers unmatched global 7×24 support, unbeatable Net Provider Scores (NPS) and network expertise and “smart hands” in their Cloud-First WAN platform. With over 32 Points Of Presence (POP) around the world, Aryaka can offer latency of 30ms or less, to 90% of the world’s business users. For Canadian companies Aryaka provides POPs in Vancouver and Toronto. Aryaka offers both regional and global connectivity offering hundreds of enterprises of all sizes and several Fortune 100 companies unmatched connectivity and performance. The OpEx model offers companies an immediate solution to their cloud transition projects with implementation in days instead of months. Aryaka capabilities include: SmartOptimize (Application Acceleration as a Service: network optimization, application acceleration), SmartCloud (Multi-cloud Networking as a Service: ), SmartSecure (Security as a Service), SmartInsights (Actionable Insights as a Service) and Smart Connect (Connectivity as a Service).

Open Systems is the preeminent networking and cybersecurity provider for the enterprise cloud. Open Systems is a global company founded in 1990 in Basel Switzerland. company. Open Systems is a secure access service edge (SASE) pioneer enabling enterprises to scale with managed, cloud-native, secure connections anywhere. Open Systems operates in 180+ countries supporting over 3M users. Earning a net promoter score of 60, Open Systems has 7,300 deployments in a 7×24 support environment. Open Systems takes away enterprises’ operational headaches as they securely scale in the cloud. Open Systems is a secure access service edge (SASE) pioneer delivering a complete solution to network and security. Open Systems’ managed services offer cloud-native architecture, secure intelligent edge, hybrid cloud support, 24×7 operations by level-3 engineers, and predictive analytics. Their services combine 24×7 expertise with an intelligent platform to predict, prevent, detect and respond to cyberthreats so enterprises can thrive. Open Systems delivers integrated, multi-layered network security and protection that is seamlessly built-in to our Secure SD-WAN, and present in every edge device. Open Systems integrates comprehensive security features, so you can manage centrally and run worry-free. Open Systems enables customers to leverage a single partner for network and security operations. Consolidate your SD-WAN, network security, and extended detection and response (XDR) technology to reduce complexity and the need to orchestrate multiple vendors and applications. Open Systems helps free up your skilled IT staff to work on other business-critical projects.


Versa Networks, the leader in Secure SD-WAN and SASE, combines full-featured SD-WAN, complete integrated security, advanced scalable routing, genuine multi-tenancy, and sophisticated analytics both on-premises and in the cloud to meet WAN Edge and SASE requirements for small to extremely large enterprises and Service Providers. Versa Secure SD-WAN and Versa SASE are available on-premises, hosted through Versa-powered Service Providers, cloud-delivered, and via the simplified Versa Titan cloud service designed for Lean IT. Thousands of customers globally with hundreds of thousands of sites trust Versa with their networks, security, and clouds. Versa Networks is privately held. Versa enables secure, scalable, and reliable enterprise-wide networking, increasing multi-cloud application performance and dramatically driving down costs (CapEx and OpEx). Versa Secure SD-WAN and SASE are available on-premises, hosted through Service Providers, cloud-delivered, and via the Versa Titan service for Lean IT.



Oracle Communications provides integrated communications and cloud solutions for Service Providers and Enterprises to accelerate their digital transformation journey in a communications-driven world from network evolution to digital business to customer experience. SD-WAN from Oracle Communications was engineered by Talari through an acquisition in 2018. Talari delivered SD-WAN in 2008 and was granted 18 WAN patents. Oracle Communications is carrier agnostic and offers flexible CapEX/OpEX consumption models.