Three essential pillars for evaluating modern SASE solutions

Your business case is approved - now what?

Your business case for addressing security tool sprawl has been approved. You have a mandate to solve the complexity crisis that has been holding your organisation back. The budget is secured, leadership is aligned, and you're ready to move forward. But now you face a market crowded with vendors all claiming to offer a solution to your problems.

Here's where many organisations make a critical mistake. They approach the vendor evaluation process like comparing features on a spreadsheet, checking boxes against a predetermined list of capabilities. This approach is a trap that leads right back to the fragmented, complex environment you're trying to escape.

The truth is, evaluating SASE solutions based solely on feature lists fundamentally misunderstands what you're trying to achieve. You're not looking for more tools; you already have too many of those. What you need is a completely different approach to how security and networking work together in your organisation.

The "secure simplicity" framework

To make the right long-term decision, you need to evaluate potential partners against a complete architectural vision rather than individual features. This means shifting your evaluation criteria from "what can this solution do?" to "how will this solution transform the way we operate?".

The goal is to move to what industry leaders are calling "secure simplicity" - a modern approach that consolidates complexity without compromising security. Research from Forrester shows that organisations adopting unified Secure Access Service Edge(SASE) platforms report significant operational benefits, with networking teams naturally taking ownership of the solution since they were already managing VPN infrastructure.

This architectural transformation is founded on three essential pillars. Every potential provider must be assessed against these pillars, and those that cannot deliver on all three should be removed from consideration.

Pillar 1: Pragmatic consolidation into a unified platform

The first pillar addresses the core problem you identified in your business case - the unmanageable complexity of multiple security tools. Consolidation means more than just bundling products together. True consolidation requires a fundamental shift from managing a portfolio of disconnected products to operating a single, unified platform.

45% of senior IT and security leaders adopt SASE specifically to consolidate SD-WAN and security functions. However, not all consolidation approaches are equal. The critical question to ask potential vendors is: "Is your solution truly a single, integrated architecture, or is it a collection of acquired products stitched together?"

This distinction is crucial because many vendors offer what appears to be unified SASE but is actually multiple products connected through APIs and shared management interfaces. These "stitched-together" offerings, even from major brands, often come with different management dashboards, separate policy engines, and inconsistent data flows. They may perpetuate the very issue you're trying to eliminate.

For organisations seeking maximum simplification, single-vendor approaches built on unified platforms deliver the greatest operational benefits.

Look for solutions built on a common operating system with native integration between networking and security functions. The platform should provide a single management console, unified policy enforcement, and shared threat intelligence across all capabilities. This isn't just about convenience - it's about creating an environment where security and networking work together seamlessly rather than fighting against each other.

Pillar 2: A performance-driven, natively integrated architecture

The second pillar recognises that modern security cannot come at the expense of performance. Your users expect fast, reliable access to applications regardless of their location, and your security architecture must enhance rather than hinder this experience.

The effectiveness of any SASE solution is intrinsically linked to its underlying network architecture. This is where the concept of Points of Presence (PoPs) becomes critical. A vendor's PoP strategy directly impacts both security effectiveness and user experience.

For New Zealand organisations, this consideration is particularly important. Ask potential vendors: "Where are your PoPs located?" A provider with limited local PoPs will reintroduce the crippling latency you're trying to solve by forcing your traffic on long, inefficient routes for security inspection.

Recent expansion announcements show leading vendors recognising this challenge. Fortinet, for example, has announced new SASE PoPs in Auckland to better serve New Zealand organisations.

The architecture should deliver the shortest, fastest, and most secure path between your users and their applications. Look for solutions that process security functions locally at edge locations rather than backhauling traffic to distant data centres for inspection. This approach not only improves performance but also reduces the attack surface by limiting data exposure during transit.

Additionally, evaluate whether the vendor's network is purpose-built for SASE or relies on third-party infrastructure. Solutions built on the vendor's own global network fabric can guarantee performance and availability in ways that rely on public internet or partner networks cannot.

Pillar 3: Strategic leverage of local expertise

The third pillar addresses a reality that many organisations overlook during vendor evaluation - the ongoing operational requirements of a SASE transformation. This isn't just a technology deployment; it's a fundamental change in how your organisation operates, and you need a partner who can support that journey.

Rather than trying to build expertise internally across all aspects of a complex SASE platform, the right partner helps you augment your team's capabilities while freeing them from the burnout cycle that tool sprawl creates.

Ask potential vendors: "Where is your expert support team located?" And “are your support functions 24/7 or do you rely on on-call staff?” During a critical security incident at 2 AM on a Tuesday, waiting for support from a different hemisphere or tracking down the on-call engineer simply isn't an option. A partner with a New Zealand-based team of certified experts provides immediate, context-aware support that global helpdesks cannot match.

The local expertise consideration extends beyond technical support. The right partner understands New Zealand's regulatory environment, business practices, and unique connectivity challenges. They can provide strategic guidance that takes into account local factors like data sovereignty requirements, compliance obligations, and the specific performance characteristics of connections between New Zealand and major cloud providers.

Look for vendors who can demonstrate significant local investment in expertise and infrastructure. This includes certified local engineers, New Zealand-based security and network operations centres, and professional services teams who understand the local market. These capabilities indicate a vendor's commitment to the New Zealand market and their ability to provide the ongoing support your transformation will require.

Making your decision framework practical

Using these three pillars will help you filter through the noisy SASE market and create a meaningful shortlist of strategic partners. But how do you practically apply this framework during your evaluation process?

Start by mapping each potential vendor against all three pillars. Create a simple assessment matrix that evaluates:

Platform Integration: Can the vendor demonstrate native integration between all SASE components? Do they operate from a single console with unified policies, or do you see multiple management interfaces and policy engines?

Network Performance: Where are the vendor's PoPs located relative to your users and critical applications? Does their network connect directly to where your business-critical applications are? Can they demonstrate performance metrics for New Zealand-specific connections?

Local Partnership: What local expertise and support capabilities can the local delivery partner provide? How do they demonstrate long-term commitment to the New Zealand market?

Vendors who excel in one or two areas but fail in the third should be removed from consideration. The interdependence between these pillars means weakness in any area compromises the overall solution effectiveness.

Looking beyond the sales pitch

During vendor demonstrations and presentations, resist the temptation to focus on feature comparisons or technical specifications. Instead, ask questions that reveal how the vendor's approach aligns with the three pillars:

• "Walk me through how a policy change flows through your platform from creation to enforcement."
  
  
• "Show me how you would troubleshoot a performance issue affecting our Auckland users accessing Microsoft 365."
  
  
• "Describe your escalation process for a critical security incident occurring at 3 AM New Zealand time."
  
  

The vendors who can provide clear, detailed answers demonstrating integrated platforms, local performance optimisation, and comprehensive support capabilities are the ones worth serious consideration.

Next steps

Using these three architectural pillars will transform your vendor evaluation from a feature-matching exercise into a strategic partnership decision. You'll create a shortlist of providers who can genuinely deliver on the vision outlined in your business case rather than simply adding more complexity to your environment.

The next critical step is assessing which of these qualified partners can provide the most credible and lowest-risk path from your current state to your desired future. The best architectural vision means nothing if the transformation journey is poorly planned or executed.

Read our next article, "De-Risking Your Move to SASE," to learn how to choose a partner who can provide a smooth, low-disruption journey that delivers value from day one while building towards your long-term objectives.