• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Contact Sales
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Why Us
    • Why Cisco Umbrella
      • Why Try Umbrella
      • Why DNS Security
      • Why Umbrella SASE
      • Our Customers
      • Customer Stories
      • Why Cisco Secure
    • Fast Reliable Cloud
      • Global Cloud Architecture
      • Cloud Network Status
      • Global Cloud Network Activity
    • Unmatched Intelligence
      • A New Approach to Cybersecurity
      • Interactive Intelligence
      • Cyber Attack Prevention
      • Umbrella and Cisco Talos Threat Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco Umbrella and SecureX
  • Products
    • Cisco Umbrella Products
      • Cisco Umbrella Cloud Security Service
      • Recursive DNS Services
      • Cisco Umbrella SIG
      • Umbrella Investigate
      • What’s New
    • Product Packages
      • Cisco Umbrella Package Comparison
      • – DNS Security Essentials Package
      • – DNS Security Advantage Package
      • – SIG Essentials Package
      • – SIG Advantage Package
      • Umbrella Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Cloud Data Loss Prevention (DLP)
      • Cloud-Delivered Firewall
      • Cloud Malware Protection
      • Remote Browser Isolation (RBI)
    • Man on a laptop with headphones on. He is attending a Cisco Umbrella Live Demo
  • Solutions
    • SASE & SSE Solutions
      • Cisco Umbrella SASE
      • Secure Access Service Edge (SASE)
      • What is SASE
      • What is Security Service Edge (SSE)
    • Functionality Solutions
      • Web Content Filtering
      • Secure Direct Internet Access
      • Shadow IT Discovery & App Blocking
      • Fast Incident Response
      • Unified Threat Management
      • Protect Mobile Users
      • Securing Remote and Roaming Users
    • Network Solutions
      • Guest Wi-Fi Security
      • SD-WAN Security
      • Off-Network Endpoint Security
    • Industry Solutions
      • Government and Public Sector Cybersecurity
      • Financial Services Security
      • Cybersecurity for Manufacturing
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
  • Resources
    • Content Library
      • Top Resources
      • Cybersecurity Webinars
      • Events
      • Research Reports
      • Case Studies
      • Videos
      • Datasheets
      • eBooks
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Security Definitions
      • What is Secure Access Service Edge (SASE)
      • What is Security Service Edge (SSE)
      • What is a Cloud Access Security Broker (CASB)
      • Cyber Threat Categories and Definitions
    • For Customers
      • Support
      • Customer Success Webinars
      • Cisco Umbrella Studio
  • Trends & Threats
    • Market Trends
      • Hybrid Workforce
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
    • Security Threats
      • How to Stop Phishing Attacks
      • Malware Detection and Protection
      • Ransomware is on the Rise
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
      • Global Cyber Threat Intelligence
    •  
    • Woman connecting confidently to any device anywhere
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Person looking down at laptop. They are connecting and working securely
  • Blog
    • News & Product Posts
      • Latest Posts
      • Products & Services
      • Customer Focus
      • Feature Spotlight
    • Cybersecurity Posts
      • Security
      • Threats
      • Cybersecurity Threat Spotlight
      • Research
    •  
    • Register for a webinar - with illustration of connecting securely to the cloud
  • Contact Us
  • Umbrella Login
  • Cloudlock Login
  • Free Trial
Security

How to Evaluate SSE Vendors: Questions to Ask, Pitfalls to Avoid

Author avatar of Yuval YatskanYuval Yatskan
Updated — February 24, 2023 • 5 minute read
View blog >

As new ways of work – cloud collaboration, hybrid work models, and BYOD – have become the standard, it’s clear that new environments and approaches require new strategies and capabilities.  The early era of cybersecurity protection was built by stacking solutions like firewalls, on-premises web proxies, sandboxing, SIEMs, and endpoint security. With more people connecting from more places and more devices, it’s clear that these old, data center-centric ways of protection are leaving huge gaps in security.   

The solution to streamlining these disparate solutions and providing better security for distributed work teams using more cloud-based tools is what Gartner calls secure access service edge, or SASE. SASE describes a converged networking and security architecture that isn’t defined by appliances in a data center, but instead is comprised of integrated services delivered from the cloud.  

Where a secure access service edge approach would unite both networking and security functionality in the cloud, security service edge (SSE) is a subset of the entire SASE structure that focuses only on cloud-delivered security capabilities. 

What is security service edge (SSE)? 

An SSE framework unifies once standalone, disparate functions – secure web gateway (SWG), zero trust network access (ZTNA), firewall-as-a-service technologies, and cloud access security broker (CASB) — managing secure access to websites and apps from anywhere users are accessing them. 

Adopting an SSE framework allows teams to:

  • Simplify adoption and deployment of security policies 
  • Bypass VPNs, increasing security and reducing unauthorized access 
  • Protect all users from ransomware and other types of advanced malware 
  • Monitor and track users across your network 
  • Provide fast and dependable connectivity to the web, the cloud, and private apps 

Who is SSE for? 

Embracing an SSE strategy makes sense for organizations that need: 

  • Security that isn’t tied to a network 
  • Reduction of risk posed by gaps in disparate solutions 
  • Zero-trust access based on identity and context  
  • Consistent policy enforcement across all users, channels, applications, and devices  
  • Fast, safe digital user experience regardless of location, device, or connection 

The promise of both SSE and SASE is that they can provide cloud-delivered capabilities on a global scale, reduce cost and complexity, and increase visibility and performance. It’s a tall order and it’s important to pick the right provider to partner with. 

The best approach to evaluating an SSE vendor? Taking a balanced approach by looking at their past successes, current offers, and vision for the future.  

The past as proof 

The first thing that organizations should look for in a SSE provider is experience. Successful SSE partners will have years of experience in the security space, a wide customer base, and experience continually growing and innovating. They also have portfolios of proof and examples of past wins. 

When assessing SSE vendors, look for:  

  • Security experience and efficacy: With the explosion of cloud-based connectivity and as-a-service applications, more and more companies are creating SASE and SSE offerings. They’re trying to capitalize on the urgency of securing these new ways of working. But not all capabilities are created equal. Organizations should have a history of delivering not just security solutions, but real security results for the organizations they’ve worked with.  
  • aaS experience and track record: As-a-service software and subscriptions are the way the world works and stays connected. To stay competitive, 99% of businesses use at least one SaaS solution. That’s why the future-state vision of a full SASE offering is a subscription-based, aaS model; it’s been proven to reduce complexity and increase productivity. A SSE provider should have a history of delivering products in the aaS market.  

Questions to ask vendors 

  • Do you have case studies that showcase results from security customers?  
  • How many of your products have you been able to deliver aaS? 
  • What capabilities do you have in terms of threat intelligence and cybersecurity research?  

Considering current capabilities   

Deciding on a near-term SSE solution, of course, means considering what a vendor’s SSE capabilities are right now and how those support both your current needs and future goals.  

When assessing SSE vendors, look for:  

  • True SSE functionality: SSE is cloud-based, cloud-delivered security to truly protect the edge and handle a wider range of use cases. This helps protect and connect users no matter where they work.  
  • Open platform approach: An open, integrated platform across all devices provides better security by helping you find and fix threats faster. Plus, an open platform allows security practitioners to gain both insight and value by being able to integrate and manage existing security investments.  
  • Full-stack observability:  Full-stack observability solutions move beyond domain monitoring into full-stack visibility, insights, and actions. They transform siloed data into actionable insights that provide shared context for your IT teams. This increased context and reduced complexity offers a better digital user experience, as well as helping to prioritize which security problems to focus on as incidents arise.  
  • Robust architecture and infrastructure: The foundation of any cybersecurity organization is its architecture and infrastructure. Vendors should have a cloud architecture that supports performance, including network capacity and throughput, a history of reliability, and adaptive capabilities like automation.  

Questions to ask vendors

  • How does your solution handle integrations with third-party tools? 
  • What does support and onboarding for new clients look like, particularly as it relates to learning platform management?  
  • How frequently is your infrastructure updated to deliver new capabilities?  
  • Do you have global coverage and connectivity? 
  • How does your infrastructure avoid customer downtime?  
  • Do you leverage peering partnerships with popular SaaS vendors to reduce latency?  

Looking forward into the future 

Some organizations want to improve their security posture now, with a vision of implementing a full SASE architecture down the line. Because a SASE architecture combines both networking and security functionality, a full SASE approach requires a coordinated and cohesive integration across both network security and networking teams, so a slow rollout that starts with SSE and folds in cloud-delivered networking over time makes sense for many teams. Plus, there’s often regulatory requirements in play that drive continued on-premises deployment. 

No matter where organizations are on their SASE journey, if the journey starts with SSE, it’s important to know what a vendor’s overall SASE vision and capability is to set yourself up for security success in the future.  

When assessing SSE vendors, look for:  

  • Ability and motivation to invest: Sometimes ability to invest means a solid financial portfolio; other times it means visionary, dedicated, and creative leadership. Often, it’s both. A vendor that has a strong market position and clear strategy towards continued investment and innovation is one you can count on to support your long-term security needs.  
  • Ability to support and include the key networking elements of SASE: For organizations that have a full-scale SASE roadmap in place, it’s important to select a vendor that provides the networking functionality – especially SD-WAN – that’s key for a successful SASE transformation.   

Questions to ask vendors

  • What’s the company’s vision for further integration? 
  • What’s the total value add related to any additional integrations and expansion of current capabilities?  
  • What would a successful SASE deployment look like? 
  • What are your networking options and SD-wan capabilities?  
  • Are all core components available in a single offer? Will there be flexibility to easily transition to a unified subscription service now or in the future? 

Get started on your SSE journey

Finding the right SSE vendor is about balancing your current investments, need, and goals vs. the ambitions and projections of the future. Organizations should focus on finding a vendor that can offer them a stable SSE environment and, at the same time, be able to support future growth.   

To learn more about SSE and find out if it’s the right fit for your business, talk to a security expert today.  

Consult an expert

Learn how how Cisco Umbrella can simplify your security and protect your users in a free consultation.

Contact a security expert

Finding the right SSE vendor is about balancing your current investments, need, and goals vs. the ambitions and projections of the future. Organizations should focus on finding a vendor that can offer them a stable SSE environment and...able to support future growth.

Tweet this quote

Additional Resources

  • Contact a security expert

Suggested Blogs

  • Cisco Umbrella Delivered Better Cybersecurity and 231% ROI February 21, 2023 2 minute read
  • Cisco Listed as a Representative Vendor in Gartner® Market Guide for Single-Vendor SASE January 26, 2023 3 minute read
  • What Is a Secure Web Gateway & Why Does Your Security Stack Need One? February 1, 2022 3 minute read

Share this blog

FacebookTweetLinkedIn

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Global Cloud Architecture
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Umbrella
  • Cisco Umbrella Blog

Learn more

  • Webinars
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2023 Cisco Umbrella