Skip to main content
Tech Radar
  • Tech Radar Pro
  • Tech Radar Gaming
Tech Radar Pro TechRadar IT Insights for Business
Subscribe
RSS
(opens in new tab) (opens in new tab) (opens in new tab) (opens in new tab)
Asia
flag of Singapore
Singapore
Europe
flag of Danmark
Danmark
flag of Suomi
Suomi
flag of Norge
Norge
flag of Sverige
Sverige
flag of UK
UK
flag of Italia
Italia
flag of Nederland
Nederland
flag of België (Nederlands)
België (Nederlands)
flag of France
France
flag of Deutschland
Deutschland
flag of España
España
North America
flag of US (English)
US (English)
flag of Canada
Canada
flag of México
México
Australasia
flag of Australia
Australia
flag of New Zealand
New Zealand
Technology Magazines
(opens in new tab)
Technology Magazines (opens in new tab)
Why subscribe?
  • The best tech tutorials and in-depth reviews
  • Try a single issue or save on a subscription
  • Issues delivered straight to your door or device
From$12.99
(opens in new tab)
View Deal (opens in new tab)
  • News
  • Reviews
  • Features
  • Opinions
  • Website builders
  • Web hosting
  • Security
Trending
  • Best standing desk deals
  • Best cloud storage 2023
  • Everything you need to WFH
  • What is Microsoft Teams?
  • Windows 11 for business

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

  1. Home
  2. Versus
  3. Computing
Supported (opens in new tab)

SASE vs SSE: What are the differences?

By Richard Sutherland

How SSE fits into the SASE model

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)

SASE (Secure Access Service Edge) is a term conceived by technological research and consulting firm Gartner in 2019. It refers to cloud vendors that can supply network service brokering, identity service brokering, and security as a service, all in a single package. 

Because there are relatively few full SASE vendors (opens in new tab), in 2021 Gartner introduced a new term: SSE (Security Service Edge). This is a subset of SASE services that focuses mainly on the security access of SASE. 

In this guide, we’ll explore SASE vs SSE further, defining the key differences between both terms.

Perimeter 81 is one of TechRadar's choices for the best SSE providers (opens in new tab)

Perimeter 81 is one of TechRadar's choices for the best SSE providers (opens in new tab)
Leap into the future of cloud networking and discover why organizations like yours are rapidly embracing SSE as part of their long-term security strategy plan. Get all the benefits of ZTNA, FWaaS, SWG, and CASB without the extra costs. Complete cloud security. No hardware hassle. Get your free SSE for Superheroes eBook here (opens in new tab).

View Deal (opens in new tab)

SASE vs SSE: Features

Before the Covid-19 pandemic, most companies’ network traffic was internal, and only a small portion was external, but this was flipped on its head virtually overnight. The old model of tunneling remote workers’ traffic through VPNs (virtual private networks (opens in new tab)) scaled poorly with the increased amount of traffic. The complexity of getting all systems to work together was mind-boggling, and securing such a system was a technical nightmare. 

Moving networking and security to the cloud was a logical step for many companies. Gartner suggested this would be best accomplished by choosing a vendor that could provide a broad set of cloud features under one roof. Gartner called this a SASE vendor (generally pronounced “sassy”). 

A SASE vendor combines a cloud access security broker (opens in new tab) (CASB), zero-trust network access (opens in new tab) (ZTNA), secure web gateway (opens in new tab) (SWG), firewall as a service (opens in new tab) (FWaaS), and integrated software-defined wide area network (opens in new tab) (SD-WAN) into a single one-size-fits-all solution.

Many of the important providers in the security industry don’t supply all of these services. In late 2021, Gartner defined a subset of SASE as SSE. This dropped almost all the networking requirements from the equation. SSE unifies all the security services, including SWG, CASB, and ZTNA, but it doesn’t include the WAN edge slice such as SD-WAN, QoS (Quality of Service), and WAN optimization (opens in new tab).

SASE vs SSE: Security

As SSE is the subset of SASE functions with a focus on security, both SSE and SASE vendors offer comparable security features. 

SSE and SASE vendors offer SWG (opens in new tab), which prevents unsecured internet traffic from entering your internal networks by filtering internet-bound traffic. SSE and SASE providers typically work on a ZTNA (opens in new tab) model, meaning no user or device is trusted without first authenticating with a trust broker service. The trust broker only grants access to entities if you supply the right credentials, and if the context in which access is requested is valid. And instead of gaining permission to use specific networks, you get permission to use specific applications.

SSE and SASE both include a CASB (opens in new tab) that acts as an intermediary between users and cloud services. This monitors and enforces security policies.

SASE vs SSE: Software-defined networking

Where SASE and SSE providers differ is in the WAN edge services they offer. Perhaps most importantly, SSE alone doesn’t provide SD-WAN. One of the major pillars of SASE is this type of software-defined networking, which emphasizes brokering connections from branch offices and remote locations through the cloud.

SD-WAN enhances or replaces traditional routers to create a virtual WAN that has a centralized control function. This intelligently directs traffic across the internet to trusted SaaS (Software as a Service (opens in new tab)) and IaaS (Infrastructure as a Service (opens in new tab)) providers. Full-stack SASE providers can offer you this feature, whereas SSE-only providers cannot.

SASE vs SSE: Network optimization

SSE also doesn’t make any provision for network optimization, QoS, routing, or SaaS acceleration. Where SASE vendors can include software and hardware solutions that speed up and control the flow of traffic between an organization’s data centers, remote workers, SaaS services, and IaaS services, SSE-only providers don’t.

SASE vs SSE: Performance

SSE and SASE can offer better performance than traditional methods of connecting to company resources, such as the use of VPNs. 

Previously, all remote users would connect through a single tunnel to the company data center, making for expensive and slow data connections. Moving security services to the cloud means remote users can authenticate with CASB through a ZTNA model before using applications hosted on the cloud. This is less expensive and more scalable, and speeds can be orders of magnitude faster.

Comparing SSE and SASE in performance, companies with multiple branch offices can potentially greatly benefit from the SD-WAN services SASE provides. The WAN optimization features can make the use of unreliable networks less of an issue (for example, as automatic QoS and routing can switch between different networks on the fly, and reroute network traffic over the most optimal route).

SASE vs SSE: Support

SASE and SSE providers can offer you comparable levels of support when it comes to SWGs, CASBs, ZTBA, FWaaS, and RBI (remote browser isolation). For many companies, these are the most important features for enabling people to securely work from any location.

SASE providers can offer support on WAN edge services too, from SD-WAN and routing to SaaS acceleration and content delivery caching. If you also need these features, integrating security and networking with a SASE provider (opens in new tab) could be the most efficient and straightforward way to modernize your WAN.

SASE vs SSE: Verdict

SASE and SSE are relatively new terms in the security industry, and debate continues about their respective relevance and importance for the future of cloud-based services. 

In summary, SSE-only vendors provide cloud infrastructure services with a focus on security services, whereas SASE vendors provide WAN optimization and routing services on top of those cloud security services.

For most companies, implementing SSE features is a priority, and these can be less expensive to deploy in the short term than a full SASE solution. On the other hand, having all services provided by one vendor (as with the full SASE model) does make for a superbly straightforward, scalable, and versatile solution.

TechRadar created this content as part of a paid partnership with Perimeter 81. The contents of this article are entirely independent and solely reflect the editorial opinion of TechRadar.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

By submitting your information you agree to the Terms & Conditions (opens in new tab) and Privacy Policy (opens in new tab) and are aged 16 or over.
Richard Sutherland
Richard Sutherland
Social Links Navigation

Richard brings over 20 years of website development, SEO, and marketing to the table. A graduate in Computer Science, Richard has lectured in Java programming and has built software for companies including Samsung and ASDA. Now, he writes for TechRadar, Tom's Guide, PC Gamer, and Creative Bloq.

  1. arm reaching outside laptop aiming blowhorn at man
    1
    5 mistakes to avoid with your gaming laptop
  2. 2
    Marvel has already learned a big lesson from James Gunn's new-look DCU
  3. 3
    Hulu and Disney Plus will make streaming movie history in June – and it's about time
  4. 4
    Klipsch’s 16-in subwoofer beast takes aim at the Sonos Sub to score a low end win
  5. 5
    ChatGPT outage: what happened, when it returned, and more
  1. Vecna stares directly into the camera in Stranger Things season 4
    1
    Stranger Things season 5 is about to hit the big Marvel and Star Wars problem
  2. 2
    10 things you didn't know Google Maps could do
  3. 3
    Marvel has already learned a big lesson from James Gunn's new-look DCU
  4. 4
    How to get a domain name for free
  5. 5
    Hulu and Disney Plus will make streaming movie history in June – and it's about time
Technology Magazines
(opens in new tab)
  • ●
Technology Magazines (opens in new tab)
  • The best tech tutorials and in-depth reviews
From$12.99
(opens in new tab)
View Deal (opens in new tab)

TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site (opens in new tab).

  • About Us (opens in new tab)
  • Contact Us (opens in new tab)
  • Terms and conditions (opens in new tab)
  • Privacy policy (opens in new tab)
  • Cookies policy (opens in new tab)
  • Advertise with us (opens in new tab)
  • Web notifications (opens in new tab)
  • Accessibility Statement
  • Careers (opens in new tab)

© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.