hi, one does not necessarily exclude the other :)...For example - I have implemented on all our domestic ( per country ) WAN networks SD-WAN- to be more flexible with the lines and not be dependant on one provider ..but to secure my end-users we will implement the SASE solution ...like ZSCALERS, CISCO, ...etc...NGFW will use to ensure good segmentation of the network. To additionally secure your users - you can deploy SWG, some security on your sites you have with SD-WAN equipment ( level will depend on which producer you will choose - one that background is from the network or the one that the background is security :) ) - but for sure not you will not achieve the level as with SWG.
VPN - I intend to keep it only for special purposes after we deploy SASE..I hope this helps:)
Search for a product comparison in Software Defined WAN (SD-WAN) Solutions
Senior Riverbed (WAN,APM,NPM) Consultant at NetConsulting
User
Apr 28, 2021
SASE is cloud delivered architecture that provides central policy and unification of network and security services which are typically delivered by a MSP think of SASE as a cloud hub, it helps avoid the need to back haul traffic via central DC’s reducing the reliance on expensive security stacks and resources, allowing sites to go direct to internet for SaaS traffic which in turn improves performance without impacting security.
Its primary usecases are mobile working and direct internet access from branch sites, Covid has accelerated the adoption of SASE in the last year with a need to provide unified security and compliance to any user, device anywhere.
SDWAN is the transport layer to ensure the WAN performance and availability of onprem site traffic (in essence its a edge Router) that can also be used to direct traffic of intrest to the SASE cloud gateway for inspection.
SASE - Secure Access Service edge is an architecture and strategy. This is focused on Zero Trust which has a huge focus on Identity. Think about accessing your corporate applications and data anywhere, anytime, any device securely with a great experience. In that journey a technology stack supporting and enabling the SASE architecture is what you need. Look at Netskope - Okta - SentinelOne - Silverpeak (this may not be required depending on your env't). If you want to chat more let me know - neil@mis3.ca
Find out what your peers are saying about Fortinet, Cisco, Check Point Software Technologies and others in Software Defined WAN (SD-WAN) Solutions. Updated: January 2026.
SASE combines networking and security functions into a single, cloud-delivered service to support dynamic secure access needs in modern businesses.
SASE integrates capabilities like secure web gateways, firewall-as-a-service, and zero trust network access under one umbrella. This convergence helps organizations manage security policies more effectively while reducing complexity and cost. By leveraging the cloud, SASE ensures consistent security regardless of user location or device.
...
hi, one does not necessarily exclude the other :)...For example - I have implemented on all our domestic ( per country ) WAN networks SD-WAN- to be more flexible with the lines and not be dependant on one provider ..but to secure my end-users we will implement the SASE solution ...like ZSCALERS, CISCO, ...etc...NGFW will use to ensure good segmentation of the network. To additionally secure your users - you can deploy SWG, some security on your sites you have with SD-WAN equipment ( level will depend on which producer you will choose - one that background is from the network or the one that the background is security :) ) - but for sure not you will not achieve the level as with SWG.
VPN - I intend to keep it only for special purposes after we deploy SASE..I hope this helps:)
SASE is cloud delivered architecture that provides central policy and unification of network and security services which are typically delivered by a MSP think of SASE as a cloud hub, it helps avoid the need to back haul traffic via central DC’s reducing the reliance on expensive security stacks and resources, allowing sites to go direct to internet for SaaS traffic which in turn improves performance without impacting security.
Its primary usecases are mobile working and direct internet access from branch sites, Covid has accelerated the adoption of SASE in the last year with a need to provide unified security and compliance to any user, device anywhere.
SDWAN is the transport layer to ensure the WAN performance and availability of onprem site traffic (in essence its a edge Router) that can also be used to direct traffic of intrest to the SASE cloud gateway for inspection.
SASE - Secure Access Service edge is an architecture and strategy. This is focused on Zero Trust which has a huge focus on Identity. Think about accessing your corporate applications and data anywhere, anytime, any device securely with a great experience. In that journey a technology stack supporting and enabling the SASE architecture is what you need. Look at Netskope - Okta - SentinelOne - Silverpeak (this may not be required depending on your env't). If you want to chat more let me know - neil@mis3.ca