Your Ultimate Guide to SASE Vendors: Who’s the Best Fit for Mid-Sized Healthcare Business?

Posted On 1 Nov, 2023



Welcome to the insider’s guide on Secure Access Service Edge (SASE) vendors.

As businesses pivot to the cloud and remote work becomes the norm, SASE is no longer a luxury—it’s a necessity.

This article is your roadmap to understanding the four types of SASE vendors that are revolutionizing network security and why mid-sized businesses should pay attention.

We’ll deep dive into the features, scalability, and integration capabilities that these vendors offer, helping you make an informed decision.


Traditional Appliance-Based Vendors

Companies: Cisco, Fortinet, PaloAlto Network, and Forcepoint

Summary of Traditional Appliance Based Vendor Pros & Cons

The Pros

The Cons

  • Feature-rich solutions: These vendors offer a wide array of features that cover almost every aspect of network security and performance.
  • Established reputation: Being industry titans, they have a proven track record of reliability and performance.
  • Comprehensive support: With a global presence, they offer extensive customer support.
  • Unified Threat Management: These vendors often provide a one-stop-shop for all security needs, simplifying the security landscape for businesses.
  • High Availability: Traditional vendors usually offer high availability options, ensuring that your network is always up and running.
  • Cumbersome to integrate: Traditional vendors often just virtualize their existing hardware appliances for the cloud, making integration complex.
  • Often expensive for mid-size businesses: The cost structure can be prohibitive for smaller enterprises.
  • Limited cloud-native capabilities: They may lack the flexibility and scalability offered by cloud-native solutions.
  • Complexity in Deployment: These vendors often require multiple products to be deployed, increasing the complexity and need for extensive IT staff..
  • Lack of Global Connectivity: Some vendors like Fortinet lack global connectivity and SaaS optimization, which can be a significant drawback.

In-depth Analysis Of Traditional Appliance Based SASE Vendors

Traditional appliance-based vendors are the stalwarts of the industry, offering robust, feature-rich solutions.

However, the shift to the cloud is causing disruption in the network security appliance market.

To remain relevant, these vendors are transitioning their solutions to virtualized software deployed in the cloud.

This move often requires sacrificing hardware acceleration and adapting to complex security policies.

Vendor Specific Analysis of Traditional Appliance Based Vendors

Cisco Pros

Cisco Cons

  • Strong Threat Telemetry: Cisco offers robust security features.
  • Dual-Track SASE: Provides both cloud and on-premises solutions.
  • Advanced Routing Protocols: Supports traditional routing and SD-WAN on the same platform.
  • Cloud Strategy: Faces challenges in offering a comprehensive cloud strategy.
  • Complexity: Known for a steep learning curve.
  • Pricing: Less competitive pricing compared to other vendors.

Fortinet Pros

Fortinet Cons

Robust Security: Offers Security Fabric with robust Layer 24-7 security.

User-Friendly: Known for its user-friendliness and scalability.

Hardware Acceleration: Leads with hardware-accelerated SD-WAN.

Cloud Strategy: Lacks a comprehensive cloud strategy.

Global Backbone: Missing global backbone for cloud-native components.

Licensing: Yearly licensing is considered slightly high

PaloAlto Network Pros

PaloAlto Network Cons

  • Pros: Integrated SASE: Combines SD-WAN and Prisma Access.
  • Real-Time Threat Prevention: Excels in malware prevention.
  • Third-Party Integrations: Offers URL filtering and detailed analytics.
  • Cloud-Native Capabilities: Struggles with the integration of cloud-native capabilities.
  • Cost: Considered expensive with rising renewal prices.

Forcepoint Pros

Forcepoint Cons

  • Cloud-Based: Offers cloud-based SASE services.
  • Anti-Malware: Includes anti-malware features.
  • Not-All-in-One Solution: Not suitable for businesses looking for an all-in-one solution.

General Insights

Traditional vendors are at a disadvantage due to their limitations in offering truly cloud-native capabilities.


Cloud-Native Security Vendors

Companies: Zscaler, Netskope

Summary of Cloud Native Security Vendor Pros & Cons



  • Agile and Adaptable: These vendors are nimble, allowing for quick adjustments to security protocols and features. They are particularly effective in dynamic business environments where rapid changes are the norm.
  • Cost-Effective: With a pay-as-you-go model, these vendors offer financial flexibility. You only pay for the services you use, making it an economical choice for businesses of all sizes.
  • Easy to Integrate: These vendors offer seamless integration with existing cloud infrastructures, reducing the time and effort required for deployment.
  • Enhanced Visibility: Real-time monitoring capabilities provide a comprehensive view of security metrics, aiding in prompt decision-making.
  • Continuous Compliance: These vendors ensure that your cloud environment adheres to regulatory requirements, thereby reducing the risk of legal complications.
  • May Lack Some Advanced Features: While they excel in agility and cost-effectiveness, they might not offer some of the advanced security features that traditional vendors provide.
  • Vendor Lock-in Risks: Businesses may find it challenging to switch vendors due to compatibility issues or contractual obligations.
  • Complexity: The use of microservices and containers can introduce complexity, making it difficult to isolate issues and manage the security landscape.
  • Observability Data Volume: These vendors often generate a large volume of observability data, which can be overwhelming and hinder efficient problem-solving.

Vendor Specific Pros & Cons

Netskope Pros

Netskope Cons

  • CASB Leadership: Netskope excels in Cloud Access Security Broker (CASB) and data loss prevention, making it a strong player in cloud security.
  • Granular Visibility: Offers detailed insights into cloud app risk scoring, data loss protection, and more.
  • Azure Control: Particularly strong in managing Azure environments.
  • Limited SD-WAN: Lacks a private backbone crucial for high-performance SASE, relying on third-party methods for SD-WAN.
  • Complex Deployment: Netskope’s networking gaps result in a complex deployment process.
  • High Pricing: Although it offers value, Netskope is relatively expensive.

ZScaler Pros

ZScaler Cons

  • Zero Trust Exchange™: Offers cloud-native SASE, ensuring low latency and reliability
  • Real-Time Threat Detection: Provides real-time updates and customizable reporting
  • Global Reach: With 150+ data centers worldwide, Zscaler’s SASE is a game-changer in cybersecurity
  • Limited On-Premises Solutions: Zscaler lacks in providing on-premises solutions
  • Support Issues: Often requires support tickets for resolving issues, based on user feedback.
  • Complex Third-Party Integration: Users have mentioned difficulties in integrating third-party security solutions.

In-depth Analysis

In the rapidly evolving world of cybersecurity, cloud-native security vendors like Zscaler and Netskope are making waves.

They offer a range of advantages, from agility to cost-effectiveness, that make them particularly appealing for businesses already invested in cloud services.

However, they’re not a one-size-fits-all solution.

  • The agility they offer is unparalleled, especially for industries that are sensitive to market changes. But this agility comes at a cost: they may lack some of the advanced features that traditional vendors offer.
  • Moreover, the risk of vendor lock-in is a real concern, particularly for businesses that may need to switch their tech stacks or adopt multi-cloud strategies in the future.
  • The architecture of these solutions, often involving microservices and containers, can introduce complexities that require specialized skills to manage effectively. Additionally, the large volume of observability data they generate can be both a boon and a bane.

So, what’s the bottom line?

  • If you’re a business that values agility, cost-effectiveness, and is heavily invested in cloud services, these vendors could be a perfect fit.
  • However, if you require advanced features and are concerned about vendor lock-in or complexity, you might want to look elsewhere.

Would you trade off advanced features for agility and cost-effectiveness?


Ground-Up SASE Vendors

A Summary of Pros & Cons of Cato SASE, Perimeter 81



  • Purpose-built for SASE: These vendors have designed their solutions specifically for SASE, ensuring a seamless integration of networking and security features.
  • Easier to Manage: With a single, unified platform, management becomes a breeze, reducing the administrative burden.
  • Ideal for Mid-Size Businesses: These solutions are often more cost-effective and easier to deploy, making them a perfect fit for mid-sized enterprises.
  • May Lack Feature Maturity: Being relatively new, these vendors might not offer the comprehensive feature set that established vendors do.
  • Smaller Support Ecosystems: The community and third-party integrations might be limited, potentially affecting troubleshooting and customization options.

Vendor Specific Pros & Cons

Cato SASE Pros

Cato SASE Cons

  • Quick Deployment: Cato is known for its quick and easy setup, which is a boon for businesses looking to get up and running fast.
  • Cloud-Native Global Network: Offers a robust cloud-native network, enhancing global connectivity.
  • Cost-Effectiveness: Delivers savings within a year and offers flexible, permit-based pricing.
  • Security Features: Despite needing improvements, Cato is praised for its security features.
  • Complexity for Beginners: The platform can be overwhelming for those new to SASE.
  • Security Gaps: Lacks a web application firewall and needs security enhancements.

Pros of Perimeter 81

Cons of Perimeter 81

  • Feature-Rich: Offers a range of features including VPN, SD-WAN, and more.
  • Customer Service: Known for efficient and effective customer support.
  • Mobile Accessibility: Praised for its mobile-friendly interface and easy setup.
  • Strong Encryption and ZTNA: Offers robust security features like strong encryption and Zero Trust Network Access (ZTNA).
  • Complex Deployment: Particularly for hybrid environments, the setup can be complex.
  • Connectivity Issues: Users have reported issues like slow log-in and auto log-off.

Comparative Insights

  • Pricing: Both offer flexible pricing, but Perimeter 81 lacks transparency
  • ROI: Both have a positive ROI but focus on different aspects: Cato on savings and Perimeter 81 on cost minimization

So, which solution is the better fit for your organization? The answer hinges on your specific needs, whether it’s quick deployment, robust features, or customer service.

The Maverick Approach

Ground-up SASE vendors like Cato SASE Cloud and Perimeter 81 have disrupted the SASE landscape by building their platforms from scratch.

This purpose-built approach ensures that their solutions are inherently streamlined and easier to manage. For mid-sized businesses, this is a game-changer.

Why? Because it allows them to reallocate resources more efficiently, without the need for a large IT team.

The Flip Side

However, every coin has two sides.

  • These vendors may lack the feature maturity that comes with years of development and customer feedback
  • They’re still in the process of refining their offerings, which could mean fewer features compared to traditional vendors
  • Additionally, their support ecosystems are not as expansive, which could be a concern when you run into issues that require specialized expertise

Future Outlook

  • The SASE market is projected to grow to $6 billion by 2028.
  • As these vendors mature, they are likely to fill the gaps in their feature sets and support ecosystems.
  • Therefore, keeping an eye on their development could be beneficial for future planning.


Hybrid SASE Vendors

Generic Pros and Cons of Cloudflare, Versa

Cloudflare’s SASE offering, Cloudflare One, doesn’t neatly fit into the “Ground-Up SASE Vendors” category like Cato SASE or Perimeter 81. The same is the case for Versa.

Instead, both of these systems occupy a unique position that combines elements of traditional vendors and cloud-native solutions. 

Both Versa and Cloudflare, as hybrid SASE vendors, offer a range of advantages and disadvantages.

The Pros

The Cons

  • Security: Both Versa and Cloudflare prioritize security. They offer robust security features, including firewall, VPN, and threat detection, ensuring the protection of data and network integrity.
  • Scalability: These vendors are scalable, making them suitable for both small and large enterprises.
  • Ease of Deployment: Users appreciate the relatively straightforward deployment process for both solutions.
  • Hybrid Approach: Versa and Cloudflare integrate networking and security services, simplifying network management.
  • Stability Issues: Both vendors may face occasional stability problems.
  • Pricing Challenges: Cloudflare can be challenging in terms of direct purchasing and pricing, while Versa needs improvement in APIs and mobile compatibility.
  • Complex UI: Some users find Versa’s user interface complex.

Specific Vendor Pros and Cons

Versa Pros

Versa Cons

  • Flexibility: Versa FlexVNF is praised for its flexibility, allowing for easy customization.
  • Scalability: Versa is known for its scalability, making it suitable for larger organizations.
  • Advanced Configuration: It offers powerful configuration options for those who need granular control over their network.
  • Performance Issues: Some users have reported performance issues, particularly when dealing with a large number of users.
  • Customer Support: Versa’s customer support has room for improvement, according to user feedback.

Cloudflare Pros

Cloudflare Cons

  • Ease of Implementation: Cloudflare is lauded for its ease of implementation.
  • Strong Protection Features: Users appreciate its strong protection features, including DDoS protection and Zero Trust Network Access (ZTNA).
  • User-Friendly Interface: Cloudflare Access offers a user-friendly interface.
  • GUI Inconsistencies: Cloudflare’s API focus may lead to some inconsistencies in its graphical user interface.

In-Depth Insights

  • In-depth insights for both vendors can be gathered from user reviews, comparing features, pricing, service and support, ease of deployment, and ROI. 
  • While Versa offers scalability and powerful configuration, Cloudflare is praised for its security features and ease of implementation.

Recommended Company Types

Both Versa and Cloudflare’s hybrid SASE solutions are suitable for a range of companies, including:

  • Medium to Large Enterprises: Due to their scalability and flexibility, both vendors cater to medium to large enterprises that require robust security and network management.
  • Companies Focusing on Security: Organizations that prioritize security will benefit from the strong protection features offered by both vendors.
  • Those Looking for Simplified Network Management: Companies seeking to simplify network management and integrate networking and security services will find Versa and Cloudflare appealing options.

In summary, Versa and Cloudflare each have their strengths and weaknesses, making them suitable for different company profiles. 

Evaluating specific needs and priorities will help businesses choose the best-fit vendor.


What’s The SASE Vendor Verdict For Small to Mid-Sized Healthcare Businesses?

For mid-sized businesses, the SASE vendor choice should be a calculated decision based on a few key factors:

  • Single-Vendor Solution: Opt for vendors that offer an integrated suite of networking and security services. This reduces complexity and streamlines management.
  • Cloud-Native Architecture: Ensure the platform is cloud-native for flexibility and low latency. Cato SASE is highly recommended for its cloud-native architecture and global reach.
  • Zero Trust Network Access (ZTNA): This is a non-negotiable feature. It provides enhanced security by verifying every user and device trying to access the network.
  • Scalability: Given that mid-sized businesses may grow, scalability is crucial. Single-vendor SASE solutions are particularly effective for small and mid-market enterprises.
  • Budget: Mid-sized businesses should also consider cost-effective solutions. Vendors like Perimeter 81 offer advanced threat protection and are budget-friendly.
  • Future-Proofing: With the SASE market evolving rapidly, opt for vendors that are innovative and can adapt to future security needs

In summary, for a mid-sized business, a vendor like Cato SASE Cloud or Perimeter 81 could be an excellent choice given their cloud-native architecture, ZTNA capabilities, and budget-friendliness. 

Always keep an eye on the future; you’re not just buying for today but investing in your security infrastructure for the years to come.


Key Takeaways: Your Ultimate Guide to Navigating the SASE Vendor Landscape

The Landscape is Diverse, Choose Wisely

The SASE vendor landscape is a mosaic of options, each with its unique set of advantages and drawbacks. 

Traditional appliance-based vendors like Cisco and Fortinet offer feature-rich solutions but may lack cloud-native agility. 

Cloud-native vendors like Zscaler and Netskope bring flexibility and cost-effectiveness to the table but may compromise on some advanced features.

Align with Your Business Needs

Mid-sized businesses should align their specific requirements with what vendors offer. If agility and cost-effectiveness are your priorities, cloud-native vendors could be your go-to. 

However, if you’re looking for a comprehensive feature set, traditional or hybrid vendors might be more up your alley.

The Rise of Ground-Up and Hybrid Vendors

Ground-up vendors like Cato SASE Cloud and Perimeter 81 are disrupting the market with their purpose-built solutions, ideal for mid-sized businesses. 

Hybrid vendors like Cloudflare and Versa offer a balanced approach, combining the best of both worlds.

Zero Trust is Non-Negotiable

Zero Trust Network Access (ZTNA) is a must-have feature, irrespective of the vendor you choose. It adds an extra layer of security by verifying every user and device trying to access the network.

Future-Proof Your Investment

The SASE market is projected to grow to $6 billion by 2028. Opt for vendors that are innovative and can adapt to future security needs

You’re not just buying for today; you’re investing in your security infrastructure for the years to come.

Your roadmap to SASE vendors is now complete. Navigate wisely.


Looking for SASE implementation services?

At Consltek Inc., we’ve got you covered with a comprehensive range of offerings. What’s more with the partnership with Cato SASE Cloud and implementation of this at Cleveland University, at Kansas City, we have the chops to offer you Managed SASE Services for Healthcare.

  • Specialized Security Audit: We conduct specialized audits to pinpoint security gaps in your system.
  • Tailored Solutions: Our solutions are customized to fit your needs precisely, without any vendor fluff.
  • Vendor Selection: We offer unbiased vendor selection based on your unique requirements.
  • Risk Reduction: With our technical expertise, we streamline integration and minimize risks.
  • Staff Training: We provide comprehensive staff training on new systems.
  • Ongoing Support: Count on us for continuous SASE implementation support to ensure your security stays robust and up-to-date.

Trusting Consltek Inc. for your SASE implementation needs means you’ll have a reliable partner to cover all aspects of your security and efficiency requirements.

    Article by:

    Rajesh Haridas

    Rajesh Haridas is the founder and CEO of Consltek. He brings in 20+ years of experience working in the technology industry.

    Boost IT Growth In Healthcare

    Set up a no-obligation consulting session

    Case Studies

    Managed Security

    Enterprise grade security for mid-size businesses.

    Managed Infrastructure

    Infrastructure enabling you or holding you back?

    Managed Compliance

    Let Consltek help you with your compliance needs.