In this paper, the design and implementation choices involved in realizing the appealing model of a security cloud is considered. The focus is primarily on what analysts refer to as the Secure Services Edge (SSE), but many points are also relevant to the broader Secure Access Service Edge (SASE).