Before going into the details of SASE, it is important to understand a little of the background of this new term. Existing network approaches and technologies simply no longer provide the levels of security and access control needed by digital organizations. These organizations demand immediate and uninterrupted access for their users, no matter where they are located. With the rise of remote users and software-as-a-service (SaaS) applications, data moving from the data center to cloud services, and increased traffic going to public cloud services and data center branch offices, the need for a new approach to network security has increased.
What is SASE?
SASE is the combination of WAN capabilities with cloud-native security features, such as Secure Web Gateways, ClouBrokers (d Access Security CASB), Intrusion-Prevention Systems (IPS), Firewall-as-a-Service and Zero-Trust. In other words, a globally distributed, identity-based network and security platform, delivered as a service and securely connecting all perimeters: WAN, cloud, mobile and even IoT. Its ability to securely serve people, multiple offices, devices, applications and EDGE reduces complexity and facilitates the work of IT operators in a context of accelerated mobility and remote work.
What does a SASE architecture look like?
Secure Access Service Edge, or SASE, unifies network and security services in a cloud-based architecture to protect users, applications and data everywhere. Since users and applications are no longer on a corporate network, security measures cannot rely on conventional hardware appliances at the network perimeter. Instead, SASE guarantees to offer the necessary network and security as cloud-based services. If done correctly, a SASE model eliminates perimeter-based appliances and legacy solutions. Instead of delivering traffic to an appliance for security, users connect to the SASE cloud service to use applications and data securely with consistent enforcement of security policies.
SASE incorporates the following technologies
A SASE architecture is capable of identifying users and devices, applying policy-based security controls and providing secure access to the right applications and data. SASE provides secure access regardless of the location of users, data, applications or devices.
- Cloud-native microservices in a single platform architecture
- Ability to inspect SSL/TLS encrypted traffic at cloud scale
- In-line proxy support for decoding web and cloud traffic (NG SWG)
- Firewall and intrusion protection for all ports and protocols (FWaaS)
- Integration with Cloud Managed Services API for data at rest (CASB)
- Continuous Security Assessment of IaaS for Public Cloud (CSPM)
- Advanced Data Protection for Data in Transit and Data at Rest (DLP)
- Advanced threat protection, e.g. AI/machine learning, UEBA, isolated environments, etc. (ATP)
- Shared use of threat intelligence and integration with EPP/EDR, SIEM and SOAR
- Software-defined perimeter, with Zero Trust access to the network, replacing legacy VPNs (SDP, ZTNA)
- Protection of remote offices or branch offices, including support for branch network initiatives such as SD-WANs
- Carrier-grade hyperscale network infrastructure with POP for global presence
Advantages of SASE
- Flexibility: Allows direct access to the network or direct access to the cloud from anywhere, compared to traditional hairpinning back to the data center.
- Cost savings: Eliminates fixed asset investments (CapEx) for local infrastructure and offers lower and predictable OpEx thanks to its security-as-a-service model.
- Reduced complexity: Allows organizations to shift their security staff from device management to policy-based security services; also, unified policy enforcement simplifies security operations.
- Increased performance: Improves and accelerates access to Internet resources through a global network infrastructure optimized for low latency, high capacity and availability.
- Zero Trust Network Access: Provides secure, contextual access to private applications in public/private clouds.
- Threat Protection: Stops web and cloud attacks such as cloud phishing, malware, ransomware and malicious insiders.
- Data protection: Protects data wherever it goes, inside and outside the organization, including public clouds, as well as between personal and enterprise instances in cloud applications.
Gartner sees SASE as a vision of a future model of secure networks that enterprises strive toward; it is not currently a reality for any vendor.
DO YOU HAVE ANY ADVICE ABOUT SASE? IF SO, FEEL FREE TO LET US KNOW BELOW IN THE COMMENTS.