What is SASE?
In this article
When users and services are outside the enterprise premise, visibility and control are easily compromised.
Today's businesses are undergoing rapid digital transformation. The rise of cloud computing, edge computing and workforce mobility means that data, devices, machines, applications and services are used both inside and outside the traditional enterprise premises. Network architectures that send traffic through a centralized data center and then back out have become expensive and inefficient — impacting service availability, user performance and productivity.
Additionally, such traditional network architecture can't meet today's security and risk management requirements. When users access data from outside the enterprise premise using various devices and platforms, visibility and control are easily compromised. Not to mention, processing all the web traffic in a centralized data center can take up a tremendous amount of computing power and impact overall performance.
That's why security and risk management leaders use cloud-delivered secure access service edge (SASE) to address this shift. Here's what you need to know about SASE.
The term SASE was coined in 2019 by Gartner, which predicted that secure access service edge architecture will become the new standard for networking and security. Secure access service edge offers a worldwide fabric of network and security capabilities to connect any users, devices, applications, services and platforms from anywhere and at any time without impacting data center performance.
SASE is an approach to network architecture that combines WAN capabilities with security functions (e.g., secure web gateways, firewalls and zero-trust network access (ZTNA) delivered from the cloud by a secure access service edge vendor. The framework combines security and network connectivity technologies onto a single platform to support rapid cloud transformation.
Enterprises are adopting secure access service edge architecture for various reasons. Here are the major benefits:
- Consolidate vendors and technologies stacks to reduce complexity
- Support platform integration and data sharing to increase agility without rising risk exposure
- Support cross-domain collaboration to improve operational efficiency and business outcomes
- Improve performance with latency-optimized routing
- Enhance security by enabling network access based on the identity of the user, device and application
- Extend protection to endpoints to support a mobile workforce
- Streamline workflows and automate tasks for IT, so they can focus on strategic initiatives
- Enhance governance and regulatory compliance by combining centralized management in the cloud with distributed enforcement
SASE is ideal for companies that need to support a work-from-anywhere (WFA) workforce or distributed locations (e.g., banking, retail) and is essential for organizations undergoing rapid cloud transformation. The cloud-delivered solution, typically priced per user, is well-suited for fast-growing organizations that need a high level of scalability and the ability to add capabilities on-demand.
Secure access service edge is also ideal for organizations that need to support secure Direct Internet Access (DIA), Bring Your Own Device (BYOD) and multicloud applications using resources distributed nationally and globally — scenarios under which traditional WANs and security measures are no longer sufficient to keep up with the required levels of security, control, visibility and performance.
SASE is a nascent technology, and organizations may have to go through some trial-and-error to define a secure access service edge architecture that meets their needs. Merging networking and security can disrupt established organizational structures, posing cultural challenges that slow down secure access service edge adoption. Additionally, choosing the right vendors and navigating various offerings can be confusing and complex.
You can minimize risks and facilitate secure access service edge implementation by using technologies from trusted vendors:
- Zscaler Internet Access: This cloud-delivered security service uses multiple security techniques (e.g., SWG, cloud firewall, cloud IPS, cloud sandbox, etc.) to inspect every byte of traffic without impacting data center performance.
- Palo Alto Networks Prisma Access: Cloud-native designs provide the scalability, agility and efficacy to protect even the largest organizations from sophisticated cyber threats.
- Cisco Umbrella: This cloud security service combines DNS policy enforcement, cloud-delivered firewall (CDFW) and secure web gateway (SWG) capabilities into a single solution to provide comprehensive protection no matter where users are located.
- Netskope: Includes Cloud Access Security Broker (CASB), SWG and ZTNA built natively in a single platform.
SASE integrates networking and security into a discipline with new rules, new solutions and a new combination of technologies. To maximize your investment, purchase secure access service edge from a trusted vendor and work with a service provider with the right skill sets and expertise to support your implementation and adoption.