Secure Access Service Edge (SASE), also known as “sassy,” is a concept that was introduced by Gartner in two market research reports. It aims to address the increasing cybersecurity threats and the changing network traffic patterns faced by enterprises today. In the past, organizations relied on a secure perimeter and open internal access to protect their systems. However, with the rise of malware and spear phishing attacks, the traditional secure perimeter is no longer sufficient.
The network edge has expanded to wherever employees are located when connecting to the enterprise network, whether it’s at home, a coffee shop, or even on vacation. Additionally, applications have shifted from corporate data centers to cloud and software-as-a-service (SaaS) providers. This means that the network and security systems need to adapt to these new traffic patterns.
SASE envisions a new approach to network security that integrates IT security with network connectivity at the point of access. It eliminates the traditional secure perimeter and replaces it with integrated security across the network. Endpoints connect to cloud-based SASE analysis instances, which provide the necessary security services. Permitted and safe network traffic is then forwarded to its intended destination, whether it’s a cloud or SaaS application. Optimum routing and quality of service (QoS) ensure that traffic is efficiently routed to applications in the corporate data center.
There are several key benefits to implementing SASE. Firstly, SASE doesn’t care where applications live. Whether they are in a corporate data center, private or public cloud, or a SaaS offering, SASE’s distributed architecture allows for the security functions to be performed near the end user, while simplifying connectivity to the applications.
Secondly, centralized, dynamic, role-based policies streamline operations. Security policies can be centrally managed and dynamically applied based on the role of the connecting entity. This is particularly useful for managing the security of devices that are traditionally difficult to secure, such as IoT devices and medical devices. Remote browser isolation and protections for IoT hardware help prevent malware infections and device hijacking.
Thirdly, integrated security and routing are key features of SASE. Several security functions, such as DNS reputation, zero-trust network access, data loss prevention, malware protection, and more, are integrated into one system. This reduces the complexity of deploying comprehensive security functionality and enables staff to be more productive. Additionally, the integration with routing ensures that traffic is secure and properly routed over the desired links.
Fourthly, SASE can help reduce WAN costs. By leveraging VPN connectivity over the public internet and WAN optimization technologies, organizations can reduce or eliminate the need for expensive MPLS and leased circuits. Cloud-based SASE implementations can further optimize traffic flows by taking advantage of redundant and highly reliable cloud connectivity to major SaaS vendors.
Lastly, SASE relies on a distributed architecture with centralized management. This provides operational efficiencies and resilience, particularly in the face of denial-of-service attacks. It also eliminates the need for traffic tromboning, where traffic is routed into and out of a data center just to transit the security systems.
However, implementing SASE may come with challenges. The tight integration of networking and security may require a significant culture change in organizations that have independent security and networking teams. Gartner recommends that SASE be driven by a CIO-level executive to ensure collaboration between the two teams.
It’s important to note that SASE is not a specific product or a compliance directive. It is a guiding principle or framework that organizations can use to enhance their network security. As with any technology, organizations should carefully evaluate the capabilities of SASE, match them with their specific requirements, and choose vendors based on their analysis.
In conclusion, SASE offers a new approach to network security that addresses the challenges posed by changing network traffic patterns and increasing cybersecurity threats. By integrating IT security with network connectivity at the point of access, SASE provides a more efficient and effective way to protect organizations’ systems and data.