What Is SASE?
Secure access service edge, or SASE (pronounced “sassy”), is an emerging cybersecurity concept that Gartner first described in the August 2019 report The Future of Network Security in the Cloud and expanded upon in their 2021 Strategic Roadmap for SASE Convergence.
Before diving into the specifics of SASE, it’s important to understand a bit of background on this new term. Existing network approaches and technologies simply no longer provide the levels of security and access control digital organizations need. These organizations demand immediate, uninterrupted access for their users, no matter where they are located. With an increase in remote users and software-as-a-service (SaaS) applications, data moving from the data center to cloud services, and more traffic going to public cloud services and branch offices than back to the data center, the need for a new approach for network security has risen.
SASE is the convergence of wide area networking, or WAN, and network security services like CASB, FWaaS and Zero Trust, into a single, cloud-delivered service model. According to Gartner, “SASE capabilities are delivered as a service based upon the identity of the entity, real-time context, enterprise security/compliance policies and continuous assessment of risk/trust throughout the sessions. Identities of entities can be associated with people, groups of people (branch offices), devices, applications, services, IoT systems or edge computing locations.”
Gartner expects that, “by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.” A SASE architecture identifies users and devices, applies policy-based security, and delivers secure access to the appropriate application or data. This approach allows organizations to apply secure access no matter where their users, applications or devices are located.
The SASE security model can help your organization in several ways:
Flexibility: With a cloud-based infrastructure, you can implement and deliver security services such as threat prevention, web filtering, sandboxing, DNS security, credential theft prevention, data loss prevention and next-generation firewall policies.
Cost savings: Instead of buying and managing multiple point products, utilizing a single platform will dramatically reduce your costs and IT resources.
Reduced complexity: You can simplify your IT infrastructure by minimizing the number of security products your IT team has to manage, update and maintain, consolidating your security stack into a cloud-based network security service model.
Increased performance: With a cloud infrastructure, you can easily connect to wherever resources are located. Access to apps, the internet and corporate data is available globally.
Zero Trust: A Zero Trust approach to the cloud removes trust assumptions when users, devices and applications connect. A SASE solution will provide complete session protection, regardless of whether a user is on or off the corporate network.
Threat prevention: With full content inspection integrated into a SASE solution, you benefit from more security and visibility into your network.
Data protection: Implementing data protection policies within a SASE framework helps prevent unauthorized access and abuse of sensitive data.