SASE, which stands for secure access service edge and is pronounced “sassy,” is not one single technology. Instead, it’s a framework identified by Gartner as the way to securely connect entities such as users and machines to applications and services when their locations may be anywhere. In its 2019 report, The Future of Network Security is in the Cloud, Gartner defines SASE as a solution that offers “comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS, and ZTNA) to support the dynamic secure access needs of digital enterprises.”
While it’s true that SASE has received a lot of attention from vendors and media focused on networking and security, we believe that the main principle behind the SASE framework is what makes it so compelling. This principle—that network and security architectures focused on the data center have become ineffective—isn’t simply a trend or marketing catchphrase, as it has been broadly accepted in the industry. So, what does SASE offer that makes it so different from the “traditional” enterprise network security that connects offices via private networks and creates a secure perimeter to prevent intruders from infiltrating the network (and blocks data from leaking out)?
As Gartner pointed out in its report, traditional models in which connectivity and security have been focused on the data center need to shift to focusing on the identity of the user and device. That’s because, according to the report, “In a modern cloud-centric digital business, users, devices and the applications they require secure access to are everywhere.” Today’s workflows and traffic patterns bear little resemblance to those that existed when hub-and-spoke networks were conceived, and secure perimeters were developed to protect them. Here’s why:
How can an enterprise enforce access controls and security while facing these common realities? That’s where SASE comes in, offering significant benefits to organizations that are taking advantage of cloud, mobility, and other aspects of digital transformation. Here are three of those benefits:
To enable secure access to cloud applications and protect mobile users, organizations have been forced to add a range of services in an attempt to close gaps in their security, adding significant costs and management overhead. But even with these reinforcements, the network security model is simply ineffective in a digital world. Instead of trying to use a legacy concept to solve a modern problem, SASE flips the security model. Instead of focusing on a secure perimeter, SASE focuses on the entities, such as users, and pushes security as close to the entity as possible. Based on an organization’s defined business rules, SASE dynamically allows or denies connections to applications and services.
When users were on the network and applications and infrastructure were owned and managed by IT, it was easy to control and predict user experience. But even with applications distributed across multiple clouds, enterprises continue to use the old VPN model for connecting the user to a network for security. SASE calls for security to be enforced close to the user—instead of sending the user to the security it sends security to the user. SASE intelligently manages connections at the internet exchanges and optimizes connections to cloud applications and services to ensure low latency.
SASE as a cloud service is designed to address the unique challenges of risk in the new reality of users and applications being so widely distributed. By defining security as a function built into the very fabric of the model and not a function that’s separated from the connectivity of services, it ensures that all connections are inspected and secured, no matter where users are connecting, what apps they are accessing, or any encryption that may be used.
Digital business transformation has ushered in a demand for greater agility and scalability. Companies are finding that they need to provide consistent and secure, globally available access to applications and services, regardless of where users—whether they’re employees, customers, or partners—are located or what devices they are using. SASE offers enterprises an entirely new model for connecting users and devices that is fast and flexible, simpler and more secure. We believe SASE will provide the speed and agility needed for enterprises to transform to the digital future.