Secure Access Service Edge (SASE, commonly pronounced as “sassy”) is an emerging new cybersecurity concept that was coined by global research leaders Gartner in 2019. It refers to a new offering that simplifies Wide Area Networking (WAN) and enterprise security by integrating both into a unified cloud service. The official definition of SASE from Gartner is:
“The secure access service edge is an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS and ZTNA) to support the dynamic secure access needs of digital enterprises.”
How SASE works?
SASE overhauls the existing data centre-oriented security approach and offers a new framework for the digitally transformed modern workplace. The exponential increase of remote mobility, a trend which will be further exacerbated by the ongoing COVID-19 crisis, and applications which offer Software as a Service (SaaS) have led to a substantial increase in data moving from data centres to cloud services.
Fundamentally, SASE converges WAN and network security services like CASB, FWaaS and Zero Trust into a single cloud-based model. In a traditional network security model, cloud security combines an array of disparate controls which can increase organizational costs and lead to low efficiency. Gartner states, “SASE capabilities are delivered as a service-based model upon the identity of the entity, real-time context, enterprise security/compliance policies and continuous assessment of risk/trust throughout the sessions. Identities of entities can be associated with people, groups of people (branch offices), devices, applications, services, IoT systems or edge computing locations”.
SASE offers some major key benefits to reinforce network security. They include:
A Zero Trust model
We have spoken about the Zero Trust model in earlier articles which refers to the dissolution of the perimeter and inspection of all network traffic. The Secure Access Service Edge (SASE) solution enables a Zero Trust approach to network security by removing all sorts of trust assumptions and providing complete session protection.
SASE combines multiple security solutions into one consolidated offering. Enterprises, hence do not have to pay multiple vendors for different solutions. This has a significant effect in reducing overhead costs.
The SASE approach allows an enterprise to implement a centralized policy across all endpoints. This allows the application of a consistent set of policies across the enterprise network regardless of access points.
Apart from reduced costs, a fewer number of solutions for network security makes the process simpler across the organization. Employees no longer have to navigate several multiple security solutions having myriad ways of access control – they only have to use a single SASE solution which helps in increasing productivity and efficiency.
The benefit of a cloud-based infrastructure means that an enterprise can be flexible and can move faster while managing threats. Security services such as threat prevention, web filtering, sandboxing, DNS security, credential theft prevention, data loss prevention, firewall policies can be delivered seamlessly through the cloud.
The adoption of SASE solutions will continue to evolve as digitally transformed modern workplaces increasingly turn to cloud-based solutions. The next decade is likely to see a major uptick in the adoption of SASE across sectors.