SASE (Secure Access Service Edge) is an emerging WAN model coined by Gartner in The Future of Network Security is in the Cloud that delivers network and security capabilities including SD-WAN, ZTNA, FWaaS, secure web gateway and CASB as services to protect connected entities with a zero-trust security model. Simply put Gartner says “The enterprise perimeter is no longer a location; it is a set of dynamic edge capabilities delivered when needed as a service from the cloud.”
It is an undeniable trend that workers are more mobile and applications are now delivered as software as a service (SaaS). Traditional network security models of backhauling traffic from branch offices and remote workers to the enterprise data center, where the Internet egress point was typically located, adds latency and results in a poor user experience.
Gartner defines SASE as “SASE capabilities are delivered as a service based upon the identity of the entity, real-time context, enterprise security/ compliance policies and continuous assessment of risk/trust throughout the sessions. Identities of entities can be associated with people, groups of people (branch offices), devices, applications, services, IoT systems or edge computing locations.”
SASE describes a change in architectural principles that moves away from a traditional enterprise delivery model to a decentralized cloud-delivery model.
The connected experience of remote entities such as people, devices, branch offices, applications, services, IoT systems and edge computing locations is greatly improved when connected via a single, global and cloud-centric solution.
Likewise, security can be consolidated to enforce user and device role-based access controls and continually assess risk and compliance-based upon real-time context throughout the duration of the connected session.
Companies are able to deliver services faster than it takes to provision similar physical systems and can scale up and down as services are needed. Companies also see an OPEX savings when the management of networking and security services is brought together under one umbrella.
Adopting a SASE framework has many advantages for today’s businesses.
Reduced Complexity: Numerous security capabilities can be combined including branch FWaaS, Secure Web Gateway, ZTNA, CASB and advanced threat prevention capabilities such as sandboxing, to name a few.
The ability to customize security settings and operational needs enables companies to create an architecture that meets their current and evolving business needs. Gartner says the following are the core capabilities of SASE and this includes the identification of sensitive data and malware and the ability to encrypt/decrypt content at line speed.
Nice to have or recommended are web application and API protection (WAAP), remote browser protection, recursive DNS, network sandbox, API-based access to SaaS for data context, and support for managed and unmanaged devices.
SD-WAN – Optimize access to the corporate data center, the Internet and cloud applications by finding the optimal path and circuit using software-defined WAN (SD-WAN) technologies which significantly improves the overall user experience. Routing, dynamic path selection and latency optimization are all essential networking features of SD-WAN
When looking to adopt a SASE architecture for your company, there are several benefits to consider including: attaining cloud-centric technology, reducing the operational burden and cost, as well as improving security and reducing threats. To learn more about how SASE can benefit your business, contact Check Point today to explore secure internet access or secure remote access services. Our security experts can help you explore your options and take steps towards attaining a more robust cloud-based security infrastructure.