Organizations today require immediate and uninterrupted access to critical network and cloud-based resources in order to support the swift pace of digital business transformation and the rise in remote work. One of the technologies being used increasingly by businesses to address these shifts is Secure Access Service Edge (SASE). We sat down with our vice president of product management, Mike Frane, to learn more about the emergence of SASE and why it matters.
Q: Let's start with some background. What is SASE?
Mike: SASE is an emerging cloud-native security framework enabling secure and fast cloud adoption, ensuring both users and devices have secure cloud access to applications, data and services at any location. SASE consists of a fabric of intertwined network and security technologies that protect an organization’s data and systems from unwanted access. The architecture interlaces into an ecosystem of “Network as a Service” and “Network Security as a Service,” resulting in a unified connectivity experience that is ubiquitously available anywhere and anytime.
Q: Where did SASE come from?
Mike: Gartner coined the term SASE in 2019. The emergence of SASE is rooted in the rise of the adoption of cloud computing and distributed organizations and their accompanying workforce. It enables remote workers to gain full access to designated company applications and resources while offering a much simpler secure connectivity model for cloud-first enterprises, bringing security functions wherever they’re needed.
Q: What are the key components of a true SASE architecture?
Mike: SASE is still in its infancy and the definition is still very fluid. In general, the core elements of SASE include Firewall as a Service (FWaaS), Intrusion Prevention Systems (IPS), Secure Web Gateways (SWG) and Zero Trust Network Access (ZTNA). In 2020, Gartner also stated other SASE capabilities including Cloud Access Security Brokers (CASB), sandboxing, Web Application and API Protection (WAAP), Remote Browser Isolation (RBI), recursive DNS and traditional VPN.
Q: Why does SASE exist?
Mike: Digital transformation is driving the need for SASE. In order to fully understand why it exists, we need to look back. Within the last decade, there was a wave of organizations planning and executing new digital transformation strategies. Most of these strategies incorporated increasing public cloud investments and building their new applications as cloud-native apps (although security budgets were distributed between existing on-premises infrastructure and cloud). More recent disruptions have seriously impacted organizations and entire supply chains around the world, including the rise in “work from anywhere” demands and the need for additional cloud-based security.
Q: So, why does it matter?
Mike: SASE is solving two fundamental problems in the current technology stack used by many companies: visibility and control. To inspect traffic we need to see it. To see it, we need to be in the path of the traffic. Most of the technology and products that we use today were built to extend our visibility so we will be in a position to control. Now imagine if we had total visibility and control within a single platform. This is a unique attribute of SASE: its cloud-first architecture is uniquely positioned to intercept, inspect, secure and optimize all traffic.
Expanding on that, Gartner has estimated that the SASE market would swell to $11 billion by 2024,1 which goes to further demonstrate the urgent need for flexible “anytime, anywhere” solutions that can deliver safer Secure Remote Access (SRA) capabilities at scale using next generation ZTNA technology. As networking and security becomes increasingly more complex within this new environment, organizations are turning to technologies like SD-WAN and now SASE to enable speedier and more agile digital business transformations and workforce mobility.
Q: What are the benefits of SASE?
Mike: SASE brings several benefits to organizations including simplified security deployment, increased security and along with SD-WAN appropriate bandwidth allocation on a per-application basis. Because it’s a cloud service, SASE is scalable by design, making it a viable and welcome option during rapidly changing times. The combined capabilities provided by SASE simplify the otherwise complex architecture that would result from a vast collection of point security and networking solutions. This reduces complexity, improves performance and can also lower latency.
Other benefits include device consolidation and lower operational overhead. Because SASE providers run and maintain the security engines, IT is freed from the constant updating, patching and scaling of appliances.
Q: What are SASE use cases?
Mike: Here are some use cases to consider:
- Mobile professionals using coffee shop WiFi still need access to corporate resources. SASE can provide access to applications and data while minimizing public WiFi threats.
- Work-from-home scenarios in which family members are sharing computers and other devices. SASE can help control access to applications and resources.
- Office sharing changes the context of who is accessing which resources from where. SASE can adapt permissions based on context and monitor users’ behavior.
- Branch offices can take advantage of an enterprise resource rather than using dedicated on-premises solutions. At the same time, they can benefit from local broadband access bandwidth.
- Enterprises needing better and more secure traffic management as they rely more on cloud computing for workforce productivity.
- Enterprises needing simplified and convenient visibility and management of the network and security investments.
Q: I’m considering SASE. What questions should I be asking vendors during the consideration phase?
Mike: Here are some questions you should be asking during your search:
- Will your SASE solution supplement or supplant my SD-WAN deployment?
- Can I manage the SASE from a single pane of glass?
- Who is responsible for installing, monitoring and maintaining the service?
- Can I easily migrate my legacy MPLS and other WAN networks to this service?
- What will the experience be for my work-from-home and mobile users?
Read our white paper with VMware to learn more about the emergence of SASE, how it enables secure network access capabilities, and how when delivered with SD-WAN it offers organizations the most flexible and reliable security in the cloud.
- Gartner, “Forecast Analysis: Gartner’s Initial Secure Access Service Edge Forecast.” Joe Skorpa and Nate Smith. August 26, 2020.
The post Why SASE: A Q&A exploring the emerging framework transforming enterprise network security appeared first on Windstream Enterprise.
About the AuthorFollow on Linkedin More Content by Mike Frane