5 minute read time
SASE and its 5 components
Secure Access Service Edge (SASE)
An emerging “as a Service” network and security framework for enterprises that is meant to enable secure and reliable access to cloud-based assets. SASE is more than a single technology: It’s a layered, interwoven fabric of network and security technologies that work together to protect an organization’s data and systems from unwanted access.
Through its five components, including SD-WAN, FWaaS, SWG, ZTNA and CASB, SASE dynamically extends the edge of the private network right up to multiple clouds (such as AWS, Azure and Google Cloud Platform) and to popular SaaS applications. For end users, this provides a virtual on-ramp to those cloud providers’ services.
Software-Defined Wide-Area Networking (SD-WAN)
As the first of the 5 components of SASE, SD-WAN is the solid foundation that SASE is built upon. Intertwined with software intelligence that enables optimal WAN management.
SASE leverages SD-WAN capabilities to provide optimized application performance, network routing, global connectivity, WAN and Internet security, cloud acceleration and remote access. SD-WAN also provides an ideal platform to secure unified communications applications including voice, video and chat.
Firewall as a Service (FWaaS)
FWaaS is the second component of SASE, and is a new type of next-generation firewall that eliminates the appliance form factor, making network security capabilities such as URL filtering, Intrusion Prevention System (IPS), Next-Generation Anti-Malware (NGAM) and Managed Detection & Response (MDR) available everywhere.
Secure Web Gateway (SWG)
The third component of SASE is SWG, which are solutions that protect users against malware, phishing and other web-borne threats. SASE offers SWG protection to all users, at all locations and eliminates the need to maintain policies across multiple point solutions.
Zero Trust Network Access (ZTNA)
The fourth component of SASE is ZTNA, which offers a modern approach to securing application access for users replacing legacy VPN. It embraces a zero-trust policy, where application access dynamically adjusts based on user identity, location, device type and more.
Cloud Access Security Broker (CASB)
The fifth and final component of SASE is CASB, which helps enterprises adapt and protect against new threats that come with cloud computing like when connecting to IaaS and SaaS. CASB applies security policies as users access cloud-based resources to protect against cloud security risks, comply with data privacy regulations and enforce corporate security policies.