Jul 30 2021
Security

SASE: Sorting Fact from Fiction on This Emerging Edge Security Solution

With SASE, both solutions and underlying architecture are crucial.
by

Tanya Candia is an international management expert, specializing for more than 25 years in information security strategy and communication for public- and private-sector organizations.

Secure Access Service Edge solutions, better known as SASE solutions, have been gaining more attention lately because they can address a range of thorny problems common to remote work. Among these are latency issues due to overtaxed VPNs, remote security and managing users logging in from anywhere, on any device. Since remote work appears to be here to stay, SASE could be a big boon if it delivers on its promise. Let’s take a deeper look at SASE and what it means for business.

Fallacy: SASE Is Just an Umbrella Term for Existing Products

The term SASE was coined by Gartner in 2019 as “an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions … to support the dynamic secure access needs of digital enterprises.”

Unlike traditional products that work independently in silos, SASE describes a set of capabilities architected to work together as a new way of protecting data and access at the cloud edge. In other words, it turns the concept of the network center upside down. According to Gartner, “Instead of the security perimeter being entombed in a box at the data center edge, the perimeter is now everywhere an enterprise needs it to be — a dynamically created, policy-based secure access service edge.”

The goal of SASE is to enable secure connectivity for any user, from any device, with a consistent user experience while enforcing security policies on access.

BT Insider - Security BT Insider - Security

Fact: There Is No Industry Standard for SASE Solutions

Although many of today’s SASE solutions share similar capabilities, there is not yet an industry standard. However, there are some services common to all SASE solutions: a secure web gateway for deep inspection of web and encrypted web traffic, a cloud access security broker to ensure protected access to cloud-based applications, a zero-trust network to access Infrastructure as a Service and Platform as a Service and hosted on-premises resources, Firewall as a Service to secure web and nonweb traffic, and SD-WAN to securely connect users to applications.

Fallacy: It’s Easy to Build a SASE Solution from Individual Products

The architecture underlying SASE is vitally important. When individual products are used as the foundation for a single-tenant SASE, the result is difficult to scale. Because nonintegrated products are employed, the user experience is not consistent, thus failing to achieve one of the primary purposes of SASE. To provide all the benefits of SASE, look for a distributed offering that supports multitenancy. This will enable global and dynamic scalability based on demand.

Services should be integrated from a single vendor and should enforce effective security and threat prevention. While today such services are often provided by multiple vendors, according to Gartner, the trend is to acquire these capabilities from the same vendor: By 2023, 20 percent of enterprises are expected to do so, leading to true SASE.

Fact: SASE Is Key to Simplifying Cloud Migrations

Because it is focused on the data rather than the data center, SASE can simplify how organizations connect to and secure traffic in the cloud.

SASE consolidates services into a single platform that covers users, devices, clouds, campuses, branches and more. It can streamline the deployment, configuration and integration of technologies, as well as policy management and incident response across the organization. This leads to reduced complexity, as the IT infrastructure is simplified by minimizing the number of products that must be managed.

MORE FROM BIZTECH: Why a hybrid workforce will need different security measures.

The security stack can be consolidated into a single cloud-based model. Reduced complexity also means cost savings, with fewer products to purchase, manage, upgrade and maintain. Yet all this does not — and should not — affect performance. When the cloud plays a central role, organizations can connect to resources — applications, the internet and organizational data — wherever they are located.

Fallacy: SASE Adoption Will Happen Overnight

While the world seems to be moving in the direction of SASE and the switch to remote work has been a boon, expect the transformation to happen gradually. In fact, Gartner projects that by 2024, only 40 percent of enterprises will have explicit strategies to adopt SASE.

Today, some parts of SASE are already quite mature — for example, the secure web gateway — but others will require further development. Additional new capabilities are being explored, such as analytics and machine learning for automating functionality. It’s also true that, as with any technology, the need for cloud-delivered security may evolve into offerings with capabilities and delivery modes that go beyond today’s SASE.

All businesses must recognize that a distributed workforce, cloud-based applications and heightened user expectations for security and performance break the old networking and security models. A new framework is needed to ensure security while maintaining or improving performance and scalability.

It’s up to each individual organization to determine how far it will go down the path of this new framework, but it’s clear that change is coming.

malerapaso/Getty Images

More On

Related Articles

Close

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT

Subscribe Now