What is SASE
What is SASE
Gartner in August 2019 published a report on new innovative technology related to Security was – SASE, called as Secure Access Service Edge. After the report, some of the vendors like SD-WAN Vendors, Network Security vendors and some others, by August 2020, started developing and selling SASE Services.
As there was no such standard and best practice available, so vendors were not very consistent on what SASE should and cloud be.
SASE – Secure Access Service Edge is an offering that combines WAN capabilities, with integrated network security function like SWG (Secure Web gateways), FWaaS (FW as a Service) , ZTNA ( Zero Trust network access ), CASB ( Cloud access Security brokers) to support dynamic secure access need of dynamic enterprise.
SASE is mostly Cloud- based approach to secure WAN. Using SASE, A network perimeter has been extended to provide security anywhere a network user is located. SASE can be used to secure a single or isolated user by putting security agents on his/her device.
Some vendors like palo-Alto use ASW and GCP and Zscaler providing SASE solutions more efficiently.
SASE is divided in to two segments: Secure Access + Service Edge, let’s talk about each one separately.
Secure Access: In this Access privilege are enforces by policies based on user identities. Policies are based on location the user or group’s traffic is coming from, the time of day, the risk/trust assessment of the user’s device, and the sensitivity of the application or data being accessed.
For Secure Access, secure web gateways (SWGs), cloud access security brokers (CASBs), firewalls, and zero-trust network access Solution are being currently used.
Service Edge: In order to provide End-to-End Security like Threat prevention encryption of all communications, firewalls, URL filtering, antimalware, and intrusion prevention systems (IPS). These all-Security function & capabilities have been integrated to all connected network edge across globe.
SASE in nutshell,
- It is a network Architecture that integrates WAN capabilities with cloud-native security functions.
- With SASE Security Services and networking functions are run in the cloud or a Security agent on end user device.
- SASE uses a software stack in the cloud to run multiple security functions on data at once in multiple engines.