Cisco SASE Architecture
Cisco SASE Solutions:
Secure Access Service Edge is a service which combines both networking and Security functions in cloud to deliver seamless, Secure access to applications from anywhere.
SASE core functions comprises of following components:
- Software Defined Wide Area network
- Secure Web gateway
- Firewall as a Service
- Cloud Access Security broker
- Zero-trust Access network
Cisco Approach via SASE to help organization are as follows:
- To Provide secure connectivity access to applications, data and internet for remote workers, fixed locations, any internet facing devices etc.
- To get end to end visibility for application traffic from all users over any network or cloud.
- It optimizes performance by ensuring fast, most reliable and Secure path to cloud.
- It verifies identity of users and health of their devices for secure access to applications as a function of Zero trust security
Components of Cisco SASE Architecture:
WAN Connectivity via SD-WAN over Cisco SDWAN Viptela or Meraki
Cisco SD-WAN is a Cloud ready Overlay WAN Architecture, which connects branches to HQ, DC, and multi-cloud Environments. It has a flexibility to integrate Cloud based Security for SASE Architecture.
Using Cisco Viptela or Meraki as a part of Cisco SASE components, it provides following benefits:
- It connects to any user to any applications with integrated capabilities for multicloud, Security and application optimization.
- Utilizes on-premises and cloud based security (With Cisco umbrella), on way to transition to SASE Architecture
- Meets SLA with real time Analytics, visibility, and Control business critical applications.
- Extends SD-AN fabric to public cloud with Cloud Onramp for Iaas
- Provide Centralized control over intent based policies and security enforcement across entire network
Remote Access Connectivity: Cisco AnyConnect
It is a Security endpoint agent that is used by remote workers to secure access to enterprise network and applications over internet from any device, any location and at any time. This provides functions such as remote access, posture enforcement, web security feature, roaming protection.
It has following benefits:
- Provides Secure user access to internet, internal resources, or application.
- Deeper visibility into user traffic accessing enterprise network
- Policy Enforcement and device posture for all users.
- One client provides cloud security, endpoint security, and access functions.
Zero Trust Network Access: Cisco Secure Access by Duo:
Cisco provides Zero Trust network Access by Duo, with this you can verify identity of users, and health of any devices across each access attempts, and push custom security policies that protect every application. It prevents from any unauthorized and compromised credentials and from any risky devices and as well as unwanted access to your applications ands data. With this you can implement Multi-factor Authentication (MFA), adaptive policies, remote access with or without VPN, SSO for any applications.
Cloud Security: Cisco Umbrella
Cisco Umbrella is core of Cisco SASE Architecture, it unifies firewall, secure web gateway, DNS-layer security, Cloud Access Security Broker (CASB), and threat intelligence solutions into a single cloud service to help businesses of all sizes secure their users, applications, and data.
For Roaming users and branch offices, it provides secure internet access and it also provides DNS layer Security to block requests to malware, ransomware, phishing, and botnets before a connection is established
The Secure Web gateway provides logging and deeper inspections for all web traffic, The cloud based Firewall helps to log and block traffic using IP, Port, and protocols rules . the CASB functions are also included to detect and control the use of Cloud Applications.
Below are following benefits:
- It stops any threats earlier before it reaches to your network or endpoints
- Enforce broad and reliable security coverage across all ports and protocols
- Deliver rapid, scalable security protection on and off network
- Accelerate threat investigation and remediation with contextual intelligence
- Leverage a single security dashboard for efficient management
With the help of ThousandEyes , it not only gives you complete visibility from user to applications over any network , but also provides actionable insight into any performance issues so you can resolve incidents quickly to maintain reliable connectivity and optimal application experience.
- Reduce Mean Time To Identify and resolve (MTTI/MTTR) by immediately pinpointing the source of issues across internal network, ISPs, and cloud and application providers
- Gain successful escalations with service providers based on data that can be easily shared across internal and external stakeholders
- Eliminate wasteful finger pointing and effectively manage OLAs/SLAs across internal teams and external providers