Gartner recently released a provocative report titled, “The Future of Network Security Is in the Cloud.” You can access it here.
This new report asserts that the enterprise data center is no longer the center of access requirements for users and devices. This is a result of the fact that there are currently more users, devices, apps, services, and data outside the enterprise than inside, and this shift is resulting in legacy “data center as the center of the universe” network and security architectures being obsolete and are now an inhibitor to the needs of digital business. This shift gives rise to a new architecture, which Gartner is calling “Secure Access Service Edge” or SASE, pronounced “sassy”.
Gartner believes that SASE will be as disruptive to network and network security architectures as IaaS was to the architecture of data center design. While the SASE market is just now emerging, Gartner says by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.
Here are my take-aways from this report and how it relates to Netskope:
Netskope provides a SASE solution today that is based on architecture we started from the beginning – Netskope was mentioned in the report as one of a handful of vendors that will compete to provide SASE. SASE was our vision from the beginning and today we have the most comprehensive and aligned product with the SASE functionality that Gartner outlines. Our cloud security platform was architected from the beginning to be cloud-native, truly unified, and built on microservices. We also architected our platform to be data-centric, cloud-smart, and fast, which aligns with the core SASE functionality as outlined in the report.
SASE solutions need to be data-centric – The SASE report states that understanding data context will be required for applying a SASE policy and taking adaptive actions. Netskope takes a data-centric approach to cloud security, following data everywhere it goes. Whether the context is data created and exposed in the cloud or data going to unmanaged cloud apps and personal devices, Netskope protects data everywhere and applies context to enable smart decisions on actions to take.
SASE solutions need granular visibility – Another fundamental requirement for SASE is to provide granular control when accessing any internet destination. This is an area where Netskope shines. Netskope is cloud-smart, as our patented Cloud XD can decode over 85% of your internet traffic and extract granular details about not only the user, device, and location, but also app (yes, even those with overlapping domains), app instance, activity, and content. This enables you to not only identify risky behavior but also apply granular policies and safely enable unmanaged cloud services. Without this capability, you are limited to poorly identified apps and coarse-grained allow vs block actions, which forces a difficult decision between managing risk and letting the business move fast.
Latency matters for SASE – The need to provide low-latency access to users, devices, and cloud services anywhere is a fundamental capability of SASE. Netskope delivers real-time, cloud-native security, without the traditional performance trade-off that you get from inline security approaches that rely on the public internet. Netskope NewEdge is one of the world’s largest and fastest security networks and in addition to user-centric placement of POPs, leverages strong peering relationships with both service providers and applications, and other advanced optimizations to deliver fast, low-latency access to applications and services.
Avoid stitched-together SASE solutions – Gartner recommends avoiding SASE offerings that are stitched together. It turns out that many large vendors acquire various components of SASE and require complex integration with multiple architectures and policy enforcement points, and sometimes even separate consoles. Netskope provides a single unified next-gen secure web gateway (SWG) with market-leading CASB capabilities, comprehensive cloud security posture management (CSPM), and zero trust network access (ZTNA) all with shared security microservices such as DLP, threat, and access control policies.
Kudos to Neil MacDonald, Lawrence Orans, and Joe Skorupa for a report that is surely causing some eyebrow-raising. Netskope is excited to participate in this new market category with a security platform that was architected from the beginning to address today’s SASE requirements. To learn more, download the Gartner report here.