Corporate data is moving to the cloud, employees are increasingly mobile, and digital transformation initiatives are gaining momentum, meaning more data is flowing to more locations. All of this changes the requirements for networking and security and inverts the traditional security stack.
Business leaders want stronger defenses in the face of ever-increasing cybersecurity threats; users want transparency and privacy without sacrificing convenience or performance; and IT wants to enable their business and maintain continuous compliance with changing regulations.
Simply put, legacy approaches do not provide the level of security and access control today’s perimeterless enterprises and users demand. The result is a growing need to converge security defenses and networking—so that service delivery can be simpler, faster, more flexible, more efficient, and less expensive.
Secure Access Service Edge, or SASE (pronounced “sassy”), is a term coined by Gartner in 2019 for a new cloud-native security architecture. SASE unifies multiple web security, cloud security, data and threat protection defenses, plus networking capabilities into a cloud ‘heavy edge’ to support users, data and applications in any location. In this evolving model, perimeter-based appliances and legacy solutions transition into fully integrated cloud microservices creating one platform with unified policies supported by a highly-performant, extensible global network infrastructure.
A SASE architecture is capable of identifying users and devices, applying policy-based security controls, and delivering secure access to the appropriate applications or data. SASE makes it possible to provide secure access regardless of where users, data, applications or devices are located.
Gartner’s SASE predictions
Allows for direct-to-net or direct-to-cloud access from anywhere vs. traditional hair-pinning back to the data center
Eliminates CapEx for on-premises infrastructure and provides lower, predictable OpEx due to its Security-as-a-Service model
Enables organizations to shift security staff from managing appliances to focusing on delivering policy-based security services; in addition, consolidated / converged technologies with unified policy enforcement simplify SecOps
Enhances and accelerates access to Internet resources via a global network infrastructure optimized for low-latency, high-capacity and high-availability
Provides secure access to private apps in public clouds and data centers, instead of access to the network
Detects and prevents cloud and web attacks such as cloud phishing, malware, ransomware, and malicious insiders
Protects data everywhere it goes, inside and outside of the organization, including within public clouds as well as between company and personal instances of cloud apps
At the core of SASE is an integrated, extensible architecture that redefines security defenses in the cloud as a service. To get started, following these steps: