There is a new term going around the industry and if you haven’t heard it yet, you will soon. It is SASE (pronounced sassy) and it stands for Secure Access Service Edge. Many major security vendors have already created a SASE solution, so Atom Creek wanted to explore this emerging term and see if it is something you really need.
What is SASE?
According to Gartner, SASE is an emerging, disruptive technology that strives to create a secure cloud environment that is fully integrated into the network.
Umm okay, so what exactly does that mean?
SASE combines network security functions with WAN capabilities (i.e., SDWAN) to support the dynamic secure access needs of organizations. These capabilities are delivered primarily as a service (aaS) and based upon the identity of the entity, they provide real-time context and security/compliance policies.
A SASE architecture identifies users and devices, applies policy-based security, and delivers secure access to the appropriate application or data. This allows organizations to apply secure access no matter where their users, applications, or devices are located.
Although there are dozens of characteristics associated with SASE, there are four main attributes that Atom Creek thinks you should look for when vetting a solution:
• Global SD-WAN Footprint– SASE service providers should provide, in effect, a global SD-WAN service with its own private network comprised of points of presence (PoPs) worldwide. Traffic is routed across its network, avoiding the global Internet’s latency problems.
• Distributed Inspection and Policy Enforcement- Security inspection and policy enforcement are distributed across a SASE provider’s PoPs. Traffic is not backhauled for security inspection.
• Cloud-native Architecture. A SASE service should use a converged, multi-tenant cloud-native software stack not discrete networking and security devices service chained together. SASE solutions should be delivered as CPE turnkey boxes so you can just “turn it on and forget it.”
• Identity-driven– Ensure that security and network access are delivered based on user identity, not an IP address. The identity can be the name of the user but will also consider the device being used and the user’s location.
What are the benefits?
Now that we have explored what and why SASE has been created, we wanted to get down to how it could help your business. This solution can benefit you in the following ways:
- Reduced costs by reducing the number of components and vendors. Competition among SASE solutions will lead to additional cost savings.
- Better network performance by using a global SD-WAN service with its own private backbone and built-in optimization
- Security improvement and performance by inspecting traffic flow at the source (performance) and inspecting every data flow user (security improvement) as well as seeing policies based on identity, not IP address, will also help.
- Flexibility: With a cloud-based infrastructure, you can implement and deliver security services such as threat prevention, web filtering, sandboxing, DNS security, credential theft prevention, data loss prevention and next-generation firewall policies.
How can Atom Creek help you get SASE
Gartner expects that, by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018. The Atom Creek engineering team has been working with our technology partners to stay ahead of the curve when it comes to emerging technologies and SASE is no different. We have the knowledge and skill set to stand up a SASE solution quickly and cost effectively for your business.
If you think that SASE could be a good fit for your business contact Atom Creek, and we can guide you to a right fit solution for you.
“The Future of Network Security is in the Cloud”, Aug 30, 2019, By Gartner Analysts Neil MacDonald, Lawrence Orans, Joe Skorupa (ID G00441737
Gartner: SASE Poised to Transform Cybersecurity