Secure service edge (SSE) is a new way of looking at security that bundles together threat protection, security monitoring, and other capabilities to safeguard access to the Web, cloud services, and private apps. To encourage more widespread adoption, on January 25, Axis Security launched the SSE Forum with IT leaders from the United States, Canada, and the United Kingdom.
The organization brings together CISOs, IT operators, and other professionals working across multiple industries so that they can share their experiences, challenges, and success stories around SSE.
"The forum allows us to work together with IT pioneers to design the IT transformation map that thousands of IT leaders, serving millions of users, will one day follow," explained Gil Azrielant, co-founder and CTO of Axis Security, in the press release. "In doing so, we hope to inspire other IT leaders to confidently adopt SSE and help jumpstart an industry that's been in need of innovation since 2007."
What Is SSE?
According to Gartner, which coined the term "secure service edge" in early 2021, SSE sprang out of the constraints and challenges that cloud computing brings. As the analyst firm explains, "SSE is primarily delivered as a cloud-based service and may include on-premises or agent-based components."
"Processing in the cloud is expensive," notes Sushila Nair, VP of security services for NTT Data and a board member of the information systems audit and control association ISACA's Washington, D.C., chapter. "We can't simply collect information from a gazillion sensors and dump it into the cloud.
"By controlling that traffic and sending it through an SSE, I can collect logs, consolidate security functions — like making sure my corporate users aren't accessing gambling sites, detecting access of high-risk applications, etc. — minimize use of VPNs, and most importantly regain visibility in a world where the loss of a corporate office and a rapid move toward cloud and a distributed workforce has undoubtedly resulted in a lack of visibility."
What's the Difference Between SASE and SSE?
Secure access service edge (SASE) provides a single framework that brings together technologies like cloud access security brokers (CASBs) and zero-trust network access (ZTNA) to provide network services and security to edge devices.
SASE can be broken out into two key subsections. The first is content delivery, SD-WAN, and other tools for WAN optimization. The second is SSE.
"The way to think about SSE is that it is the security side of SASE," says Tony Kros, senior analyst relations manager at Netskope. "SASE is not being replaced by SSE. Rather, SSE is a further sub-segmentation within the SASE architecture."
The SSE Forum's Mission
Jaye Tillson, head of architecture at TT Electronics and a member of the SSE Forum, explained that the group will work to help organizations embrace ZTNA.
"Many companies still use the legacy hub-and-spoke approach that has been around for many years," he explains. "One of the aims of the forum is to work together to design a road mmap for people to follow to move away from this old legacy model toward ZTNA."
Doing so will also help them move away from the use of a legacy VPN. That last point is especially important in the aftermath of COVID-19, says NTT Data's Nair.
"Many folks hit problems with VPN access because their workforce all went remote and their VPN solution could not scale up fast enough. And as it was unpatched, VPNs became an attack vector. The idea of combining networking and security functions allows security through decryption, traffic inspection, URL filtering, browser proxies, and cloud sandboxes even before any of that traffic hits the data in your cloud, your data on-premises, or your private data center."
Even so, both of those goals are secondary to the chief purpose of the SSE Forum: helping organizations to realize the potential of SSE.
"The promise of SSE is that it will reduce complexity and lower costs by reducing the number of vendors required to deliver secure remote access and to do so more securely, but there are many acronyms, standards, and frameworks that are hard for people to understand and therefore to apply," explains Tillson. "This is another challenge for the forum. So another aim is to ensure that everyone understands what SSE is, how it's made up, and how it can help their businesses. Success will be measured on how quickly and easy people take advantage of SSE."