Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Articles

12/1/2020
04:35 PM
Jennifer Bosavage
Jennifer Bosavage
Edge Features
50%
50%

SASE 101: Why All the Buzz?

Wide area networking and network security services unite to provide secure, cloud-based connectivity for enterprises' remote employees -- and these days that means billions of workers.

One of the pandemic's legacies could be the realization that companies can securely support a massive remote workforce. A recent study by the Harvard Business School and the University of Illinois found that, post-pandemic, 16% of companies will switch from having employees in professional offices to working at home at least two days per week.

Related Content:

Introducing 'Secure Access Service Edge'

ISP Security: Do We Expect Too Much?

Zero-Trust Security 101

But their ability to create an efficient, cost-effective, and secure network they can trust is an ongoing challenge. This has paved the way for a new category of network infrastructure technology Gartner has dubbed "Secure Access Service Edge" (SASE) – which combines wide area network (WAN) functionality with network security services to protect against cloud-enabled SaaS and Web threats.

What Is SASE?
Most enterprises with remote workers have implemented virtual private network (VPN) solutions. However, when deployed on a wide-scale basis, VPNs can suffer from scalability, availability, and performance issues. VPN servers under extreme loads can impact response time and user productivity. 

SASE (pronounced "sassy") provides network managers with another choice. SASE is built as the core network and security infrastructure of a business, rather than as a remote access solution. It incorporates software-defined wide area networking (SD-WAN) and zero-trust technologies, providing secure access to users from the cloud rather than their devices, as with a VPN. A SASE solution can include threat prevention, web filtering, sandboxing, DNS security, credential theft prevention, data loss prevention, and next-generation firewall policies.

In its 2019 report "The Future of Network Security Is in the Cloud," Gartner describes SASE capabilities as "delivered as a service based upon the identity of the entity, real-time context, enterprise security/compliance policies and continuous assessment of risk/trust throughout the sessions. Identities of entities can be associated with people, groups of people (branch offices), devices, applications, services, IoT systems or edge computing locations."

What Problems Could SASE Solve?
SASE solutions combine enterprise-class data loss prevention with secure access and advanced threat protection.

"The 'cloudification' of applications necessitated this type of security," says Rik Turner, principal analyst in Omdia's IT security and technology team. "It's all about access to applications."

As the number of remote workers steadily climbed this year, the security proposition SASE offers has shifted its perception from an "emerging" technology solution to a timely one.

"The overall numbers went from 12% to 15% of employees who had been working at home, and that quickly went to 100%, and now some of those won't ever return to an office," Turner says. "[SASE] is gaining a head of steam, turbocharged by COVID. And it is a convenient peg for these vendors to hang their hat on."

Vendors in the space are familiar names in network security, including Palo Alto Networks and Fortinet, as well as those providing network-as-a-service solutions, such as Cato Networks and NetFoundry.

What Should a SASE Vendor Provide?
If you decide a SASE is a good fit for your organization – or at least worth exploring – Turner suggests four guidelines when looking for a vendors:

1. They must own their network or contract with a substantial telecom network. They are delivering services over a network, which must, therefore, be rock-solid.

2. They must be a player in the software-defined wide area network (SD-WAN) world. SD-WAN makes it easier than traditional networking approaches to administer traffic across a network and provides a better user experience.

3. They must have network security chops, including expertise in intrusion detection, firewalls, content filtering, and secure web gateways. Those capabilities are necessary for offering security to branch offices.

4. They must adhere to a zero-trust concept: Never trust, always verify. No network user gets access to an application without verification.

As remote working continues, companies must pursue the latest methods to combat evolving security threats. SASE is one of the latest ways to combat threats inherent in a virtual work environment.  

Writing and editing from the IT metropolis that is Fairfield County, Conn., Jen is Editor In Chief of Solution Providers For Retail. In her role, she oversees all editorial operations of the site, including engaging VARs to share their expertise within the community. She has ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
mike.gorman
50%
50%
mike.gorman,
User Rank: Apprentice
1/4/2021 | 9:23:39 AM
Why would a SASE provider need to own their own network?
The one point I will take issue with here is the statement that a SASE provider must own their own network.  Overlay networks composed of multiple independent networks, such as we utilize at NetFoundry, can be fare more performant, by intelligently selecting between them.  We have seen network scale failures often enough to know the best networks can fail. Network performance must be rock solid, I agree with, how a provider manages that performance should be left to them, and the results evaluated.
   OVER THE EDGE
These Kids Are All Right

Source: StaySafeOnline.org

What security-related videos have made you laugh? Let us know! Email us at [email protected]

Name That Toon: Before I Go ...
Flash Poll