CyberOne Blog | Cyber Security Trends, Microsoft Security Updates, Advice

What is SASE, and Why Should You Care?

Written by Mark Terry | Dec 23, 2022 12:00:00 AM

Another week in the cybersecurity world… and another buzzword.

Although hardly new—it’s been around since 2019—SASE has become the talk of the town over the last year or so. Competing for attention with other critical concepts like Zero Trust (the two share some characteristics, as we’ll see later), SASE is still poorly understood by many organisations.

This article will cover everything you need to know about SASE: what it is, the problems it’s designed to solve, and what benefits it could provide for your organisation.

What is Secure Access Service Edge (SASE)?

Today’s organisations face a very different set of networking and security challenges to those faced just a few years ago. It’s easy to blame everything on COVID-19, but in reality, the pandemic simply accelerated some pre-existing trends—most notably, increases in:

  • Remote users (and consequently, the need for remote network access)
  • Use of Software-as-a-Service (SaaS) applications
  • Traffic between data centres and cloud services
  • Traffic between public cloud services and branch offices rather than on-premise data centres

These trends have created huge challenges for organisations, both in terms of how users access the applications and services they need and protecting users, assets, and data from cyberattacks.

Very simply, traditional networking architecture is no longer fit for purpose. If a user outside the corporate network perimeter needs to access an application or service that is also outside the corporate network perimeter, it doesn’t make much sense to route that request back via the network. This legacy approach creates challenges for service availability, user performance, and productivity—not to mention security—and needs replacement.

This is where SASE comes in.

SASE stands for Secure Access Service Edge—a term defined by Gartner in a 2019 report to define a security framework where security and network connectivity technologies converge into a single cloud-delivered platform. The SASE framework details how organisations can more effectively deploy and consume networking and security services to address the challenges above.

A SASE architecture focuses on the identity of the user, device or service behind a connection rather than its location of origin. This means—unlike in a traditional network architecture—a connection won’t be trusted purely because it originates from inside the network perimeter. Instead, a SASE architecture identifies users, devices, and service, applies policy-based security and delivers secure access to the target application or data.

This approach enables secure access no matter where the connection’s source (e.g., a user) or destination (e.g., a cloud application) are located.

SASE focuses on three key areas:

  • Network services—primarily those that connect data centres and cloud services.
  • Network security—we’ll look at which technologies are included shortly.
  • Identity and access—like Zero Trust, policies are applied to identity, not location.

Critically, the SASE framework focuses on a consumption-based and cloud-delivered approach to these three areas.

What are the key components of SASE?

SASE is the convergence of Software-Defined Wide Area Networking (SD-WAN) with select network security technologies. Some of the most commonly included technologies include:

  • Cloud Access Security Brokers (CASB)
  • Firewall-as-a-Service (FWaaS)
  • Zero Trust Network Access (ZTNA)
  • Intrusion Prevention Systems (IPS)
  • Secure Web Gateway (SWG)
  • Secure DNS
  • Data Loss Prevention (DLP)

Based on Gartner’s definition, SASE should be delivered by a single vendor via a cloud service model. In practice, it is possible to implement SASE using a multi-vendor model.

Is SASE Here to Stay?

Gartner certainly thinks so.

According to the analyst’s most recent publication on the topic:

  • By 2024, 30% of enterprises will adopt cloud-delivered SWG, CASB, ZTNA and FWaaS from a single vendor, up from <5% in 2020.
  • By 2025, 60% of enterprises will have clear SASE adoption strategies, up from 10% in 2020.

And while there could be an element of protectiveness in Gartner’s forecasts—it was a Gartner analyst who coined the term, after all—the general feeling in the cybersecurity industry is that SASE addresses a real problem and is likely to see plenty of uptake over the next few years.

What are the Benefits of SASE?

SASE can provide a host of benefits, including:

  • Flexibility. Cloud-based infrastructure makes it easy to implement and deliver security services such as threat prevention, web filtering, sandboxing, DNS security, data loss prevention and next-generation firewall policies from a central location.
  • Agility. Being a ‘business enabler’ is a top priority for most security teams. SASE makes it much easier to enable new business initiatives such as applications, services, and APIs while ensuring a high degree of security.
  • Savings. Using a single platform for multiple security functions is typically significantly lower cost than purchasing each technology from a separate vendor.
  • Simplicity. Minimising the number of security products in use means fewer resources needed for management and maintenance—and a simpler workflow for security teams.
  • Performance. A SASE architecture provides users with faster and more direct access to applications, the Internet and corporate data.
  • Reduced Risk. The combination of security technologies built into a SASE architecture is designed to maximise performance and convenience for users while dramatically enhancing access controls—helping to prevent unauthorised access to sensitive data.

SASE vs Zero Trust: What’s the Difference?

The short answer is that the term Zero Trust was coined by Forrester, while Gartner coined SASE. However, don’t be fooled into thinking the two are the same thing.

Where Zero Trust is an overall security strategy intended to address the needs and challenges of modern organisations, SASE is a prescriptive approach to delivering something akin to Zero Trust for the cloud component of an organisation’s environment.

Zero Trust is a set of principles, not a specific solution or set of solutions. On the other hand, SASE specifically relates to several networking and security technologies and how they can be deployed in the cloud (often by a single provider).

There are, however, two objectives that link Zero Trust and SASE:

  1. Addressing the security needs of modern organisations.
  2. Contextual and identity-based policy assignment.

ZTNA is a core component of SASE, which is perhaps where some of the confusion started to arise. However, as we’ve said before, ZTNA does not equal Zero Trust—no single solution possibly can—it’s simply a common component of modern Zero Trust network architectures.

Very simply, SASE can help an organisation deliver Zero Trust principles for a subsection of its IT assets—specifically, those hosted in the cloud.

Could SASE Benefit Your Organisation?

For the right organisation, SASE has a lot to offer. However, the journey to adopt SASE can seem daunting, particularly if you’re starting from scratch with a legacy network architecture. Fortunately, SASE can be phased into your business at your pace, without the need for a “rip and replace” approach. If you’re interested in SASE but aren’t sure if it’s the right way forward for your organisation, we can help. Get in touch today to discuss your needs with one of our experts.
View full post