In August 2019 Gartner presented its paper on The Future of Cloud Networking1, where it defined SASE (Security Access Service Edge) as a developing cybersecurity model. This was followed up with in their 2021 Strategic Roadmap for SASE Convergence2, in which the case for SASE was exponentially reinforced.
Today SASE is seen as a secure way forward in our world of increased digitization and cloud connectivity, coupled with the pandemic situation that now ensures multiple and hybrid work scenarios. The Convergence summarized this as: first, the responsibility of organizational management to facilitate the change by moving away from ‘legacy perimeter and hardware-based offerings to a SASE model’, and second, the inherent difficulties in adopting the new system.
With the growing exigencies and demand for instantaneous and uninterrupted access across multiple and often remote locations the more contemporary networks are stressed. Digital organizations are finding it difficult to ensure, let alone guarantee the levels of security they are responsible for. In additional to the increasing mix of SaaS applications and migration of data to cloud services. SASE can be effective cybersecurity model that meets the demands of enterprise security in a cloud-based environment.
What is SASE?
Pronounced “sassy”, SASE as defined by Gartner3– is the combination of network security functions (such as SWG, CASB, FWaaS and ZTNA), with WAN capabilities (i.e., SDWAN) to support the dynamic secure access needs of organizations.
Instead of connecting to a perimeter-based appliance for security users are directed to the SASE cloud service. This cloud systems is the network’s “edge” through which users are logged in and authenticated before they are given access and use of web-based services, data and applications.
SASE architecture in an organization, identifies the need for repeated identity. This precept is at the heart of services like CASB and ZTA and is aptly summed up in the here-to-stay mantra ‘Trust no one, verify everyone’.
Some of the key components of SASE are:
- Software-defined WAN (SD-WAN)
- Firewall as a Service (FwaaS)
- Zero Trust Network Access (ZTNA)
- Cloud Access Security Broker (CASB)
- Identity Access and Management
- Secure Web Gateway
- SSL Inspection
- Data Loss Prevention
- Web Isolation
Aurora provides a robust partner solution portfolio that encompasses these key components, coupled with engineers who can implement a SASE architecture as part of your enterprise security needs.
What are the benefits of SASE?
Traditional security revolved around applications and data that resided within a network perimeter. This is no longer the case, and as networks proliferate, so too will data breaches.
The Identity Theft Center’s 2021 Data Breach Report4 has unequivocally spelt out the enormous cost of data breaches to organizations. Therefor organizations need to no longer see SASE as a nice to have but a need. They need to start migrating their network security to more mature and comprehensive systems like SASE which comprehensively encompass standalone ‘bulwark’ systems like CASB, FWaaS and ZTA. In fact Gartner has predicted that by 2024 “at least 40% of enterprises will have explicit strategies to adopt SASE”.
Here are some of the many advantages of adopting SASE with a cloud-base infrastructure:
1. Data protection:
SASE architecture provides data protection and security policies that protect data within and outside the organization. It mitigates the risk of unauthorized access and abuse of data across all entities, irrespective of their location.
2. Cost savings:
Subscribing to a cloud-based security service that provides consolidation of multiple products eliminates huge CAPEX costs and reduces deployment of IT resources. In addition, OPEX costs related to this service are much lower and predictable.
3. Threat protection:
It helps prevent cyber attacks like phishing, malware, ransomware, and data breach.
4. Increased performance:
With a simplified and consolidated security that resides on a cloud-based network, access is optimized for faster deployment, high-capacity and instantaneous access to data and servers across locations.
5. Reduced complexity:
The combination of network security functions under one cloud based service eliminates the need for complex legacy solutions and simplifies operations with the organization.
6. Zero trust network access:
The SASE model includes ZTA, which involves the highest level of data encryption, multi-level factor authentication and session timeouts, which compel repeat logins.
Read more about how Aurora can help you make a transition to ZT.
Learn how Aurora can help you implement a full-fledged SASE framework.