By security practitioners, for security practitioners innovate | novacoast federal | novaSOC | novacoast
By security practitioners, for security practitioners

What is SASE? SASE Explained.

Following security into the cloud, SASE acknowledges a much needed structure for granular networking that allows finer control of cloud service access. Let’s take a look at what exactly the newly coined term means and how it’s being implemented across the industry.

Securely supporting a growing number of remote workers is at the top of every business’s priority list. Studies show that many companies will move to have more home workers than employees in their offices even after the pandemic. 

Still, the reality of maintaining a secure network that is cost-effective and efficient has shown to be a continuing challenge. It has opened the door for some experts to create a new category that combines WAN functions with network security that they are calling Secure Access Service Edge (SASE), pronounced sassy. 

According to global research commissioned by Versa Networks, 34% of businesses say they are already adopting SASE. Another 30% say they are planning SASE adoption over the next six to twelve months. 

Is SASE new technology or merely a new buzzword? 

What is SASE?

On the surface, Secure Access Service Edge or SASE is being presented as an emerging cybersecurity concept. At its highest level, a good definition of SASE is network transport and cybersecurity features combined with its administration and centralized control from the cloud that provides end-to-end visibility and analytics.

Organizations are attracted to the simplicity they see in SASE since it bundles networking and cybersecurity together in a model that delivers it all in a single cloud service. 

It takes networking WAN capabilities such as Network Optimization and SD-WAN and pairs them with security functions that include SWG, FWaaS, CASB, and ZTNA. It takes network and security and brings it into a cloud service called SASE. 

Service providers and vendors all have SASE offerings, but each one’s SASE package varies significantly. 

Where Did SASE Begin?

The acronym was birthed by Gartner in a report published in 2019 that discussed the merging of networking and security resources. They also used the term at a cybersecurity conference that wasn’t focused on SASE but took place around the same time.

Gartner suggested bundling WAN and Network Security using a new model that they presented. Gartner’s architecture for SASE considers these five essential elements the foundation of SASE: SD-WAN, FWaaS, SWG, CASB, and ZTNA.

Are There Benefits to SASE?

Security providers say the primary benefits are the ease of use since it seems everything you need is in one package and security. Since most vendors are combining SD-WAN with necessary cybersecurity protections that include firewalls, CASB, and secure web gateways it makes sense that organizations will find it easier to manage and maintain when it’s all centrally managed and cloud based.

Does SASE Solve Security Issues in a New Way?

Not really.  In essence, SASE moves network security to the cloud, and with most applications already there, it reduces the space between the user and their applications. Putting security in the cloud has several advantages; still, these are all products we know and use.

What’s Does SASE Include?

Security providers say that by combining network capabilities with security functions under a SASE architecture, secure access to cloud apps, services and data is enabled. While the components differ from vendor to vendor, the major ones often include the following:

  • Software-Defined Wide Area Network (SD-WAN)
  • Fire Wall as a Service (FWAS)
  • Cloud Access Security Broker (CASB)
  • Data Loss Preventions
  • Cloud Secure Web Gateways
  • Web Application Firewall (WAF)
  • Zero Trust Network Access

It is significant to consider that there is no minimum number of components that need to be included to be considered a SASE offering.

What Security Leaders Should Consider

Business security leaders should consider a few things before jumping on board, thinking this is the next best thing. Start with a review of your current network and security. 

  • Where is your data right now?
  • How is it being protected during transit and at rest?
  • Do you have visibility and privacy centralized?
  • Can your current projects accommodate being cloud-hosted? When? Now, in two years or four years?
  • What do your current data flows look like?

A lot of tech sounds excellent until you want to put your data and network into it. Then many issues crop up, which create hurdles for your employees to do their jobs and for your customers who rely on your services. 

Is SASE Just a Catch Phrase for Existing Technology?

SASE is receiving much attention from those with an eye on the security and networking landscape. Still, the SASE definition seems to vary among security and SD-WAN providers. The varying definitions have resulted in many misconceptions, questions, and opinions when it comes to SASE.

Many experts note that SASE is still unclear to many, which has led to everyone coming up with a bundle of random networking and security products and then slapping the SASE label on it. When you look into the details, you find security providers are merely providing their existing products in a bundle.

Previous Post

FORCEDENTRY zero-click exploit used on Apple iOS, MacOS, and WatchOS devices

Next Post

Microsoft’s September 2021 Patch Tuesday closes OMIGOD vulnerability which allows RCE on Azure Linux VMs