SASE is about the convergence of networking and security in a way that improves performance, simplifies operational complexity, and enhances security posture at a global scale. To meet these criteria, a true SASE solution needs the following characteristics:
What is SASE?
Support for all edges
Mobile, cloud, WAN, and edge locations must all be supported without sacrificing performance or functionality. Many virtual and physical appliances struggle to meet this criterion. This is because security appliances are often inherently tied to a specific location.
Identity-driven security
The SASE security model is built around granular identification of resources. SASE requires that every app, person, and device can be accounted for and data flows can be analyzed in-depth. Doing so enables full-network visibility and contextual awareness to help mitigate threats.
Cloud native architecture
To simplify management complexity and deliver elasticity, resilience, and self-maintenance that make SASE performant and scalable for the enterprise, a multi-tenant cloud native architecture is a must.
Globally distributed network connectivity
A globally distributed cloud platform ensures that all the features of SASE are available no matter where enterprise network edges are located geographically. This means that SASE PoPs (points of presence) need to go beyond public cloud data centers and ensure low-latency connectivity for all WAN endpoints.
What security capabilities does SASE include?
SASE combines software-defined wide area networking (SD-WAN) capabilities with a number of network security functions, all of which are delivered from a single cloud platform. In this way,
SASE enables employees to authenticate and securely connect to internal resources from anywhere, and gives organisations better control over the traffic and data that enters and leaves their internal network.
The resulting converged cloud service is substantially more efficient than building your own SASE using manually integrated, separate cloud-based technologies.
Minimize inefficient traffic with efficient intelligent and secure direct-to-cloud access.
Protect remote sites via SD-WAN using industry standard Dynamic IPSec and GRE protocols leveraging SD-WAN technology that connects office sites to cloud resources faster and more directly than ever before.
Enjoy low latency and unlimited scalability with a global cloud footprint and cloud-native architecture that includes global Peering POPs (Point of Presence) reducing delays.
Cloud service with 99.999% uptime (Maintained Service Availability) and internet speeds faster than a direct connection, improves the productivity of your workforce while reducing the cost of your network infrastructure
What SASE isn't
Because of all the buzz around SASE, many “SASE vendors” are marketing solutions that have features found in SASE. However, most of these solutions miss the mark when it comes to achieving SASE’s promise of a holistic and converged network security solution.
What is a data breach? A data breach exposes confidential and sensitive information to unauthorised individuals who then share the information online without your permission.
