Computer networks once consisted of an office network and a data center specific to an enterprise. An employee would go into the office and log onto a computer, accessing applications running in the data center. All company transactions occurred within the network perimeter.
This traditional network security approach established a firewall around the network. Once a user was inside the firewall, the security protocol would trust that computer, not checking the further activities of the user on the network.
Digital transformation has drastically changed how employees work. Many employees access applications at the office or remotely that are housed on the internet outside the safeguards of the corporate data center. For example, an employee accessing Salesforce could be on a laptop at a kitchen table. The application could be resident on the internet, or the employee could remotely access the application housed in the company data center.
In today's work world, the network perimeter we used to protect no longer exists because there are access points everywhere, and the internet is now our vehicle for transferring information. The challenge in this environment is to protect the gateways back into the enterprise environment, the "edges."
To bolster inadequate perimeter security protocols in this dispersed environment, IT teams have ended up with many vendors, policies, and consoles trying and not entirely succeeding in protecting data. SASE is a new solution to reduce cybersecurity complexity and improve effectiveness for dispersed-access environments.
The SASE model
SASE is a collection of technologies that combines network (SD-WAN, VPN) and security (SWG, CASB, FWaaS, ZTNA) functions. Such technologies are traditionally delivered in siloed point solutions. SASE – or Zero Trust Edge – combines these into a single, integrated cloud service.
- Software-defined Wide Area Network (SD-WAN)
- Virtual Private Network (VPN)
- Secure Web Gateway (SWG)
- Cloud Access Security Broker (CASB)
- Firewall as a Service (FwaaS)
- Zero Trust Network Access (ZTNA)
The SASE model enables organizations to unify their networks and strengthen security for dispersed users and devices.
- Reduces costs
- Decreases complexity
- Supports network and security policy alignment
- Reduces security incidents
- Provides a seamless experience for users in any location.