Today, companies are adopting SASE technology for many reasons. Integrate and integrate enterprise security to combat cyber attacks, manage cloud environments, and improve network performance.
SASE has been increasing in adoption over the last two years, primarily as a result of the COVID-19 pandemic. According to a June 2021 survey commissioned by Versa Networks, approximately 64% of the 500 security and IT decision makers surveyed will adopt or plan to adopt SASE within the next 12 months. It states. Market research firm Gartner predicts that at least 60% of companies will have a clear strategy and timeline to adopt SASE from just 10% in 2020 to 2025.
What is SASE?
SASE stands for Security Access Services Edge, which combines networking and security features through a management platform. A typical SASE offering handles important functions such as authentication and policy enforcement.
SASE products typically include:
- Firewall
- Malware protection
- Data loss prevention
- Intrusion detection and prevention
- Secure web gateway
- Cloud access security broker
- Zero Trust Network Access (ZTNA)
SASE has many advantages. Among these benefits are the ability for applications to be ubiquitous. Organizations can also integrate and centralize security and routing. In addition, SASE role-based policies can streamline operations.
“In essence, SASE is an evolution of branch connectivity,” said Rik Turner, chief analyst at research firm Omdia. “For geographically dispersed entities [SASE] It makes a lot of sense. Previously, the router and firewall were shipped in the same box from headquarters, so we were able to perform SD-WAN and security. Therefore, SASE is the logical next step in using network and security as managed security. “
Tips for choosing a SASE product
SASE technology is as good as its environment. As a result, organizations must make some effort to identify the right product for their needs.
Choose the right type of SASE technology
There are dozens of SASE vendors today. Some of these vendors have an on-premises background of firewalls and SD-WAN, while others are developing SASE products specifically for cloud environments. And then there is SASE-favorite Offering for application networking similar to SASE.
According to Turner, the choice of SASE products depends on the priorities of the organization and the comfort of the IT environment. For example, if your business was born in the cloud, or if you want to move quickly to the cloud so that your employees can work from anywhere, the cloud-based SASE offering makes sense. However, if you are standardizing the security and network technology of a vendor with an on-premises background, it may be a good idea to maintain continuity with that vendor.
Make sure the SASE product is inspecting all traffic
This may seem obvious, but it’s not. For example, some SASE products bypass the inspection of Office 365 traffic, assuming Microsoft covers it. That’s a mistake, Jason Clark, Chief Security Officer of SASE vendor Netskope, said.
“Office 365 is the most important application most organizations use today, so make sure your SASE solution inspects it. all “Traffic,” Clark said.
SASE is just as good as the plan to get into it
To get the most out of SASE, organizations need to bring together network and security teams to make decisions and agree on the direction of their business and IT strategy. “SASE is a great reference architecture, but if IT and security aren’t in sync with business progress, you’ll be surprised,” said Steve Winterfeld, CISO of Akamai, a content delivery network service provider. Says.
One way to synchronize teams is to audit the maturity of your organization’s current networking and security regime. By understanding the gaps, you can choose a SASE offering to fill those gaps.
SASE is not a silver bullet
While SASE technology is great at protecting your organization’s employees and the resources they need to access, it doesn’t provide the same type of protection to your organization’s customers and other external users. That’s why it’s important to include additional tools that provide these protections, such as APIs and firewall security tools, Winterfeld said.
Consider SSE, which is a subset of SASE.
The Security Services Edge (SSE) is a set of integrated services that are the primary checkpoint for all traffic. Basically, SSE is the security stack needed to achieve SASE. SSE is part of SASE, but it’s also a valuable technology in itself.
Moving to the SSE stack requires planning and technology migration to achieve the right final state. Netskope’s Clark recommended adding ZTNA to enhance the security of certain private apps and enhance existing VPN technology. By doing so, Clark said, the traditional on-premises secure web gateway appliance will replace the cloud-based alternative and move to secure managed SaaS applications.