Download
1 / 4
40 likes | 50 Vues
SASE has become the talk of the town over the past year. Competing for attention with other critical concepts like Zero Trust (both share some features, as we will see later), SASE is still misunderstood by many organizations.<br>For more information, visit: https://comtact.co.uk/<br><br>
E N D
What is Secure Access Service Edge, and Why Should You Care? Another week in the world of cybersecurity… and another mystery word. Although not entirely new in 2019 - SASE has become the talk of the town over the past year. Competing for attention with other critical concepts like Zero Trust (both share some features, as we will see later), SASE is still misunderstood by many organizations. This article will cover everything you need to know about SASE: what it is, what problems it is designed to solve, and what benefits it can bring to your organization. What is the Secure Access Service Age (SASE)? For those who had to face a few years ago, today's organizations face a very different set of networking and security challenges. It's easy to blame everything on Covid-19, but in reality, the epidemic has spurred some pre-existing trends — in particular, the increase: 1.Remote users (and consequently, remote network access required) 2.Use of software-edge-a-service (SAS) applications 3.Traffic between data centers and cloud services 4.Traffic between public cloud services and branch offices instead of on-premises data centers
These trends have created major challenges for organizations, including how users access the applications and services they need and protect users, assets, and data from cyber-attacks. Simply put, the traditional networking architecture is no longer fit for purpose. If a user outside the corporate network perimeter needs access to applications or services outside the corporate network perimeter, it doesn't make much sense to send that request back through the network. This legacy approach creates challenges for service availability, user performance, and productivity not to mention security — and needs to change. This is where SASE comes in. SASE stands for Secure Access Service Age - a term defined by Gartner in a 2019 report to define a security framework where security and network connectivity technologies come together in a single cloud-distributed platform. The SASE Framework details how organizations can deploy and use networking and security services more effectively to meet the above challenges. The SASE architecture focuses on the user's identity and the service behind the connection rather than the device or its original location. This means - unlike traditional network architectures - the connection will not be fully trusted because it arises from the perimeter of the network. Instead, the SASE architecture identifies users, devices, and services, implements policy-based security, and provides secure access to target applications or data. This approach enables secure access regardless of the source of the connection (e.g. user) or destination (e.g. cloud application). SASE focuses on three key areas: •Network services - are primarily those that connect data centers and cloud services. •Network Security - We’ll soon see what technology is included. •Identity and Access - Like Zero Trust, the policy applies to identity, not location. Seriously, the SASE Framework focuses on a consumption-based and cloud-distributed approach to these three areas. What are the key components of SASE? SASE is the confluence of software-defined wide-area networking (SD-WAN) with select network security technology. Here are some of the most commonly used technologies: •Cloud Access Security Brokers (CASB) •Firewall-A-Service (FWaaS) •Zero Trust Network Access (ZTNA) •Infiltration Prevention System (IPS) •Secure Web Gateway (SWG) •Secure DNS •Data Loss Prevention (DLP)
Based on Gartner's definition, SASE should be delivered by a single vendor through a cloud service model. In practice, it is possible to implement SASE using the multi-vendor model. Is SASE here to stay? Gartner certainly thinks so. •According to the analyst's most recent publication on the subject: •By 2024, 30% of industries will accept cloud-distributed SWG, CASB, ZTNA, and FWaaS from a single vendor, up from <5% in 2020. •By 2025, 60% of enterprises will have a clear SASE adoption policy, up from 10% in 2020. •And there may be a protective factor in Gartner's predictions - it was Gartner analysts who coined the term, after all - the general feeling in the cybersecurity industry is that SASE solves a real problem and is likely to get a lot of upticks. The next few years. What are the benefits of SASE? SASE can offer a number of benefits, including: •Flexibility. Cloud-based infrastructure makes it easy to implement and deliver security services such as centralized threat protection, web filtering, sandboxing, DNS security, data loss prevention, and next-generation firewall policies. •Agility. For most security teams, being 'business capable' is a top priority. SASE makes it very easy to enable new business ventures such as applications, services, and APIs while ensuring a high level of security. •Savings. Using a single platform for multiple security tasks usually costs significantly less than buying each technology from a different vendor. •Simplicity. Reducing the number of security products in use means fewer resources needed for management and maintenance - and an easier workflow for security teams. •Performance. The SASE architecture provides users with faster and more direct access to applications, the Internet, and corporate data. •Low risk. The combination of security technologies built into the SASE architecture is designed for maximum functionality and convenience for users and dramatically enhances access controls - helping to prevent unauthorized access to sensitive data. SASE vs. Zero Trust: What's the Difference? The short answer is that the word Zero Trust was coined by Forrester, while Gartner coined SASE. However, don't be fooled into thinking that two things are the same. Where Zero Trust is a holistic security strategy aimed at addressing the needs and challenges of modern organizations, SASE is a regulatory approach to delivering something like Zero Trust to the cloud component of an organization’s environment.
Zero trust is a set of principles, not a specific solution or set of measures. SASE, on the other hand, specifically deals with multiple networking and security technologies and how they can be deployed in the cloud (often by a single provider). However, there are two objectives that link zero trust and SASE: 1.Meeting the security needs of modern organizations. 2.Reference and identity-based policy assignments. ZTNA is a key component of SASE, which may have caused some confusion. However, as we said before, ZTNA does not equal Zero Trust - no single solution can possibly do so - this is a common element of modern Zero Trust network architecture. Simply put, SASE can help an organization provide Zero Trust principles for its IT asset subdivision - specifically, hosted in the cloud. Can SASE benefit your organization? For the right organization, SASE has a lot to offer. However, the journey to accepting SASE can be difficult, especially if you are just starting out with legacy network architecture. Fortunately, without the need for a "rip and replace" approach, SASE can come into your business in stages at your own pace. If you are interested in SASE but are not sure if it is the right way for your organization, we can help. Contact one of our experts today to discuss your needs. Partnering with an experienced SOC provider like Comtact allows you to expand into the SOC space with ease and without risk while growing client loyalty and generating new revenue streams. For more information, visit: https://comtact.co.uk/soc-partner-services-white-label/
