Have you ever heard about SASE? If you haven’t heard yet! You will soon hear about it. The technology has made its place in the Gartner’s Hype Curve, and as per the Hype Cycle for Emerging Technologies 2020, Secure Access Service Edge (SASE) will reach its plateau within a period of 6 to 10 years. Gartner believes that SASE is a call to restructure how the firms are managing and securing their networks. Let us take up this emerging technology in detail.
What is SASE?
Secure Access Service Edge (SASE) refers to an emerging enterprise strategy that integrates various network security functions with WAN abilities. The main goal behind this technology development is to provide a dynamic and secure access requirement to the organizations, and it has a very crucial role to play in today’s mobile or remote environment. SASE supports the agenda of security being delivered anywhere be it the WAN edge, cloud edge, endpoint devices, datacenter edge or more.
Is SASE specifically a cloud-based offering?
SASE, in general, is taken under the purview of a cloud-delivered service. Still, various circumstances might require a grouping of physical and cloud-based solutions for the technology to get aptly integrated into the network. This is when there comes the need to integrate SASE connectivity with network access controls and edge security devices for the remote workers, supporting a physical Software Defined Wide Area Networking (SD-WAN) device containing a full stack of security. This means that the employees will be able to work securely even outside the office premises. With this technology, the network and application security policies are well-defined in the cloud and at the same time tied to authenticated identities. This helps the IT teams at the organizations to easily modify the network and security policies at the same time automatically deploying them across the whole network within a short span of time.
Problems addressed by SASE solutions
With more and more evolution, enterprises are becoming less dependent on private datacenter, and many applications are running in the cloud as Software-as-a-Service (SaaS) than on the premises. Data today is mostly stored in the cloud datacenters and Infrastructure-as-a-Service (IaaS) platforms than compared to on-premises datacenters. Majority of the workforce work off-site, mobility being the custom and the users are accessing the cloud regularly. These two paradigm shifts have forced the techies to think on how to network as well as secure offices, users, and resources. The datacenter is no longer the pivot of enterprise bustle, and there arises a question as to where to inspect the traffic and apply the modifications made to the different policies. Backhauling traffic for security inspection adversely affects the performance of the cloud. If we tend to push the security inspection into the office premises, it fails to properly address the other tenants of the firm that are the mobile users. In this context, SD-WAN came to rescue providing a solution for the sites but not to the mobile users. The problem is not just constrained to security inspection and network control but also to traffic inspection, which demands the integration of security technologies.
This is how companies can protect themselves. Still, there is this problem of time and lack of essential skills, thus requiring, to figure out a way which can network any resource, location, user irrespective of the location and accomplish the same in a certain way that can protect these against threats.
The problem mentioned above is solved by SASE, which is making use of different technologies such as SD-WAN, Route optimization and WAN optimization to provide the best possible network experience to any connecting entity irrespective of its location.
Four major attributes of SASE
The four main attributes of SASE that is the reason for its suitability and applicability in businesses include the following:
- Global SD-WAN Footprint– The SASE service providers require to provide a global SD-WAN service having its private network that is composed of points of presence or PoPs across the world. Traffic is routed across the network, thus avoiding the latency problems in case of Internet-based services.
- Distributed Inspection and Policy Enforcement– Security Inspection, as well as Policy Enforcement, are well distributed across PoPs of a SASE service provider. In this case, the traffic is not backhauled for security inspection.
- Cloud-native Architecture– Any SASE service should be using converged and multi-tenant cloud-native software. Gartner says the SASE solutions that are delivered as a Customer Premise Equipment (CPE) should be like turnkey boxes, “turn it on and forget it”.
- Identity driven– This is identity-driven as an identity will not only consider the name of the user but will also take into consideration the device that is being used along with the location of the user.
Benefits of SASE
Some of the major benefits of SASE includes:
- Reduction in costs– By reducing the number of components and vendors helps in overall cost reduction.
- Better performance of the network– Making use of global SD-WAN service having its own private backbone along with built-in optimization ensures better performance of the network.
- Less overhead– IT team will be freed from updating, patching, and lastly scaling the appliance.
- Improvisations in both security as well as performance– With the proper inspection of traffic flow at the source and data flow, helps in optimizing user security.
Drawbacks
In the above discussion, we have considered the implications of SASE technology but have not mentioned any of its drawbacks. Any new technology has some drawbacks as well. Let us see what these are!
- SASE is just the integration of the existing technologies, which is one of the reasons why not many researchers are interested in it.
- High level of trust is placed in the providers, which can be a risk to the internal matters of any firm.
- The major selling point of this technology is trust and reputation.
Conclusion
Wrapping it up, SASE can be considered as a future technology which has already started its journey, and this has the potential to address the various artifacts of traditional networking being instilled into the most prevalent cloud environment these days. In the cloud environment where security has turned out to be rigid as well as an inflexible element, SASE can be promising enough to intervene and take the guard. When security has become one of the major concerns in the digital world, new technologies are being searched for and getting a place in the Gartner’s Hype Curve, SASE has already started off its journey.
I hope this brief idea helps you explore more into the topic!
Senior Engineer Infrastructure Management and Security Services at Happiest Minds Technologies. She comes with 4+ years of experience in Information Technology, Network Operations and Application Support. Jasmine currently works in a government-based project as a Team Lead, and she is passionate about learning new and emerging technologies.
