What is SASE?
The term SASE (pronounced sassy) stands for Secure Access Service Edge. It was coined by 2 senior Gartner analysts Neil McDonald and Joe Skorupa and described in a 2019 report (Networking Hype Cycle and Market Trends Report).
The concept revolves around achieving consistent network and security policies, anywhere and anything. That is, enforcing security between “Any” on-premise/co-located data center or cloud service (e.g. Microsoft 365) to “Any” user or device at “Any” location. Another key tenet of SASE is achieving secure access while simultaneously delivering an intact user experience when it comes to ease of access, performance and latency. This entails a convergence between network and security combining elements of cloud-based security, edge compute, and Wireless Access Network (WAN) into a single cloud-based service. The ideal SASE solution would provide secure AND seamless access for users and devices anywhere.
Why has SASE become so SASSY?
As we mentioned, SASE was developed in 2019 in response to increasing security threats and regulatory challenges in an indomitably cloud and mobile oriented world where many critical access points and applications reside outside the control of the traditional organization network.
In the wake of Covid19, the rapid, unexpected and massive shift to remote work has caused two serious issues:
- It has drastically increased the attack surface area exposing organizations to more areas of vulnerability and, at the same time,
- It degraded the user experience for a majority of users who had to depend on Virtual Private Networks (VPNs) to access their network, and, hence, do their work.
Therefore, organizations had to rethink how their network is architected and how their security is designed. Enter SASE.
Why will SASE go a long way especially in the Enterprise?
SASE is refreshingly user centric. Its focus is on delivering both security for the organization and convenience to the user no matter where they are and how they are accessing the application and the network. As organizations increasingly adopt flexible and remote work practices, they will need to marry network and security to deliver universal, always secure and seamless (low latency, easy-to-use) experience to their employees.
Gartner, who conveniently coined the term, expects that, “by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.” Gartner also expects significant M&A and vendor consolidation in the foreseeable future.
What are the key components of SASE?
Gartner was quite prescriptive about SASE characteristics and components and, of course, various Enterprise software and network vendors (Cisco, Palo Alto Networks, Zscaler…) have built upon Gartner’s original work. Here are some key components:
- Replacing VPN with Zero Trust Network Access (ZTNA)
- Deploying cloud-based security edge services while phasing out the legacy, on-premise security deployments
- Network and security SASE vendor consolidation to one or two vendors
- Deploying of cloud access security broker (CASB) and other technologies to protect the organization against connection to unapproved cloud applications, to monitor for unusual user behavior and to deliver data loss prevention
- Deploying those components in a software-based architecture deployed across multiple points of presence (POPs) to be close to the point of consumption (the user or device)
- Consolidating policy control in a single pane of glass, with AI and ML playing an important role in automating the security and access policies.
Is SASE applicable to Small & Medium Businesses (SMBs)?
Due to scope, complexity and cost, SMBs will unlikely be able to deploy a complete SASE solution as prescribed by Gartner and many of the Enterprise vendors.
Can Managed Service Providers help SMBs improve their security posture and become more "SASE"?
As millions of those businesses outsource their IT to and depend on Managed Service Providers to manage and monitor their network and security, many components of SASE can and should be adopted by SMBs. In fact, many MSPs have seen their business flourish after they invested in building their security expertise and positioned themselves as proactive Managed Security Service Providers (MSSPs).
References:
Gartner’s 2021 Strategic Roadmap for SASE Convergence
Gartner’s SASE Will Improve Your Distributed Security Everywhere
