What is SASE and How Does it Work?

Dramatic growth in Internet of Things (IoT) devices and external users have forced IT departments to move storage and processing functions closer to the edge of the network to handle all the data and avoid performance hits for users and data center overload. Edge computing has created its own security problems, however, by spreading out data center risk over a wider area closer to the internet. One edge security tool has emerged in response to those challenges: Secure Access Service Edge (SASE).

See the Top SASE Solutions

What is SASE?

SASE is an umbrella solution, a framework of software and hardware tools to ensure safe access to cloud and network resources by applications, services, users and machines, typically delivered as a cloud service.

Gartner coined the term SASE in its Future of Network Security in the Cloud report, identifying SASE architectures as a critical cybersecurity solution to protect cloud and data center infrastructure. Rather than individual standalone systems, SASE encompasses a suite of technologies, from SD-WAN and Cloud Access Security Brokers (CASB) to secure web gateways, Zero-Trust Network Access (ZTNA), firewalls as a service (FWaaS), VPNs and microsegmentation.

SASE benefits

There is a solid business case for investing in SASE. Traditional network security technologies are incapable of handling the increasingly advanced threats and vulnerabilities facing the network perimeter. As cloud and external access accelerates, organizations need to implement advanced levels of access control to ensure they have the capabilities to handle the associated network security demands and risks.

With remote access and software-as-a-service (SaaS) increasing cloud and external traffic, SASE shifts the focus from the central private data center to the network perimeter and the cloud, with security controls focused on the edge of the network. In addition to continuously monitoring for malware, risk and the trust level of connections, SASE can identify sensitive data and encrypt/decrypt content at line speed, scaling with traffic demand and providing a secure experience for distributed end-users through robust anytime/anywhere access to data, apps and services.

How does SASE work?

The SASE framework identifies devices and users and applies policy-based security based on user, role, device, behavior, location and other characteristics, ensuring secure and reliable access to applications or data, enabling organizations to implement secure access globally.

Advantages for Organizations:

  • Adaptability: On top of cloud-based infrastructure, vendors can implement and deliver client-specific security services. Organizations can deploy web filtering, DNS security, threat prevention, credential theft prevention, firewall policies, sandboxing and data loss prevention.
  • Zero Trust: Tools ensure that cloud and on-premises infrastructure eliminates trust assumptions when applications, devices and users connect. SASE tools also ensure complete session possession regardless of whether the user is connected to the organization’s network or not. Amid the increase in home and remote work as a result of the Covid-19 pandemic, investing in SASE has become even more essential to secure enterprise networks and improve user experience.
  • Better performance: With internet access expanding into remote areas over a variety of communications technologies, SASE enables more people to connect to networks securely and reliably. Organizations can now begin to target a new domain of users who may have traditionally been more difficult to monitor and control.
  • Reduced complexity: One of the critical advantages of deploying SASE is reducing the need for an organization’s IT team to manage, maintain and update necessary security features. SASE consolidates the security risks and risk mitigation within the cloud services model.
  • Financial savings: Investing in SASE eliminates the need to buy and maintain different tools at multiple price points. An organization can more easily track its return on investment from its SASE implementation.
  • Reduced threat exposure: As a result of deploying SASE, an organization can gain a higher level of visibility into possible risk factors likely to impact the business. SASE encrypts all communications and enables Intrusion Detection and Prevention Systems (IDPS), URL filtering and firewalls, mitigating the threat of malware and hacking.
  • Data protection: SASE can be a key element in providing data protection and privacy, keeping an organization’s data within its framework safe from unauthorized access.

Characteristics of SASE

SASE vendors provide a global SD-WAN service with its own private network consisting of points of presence (PoPs) worldwide that route across the network, avoiding latency problems. Alternatively, an organization can consider using a reliable cloud vendor’s PoPs. While SD-WAN and SASE utilize similar features such as traffic prioritization and bandwidth optimization, with SASE the security agent on the end user’s device undertakes the networking decisions, directing traffic from different applications.

With SASE, the focus shifts from the security perimeter to users’ devices. This close-to-source security can dynamically allow or deny connections to services and applications based on an organization’s defined business rules. SASE manages the internet exchange connections and ensures that the connection to cloud applications remains stable, aiding in low latency.

Gartner envisages SASE being used to adopt a Continuous Adaptive Risk and Trust Assessment (CARTA) strategy, allowing for constant monitoring of sessions. Using adaptive behavior analysis, SASE tracks and alters security levels and permissions if it identifies any device trust deficit.

With organizations keen to accelerate digital transformation in the way data is managed, especially amid the changes wrought by the Covid-19 pandemic, SASE will be a critical tool in making this process more agile and scalable, providing users – internal and external – with a secure and consistent experience and access to applications and services from anywhere in the world.

We are now at a stage when SASE is evolving into an all-encompassing network security tool. With a growing number of use cases and rising demand, SASE is set to become a critical consideration for organizations of all sizes, and is today a safe bet for IT administrators to ensure that cloud and network access remains secure, fast and available at all times across all geographies.

SASE products

Vendors specializing in network security and networking are capitalizing on the new opportunities presented by the SASE market. Gartner expects 40 percent of organizations to adopt SASE infrastructure by 2024, from less than 1 percent at the end of 2018. One of the critical requirements for SASE vendors is a strong focus on long-term strategic product roadmaps. There is significant overlap between the zero trust, microsegmentation and SASE markets, as vendors assemble their security offerings for the new edge-focused world.

Some of the leading SASE vendors are:

  • McAfee: In its bid to expand its SASE capabilities, the software security firm earlier this year acquired Light Point Security, a specialist developer of browser isolation technology. The move has enabled McAfee to combine its existing cloud-native secure web gateway solution with browser session isolation for improved web activity security and to tackle threats in real-time.
  • Perimeter 81: Gartner has described Perimeter 81 as a “Cool Vendor in Network and Cyber-Physical Systems Security,” noting that the organization was one of the first to develop converged secure network capabilities.
  • Zscaler: Offers a Cloud Security Platform that consolidates stacks of gateway security appliances into integrated, cloud-based security services.
  • Twingate: Provides secure access to private app, data and environments, replacing corporate VPNs with a more secure, usable, zero trust-based solution focused on making remote working easier and more secure. The company prides itself on its ability to offer a reliable user experience, be it for the end-user or the IT administrator.
  • Cato Networks: Cato claims it built the first SASE platform, offering all the major SASE capabilities cost-effectively, according to customer testimonials.
  • Fortinet SASE: The net security vendor’s SASE offering integrates with SD-WAN, leveraging its network firewall and secure web gateway technology, giving organizations multi-layer security.
Paul Shread
Paul Shread
eSecurityPlanet Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including award-winning articles on endpoint security and virtual data centers. He wrote a column on small business technology for Time.com, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds market analyst and cybersecurity certifications. In a previous life he worked for daily newspapers, including the Baltimore Sun, and spent 7 years covering the federal government. Al Haig once compared him to Bob Woodward (true story - just ask Google).

Latest articles

Top Cybersecurity Companies

Get the Free Newsletter!
Subscribe to Cybersecurity Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter!
Subscribe to Cybersecurity Insider for top news, trends & analysis
This email address is invalid.

Related articles