What is SASE?
You may have heard of the term SASE if you’ve been following the SD-WAN scene. SASE stands for secure service access edge, and it’s pronounced “sassy”. SASE gained popularity after Gartner coined it in 2019.
SASE is a hot topic. Big names like Cisco, VMware and CloudFlare have all bought in and released SASE offerings over the past two years. Tech buzzwords are all too common, and some argue that SASE is a new term for existing tech.
We’ll be taking a closer look at SASE and the efforts to standardize it. Finally, we’ll help you decide if this acronym is worth keeping in mind — or just another IT buzzword.
What is SASE?
SASE is a framework that unites security and networking functions in a single cloud-based architecture. Instead of having separate appliances and cloud services for SDWAN, SWG, firewall, CASB, IDS/IPS (intrusion detection/prevention system), and VPN, SASE allows you to have one holistic cloud-service.
Learn how to become a security expert with SPOTO’s Cybersecurity Training
Start trainingThe SASE vendor gives access to a private network (points-of-presence) all over the world. All the SD-WAN security functions and users connect to this network.
SASE is still a new concept so you might find different definitions depending where you look. Gartner’s glossary does not have an entry for SASE, despite the fact that they invented it. SASE implementations by different vendors vary so there is no one definition. SASE has the following key characteristics:
Cloud-based.Traditionally, data centers were the center of an organization’s network. Access management and QoS (quality-of-service) were all facilitated by appliances on-premises. SASE puts the cloud at the heart of the network. Cloud services now provide the functionality that appliances once offered. This is a better way to align with a world in which SaaS (software-as-a-service) apps and remote work are the norm. Users can authenticate from anywhere with an Internet connection and have all security policies and network settings applied to their activities.
Security and networking are integrated. Two separate services often perform security and networking. This is best illustrated by a dedicated router that moves traffic between networks, while firewalls block traffic to certain ports or IP addresses. SASE is a cloud infrastructure that provides both security functions and network functions. This will result in tighter security, better performance, and easier maintenance and management.
A security model that is “zero-trust”. Zero-trust is based on the notion of “deny access without exception”. Zero-trust security models represent a fundamental shift away from the old mindset of trusting everyone on the right side. The older approach, known as a “castle-and-moat” approach, assumes that the firewall is protecting users and that they can be trusted. This falls apart if a machine gets compromised. Zero-trust authenticates each resource and authorizes access. It never assumes that access should be granted without explicit authorization and authentication.
Access to resources based on identity. Identity-based access is a way to implement a zero trust model. Identity-based access simply means that users, services and devices on the network can be granted or denied access using policies that are based on who/what they’re. This is in contrast to the traditional DENY/ALLOW rules that are based on IP addresses and ports used in traditional security models. This is in contrast to checki