What is SASE and What Does it Mean for SD-WAN Users?
Jan 15, 2020
You may have already heard of software-defined wide area networks (SD-WAN), but are you familiar with SASE yet? SASE rhymes with “classy” and stands for Secure Access Service Edge. Introduced by Gartner and other security professionals in mid-2019, SASE blends WAN edge with network security in a cloud service. Here, we’ll explore reasons to adopt this simplified security model for your enterprise.
Why SASE Exists
Customer demand is growing for simple, flexible solutions for networks experiencing constantly changing technology. Businesses also want solutions that effectively address the issues of scalability, agility, and stronger security. Traditionally, businesses have relied on private data centers for these solutions, but the cloud, mobile workplaces, and edge computing are challenging this model.
Businesses across a growing number of industries have adopted SD-WAN due to the improved efficiency it offers; however, there are still a limited number of SD-WAN providers to choose from. Many businesses have found that moving to this solution from MPLS only goes so far, as private data centers do not address all the issues surrounding mobility and branch networking. The mix of different security providers also complicates the matter, which calls for more simplified solutions. While only one percent of businesses have adopted SASE to date, it may now be in position to disrupt SD-WAN technology because it fills each of these voids and appears to be a viable security solution for the future.
SASE appeals to businesses that are tired of being burdened with complex technical issues that prevent them from reaching their financial goals. Many businesses want their operations to be as secure as possible. However, complex solutions that don’t address all the problems can overshadow basic business models. SASE is arriving just in time to capitalize on these concerns.
The four primary attributes of SASE, as defined by Gartner, are:
- Global SD-WAN footprint – uses worldwide backbone and SD-WAN service, connecting distributed points of presence (PoPs) that comprise the firm’s cybersecurity and networking solutions.
- Distributed inspection with policy enforcement – protects devices with inline encryption, using multiple engines to inspect online traffic for malware and other security flaws.
- Cloud-native architecture – isn’t dependent on specific hardware and offers easy scalability, providing significant cost savings and customer equipment deployment options.
- Identity-driven – detects identity through a series of factors such as user, device, time of day, and location.
Two of the most important advantages of SASE are decreased costs and complexity. It essentially cuts down the number of vendors needed in your IT team’s supply chain. Furthermore, it reduces the number of physical or virtual branch devices as well as end-user device agents.
Another key benefit is improved network performance, which is achieved by reducing latency through routing among global PoPs, which include collaboration, video, and VoIP. Strengthening security through content inspection is another key area that businesses need; SASE provides your security team with the data they need to set security policies that affect all team members. This feature emphasizes zero-trust networking access (ZTNA), in which policies are based on four identity factors rather than just one—the user.
SASE will also improve your IT operations by allowing your company to focus on your business goals instead of constantly worrying about security breaches and updates. It also handles multi-year hardware refreshes, which can be overlooked by businesses focusing on other matters. Ultimately, you’ll be able to spend more of your valuable time on improving your business and increasing your profits.
SD-WAN will likely continue to serve businesses in the coming years, but it’s clear certain firms may be better suited to utilizing SASE. It settles questions about networking, cloud migration, computing, while offering a more simplified, yet effective, security solution. Time will tell if it will overtake software-defined solutions, but for those in the know, it’s already a viable, efficient option.