What Is SASE?
Secure Access Service Edge (SASE) is a security framework that transforms security and connectivity technologies into a single cloud-delivered platform, enabling secure and rapid cloud transformation. SASE converges network and cybersecurity technology, addressing the challenges of distributed IT environments, including cloud computing, edge computing, and workforce mobility.
Q3 2022 hedge fund letters, conferences and more
As organizations seek to use the cloud to accelerate growth, they see data, users, devices, applications and services moving outside of traditional enterprise facilities. Corporate boundaries are no longer relevant. Yet, even though the traditional network perimeter does not really exist anymore, network architecture is still designed so that everything traverses the perimeter.
A key example of this pattern is that, in order to connect to external resources such as the cloud or SaaS applications, users are backhauled to the corporate network, often using expensive and inefficient processes. This creates significant challenges in terms of service availability, user performance, and productivity.
The SASE model was designed by Gartner to address a dynamic set of edges, providing them with cloud-based security and connectivity capabilities. This provides a comprehensive framework for secure and rapid cloud transformation.
How SASE Will Affect the Cloud Security Stack
In the past, a ransomware attack could be distributed via a portable floppy disk, bringing the whole network down. Today, the network is rarely only in one place, but companies have to overcome different cloud security challenges. The growing popularity of IaaS, SaaS, and PaaS solutions has driven the shift to distributed networks with remote employees.
Cloud adoption can simplify business processes but leaves corporate networks and sensitive data vulnerable to malicious attacks. Many security teams have to manage multiple network security tools to protect corporate data stored on third-party systems and accessed via the Internet.
Managing security in a distributed environment is not easy for the SecOps team. According to a CISO Benchmark Study, 16% of enterprise security teams receive over 100,000 alerts per day. The typical SecOps team faces challenges such as security coverage and visibility gaps, failing to prevent breaches.
Updates and upgrades to many cybersecurity solutions require coordination, which slows deployment. Limited resources and budgets provide another obstacle—using multiple tools requires multiple subscriptions. When working in silos, security teams struggle to move threat data between different security solutions. They need to create security policies on multiple systems and process many alerts, making it harder to filter the real threats.
How SASE Helps Security Teams
Fortunately, modern SecOps teams can leverage the SASE model to address these challenges. It breaks the siloed security stack, enabling the team to coordinate. Cybersecurity is a group effort, which can be frustrating when some group members and solutions contribute more while others forget their responsibilities. Teams often experience communication problems, resulting in overlooked issues or duplicated work.
When the group effort is coordinated, all members work on individual tasks and share the results with other team members to create a functional, focused, and optimized project. Building the security stack on the SASE model allows the team to function as intended. It allows the SecOps team to manage all security functionalities using a user-friendly interface.
The team can create and enforce policies from a central control plane to protect the cloud at the edge, where most user activity occurs. All SASE security features are cloud native and identity-based, with security measures focused on the user or device identity rather than the data center. Zero Trust Network Access (ZTNA) solutions are useful for determining whether users can access applications and data.
SASE Market Description and Direction
The adoption of cloud and edge computing, and the promise of being able to work from anywhere, have fundamentally changed access requirements. Most organizations today have more users, devices, applications, services, and data outside the enterprise than inside.
Attempting to use traditional perimeter-based approaches to secure anytime, anywhere access creates a patchwork of vendors, policies, consoles, and complex traffic routing, complicating security administration and use.
There is a need for an identity- and context-aware network, with a secure access fabric that connects users, devices, and locations to an organization’s digital resources, wherever they are.
Cloud-centric SASE platforms provide this fabric. A complete SASE solution combines network edge capabilities (specifically SD-WAN) with cloud-centric Security Services Edge (SSE) capabilities (specifically SWG, CASB, and ZTNA). According to Gartner, by 2025:
- 80% of enterprises will adopt a strategy of consolidating access to web, cloud services and personal applications using a SASE/SSE architecture
- 65% of enterprises will consolidate individual SASE components
- 50% of new SD-WAN purchases will be part of single-vendor SASE products
SASE Products: Analyst Recommendations for Customers
Zero trust security is a security model that assumes that all network traffic is potentially malicious and requires verification before it is allowed to access resources. This approach is based on the idea that organizations should not automatically trust network traffic just because it originates from within their own network.
SASE can help organizations implement zero trust security by providing a range of security and networking capabilities that can be used to verify the identity and intent of users and devices, and to enforce security policies. These capabilities can include identity and access management, network segmentation, application-level security, and device security.
Here are some tips for planning and deploying SASE in organizations:
- Identify your security and networking needs: Before implementing SASE, it's important to understand the security and networking capabilities that your organization requires. This might include identifying the types of applications and resources that need to be secured, as well as the users and devices that will be accessing them.
- Determine your deployment model: SASE architectures can be deployed in a number of ways, including as a cloud service, as a hybrid solution that combines on-premises and cloud-based components, or as an on-premises solution. It's important to choose a deployment model that aligns with your organization's needs and resources.
- Evaluate potential vendors: There are many vendors that offer SASE solutions, so it's important to evaluate their offerings and determine which one is the best fit for your organization. This might include looking at factors such as the capabilities of the solution, its scalability, and its pricing model.
- Plan your deployment: Once you've chosen a vendor and a deployment model, it's important to plan your deployment carefully. This might include identifying the resources that will be secured, establishing security policies, and creating a plan for rolling out the solution to your users.
- Monitor and maintain the solution: It's important to monitor your SASE solution regularly to ensure that it is working as intended and to identify and address any issues that arise. This might include monitoring security logs, performing security audits, and updating security policies as needed.
Conclusion
In conclusion, the Secure Access Service Edge (SASE) market is a rapidly growing industry that aims to provide secure, seamless connectivity for organizations across various locations and devices. SASE solutions combine multiple security and networking functions into a single platform, enabling organizations to improve their security posture and reduce complexity.
As the adoption of cloud-based and remote work models continues to increase, the demand for SASE solutions is expected to grow significantly in the coming years. Companies that offer SASE solutions are well-positioned to benefit from this trend and should consider investing in this emerging market.
