How SASE is Defining the Future of Secure Networking
- By Michael Wood
- Mar 04, 2021
As the digital transformation trend continues to highlight business agendas, now more than ever enterprises need infrastructure solutions that enable them to connect more locations at faster speeds – while keeping everything secure. As such, it’s no surprise that secure networking is one of the most critical areas of technology for organizations today.
The COVID-19 pandemic has accelerated the industry need for not only secure networking, but also remote working. But prior to 2020, the market was already eyeing these requirements and vendors in the space were developing new services and solutions to address this growing demand.
One of the most recent labels given to this trend is Secure Access Service Edge, known as SASE. SASE is not a new technology or product development – these solutions have been available for years – but an umbrella term coined by Gartner. Gartner predicts that at least 40 percent of enterprises will have strategies for adopting SASE by 2024 – up from just one percent at the end of 2018.
With all this momentum, it’s important to understand what SASE is and why is it so important to the future of network security.
With SASE it’s all in the Integration
Remember, SASE refers to a collection of existing services that are integrated as a common set of functions and features. These services include wide area networking (WAN) and security solutions such as firewall-as-a-service (FWaaS) and Zero Trust that are integrated into a single service delivered through the cloud. This kind of integration often happens as technology develops and matures, and ultimately it provides users with more flexibility, accessibility and interoperability than services delivered separately do. This is the case for SASE.
SASE creates easier management and reduces costs of multiple separate services when an organization has different networking security solutions that are integrated into one service. A single suite of security capabilities managed by a single unified solution can also deliver better threat detection and data protection. In addition, an integrated solution enables organizations to easily apply identity management and authentication policies across all their locations.
SASE can also help reduce latency and deliver significant improvements to connection speeds. With a single software stack, data no longer needs to pass through multiple devices, server stacks, virtual network functions (VNFs), and so on. When elements such as FWaaS and SD-WAN operate separately, it creates significant overlap and many steps are repeated, leading to latency, inefficiency and performance degradation.
Cloud Delivers Benefits of SASE
Significant benefits of SASE are delivered from its cloud capabilities. An important example is the flexibility this enables, since enterprises can mix cloud and on-premises deployment to best address different needs.
For example, an organization can deploy SASE capabilities with a heavy branch approach where applications are primarily run on-premises, or in a thin branch deployment where resources are delivered via a heavy cloud approach. In addition, SASE offers a hybrid approach that provides both thin and heavy branch delivery to separate locations with different needs.
The Best Fits for SASE
SASE delivers important benefits to businesses in a wide variety of sectors due to its flexibility. However, organizations with a mixture of cloud and on-premises infrastructure with high security risk profiles have the most to gain.
For example, the banking sector provides a good use case for SASE. A large branch does much more than standard banking transactions, including business banking, mortgages, wealth management, brokerage services, and more. With all this traffic, a large branch requires robust security to protect all the sensitive client and financial data being transferred back and forth. This type of location is likely to deploy a heavy branch approach with most of the networking security elements on-premises, with some in the cloud. However, the same bank may also need to deploy multiple locations, such as smaller retail banking locations, with a thin branch approach. These locations offer fewer client services, with services almost entirely managed through cloud-based solutions.
In addition, the retail sector is another industry ripe for the benefits of SASE. Retailers are prime targets for cyber criminals since they collect and process large volumes of personal and financial data. Many retail brands also operate in multiple locations, which means the cost of any security solution is multiplied across a variety of areas. As a result, many retailers aim to reduce their footprint with a light branch approach that puts more of their networking security into the cloud. SASE enables retailers to consolidate multiple security solutions into a single software stack in the cloud and multiply it over many store areas to dramatically improve security and reduce costs. Because SASE can support both cloud and on-premises approaches in a single integrated service, it can handle the unique security needs of retailers.
SASE During the COVID Crisis
While the SASE approach was already in the works to impact network security, the COVID crisis has certainly accelerated its growth. Many organizations were set up to support a small number of employees working remotely for a portion of the time, often using ineffective legacy VPNs. With the work-from-home (WFH) order, IT teams were not ready to rapidly transition into supporting a fully remote workforce to keep operations going. Average home IT security is usually weak, and hackers can target personal routers to compromise connected corporate devices.
With SASE, organizations can deploy secure access to homes using a thin branch approach throughout the cloud, while simultaneously running a software stack on-premises for offices as needed. SASE is designed to be flexible and easily applied to any combination of laptops and mobile devices used by home workers.
On the IT side, the WFH era has required an exorbitant number of man hours for IT departments to get employees and contractors set up with secure access. If you imagine that a single set-up may take around an hour, it’s easy to see that scaling to a global workforce of tens of thousands of employees is an insurmountable logistical challenge.
SASE, with multiple security solutions integrated into a single cloud-based service, can dramatically reduce the effort and time needed to get workers connected and secured. WFH employees can simply download from a client or app store to access security and software defined networking services. Based on identity, SASE instantly delivers secure, high performance and segmented access to individual employees. Since SASE is so scalable, it equips organizations for working environments in the coming months and years. Organizations can easily scale their deployments down and up, as workers return to the office or if new outbreaks occur and WFH is ordered.
SASE and Cloud Driving Network Security
The rapid development and adoption of cloud over the past few years has been amazing. Humans and machines alike can access networking services from any device and any location in the world. This flexibility has been crucial to keeping economies and societies running during the COVID-19 crisis, and a trend put in practice by SASE.
Even when COVID is finally behind us, the working world has been forever changed by challenges organizations had to overcome in 2020. Those businesses unprepared for the WFH shift have the opportunity to invest in long-term solutions to facilitate high quality, secure remote working. The flexibility and scalability of SASE is well suited to meet this need. SASE’s ability to deliver multiple integrated secure networking solutions through a single service has huge potential for banking, retail, and any other sector that must secure high-value data across multiple use cases and locations.