SASE is an acronym for Secure Access Service Edge. Leading analyst firm Gartner started using this term in 2019 to represent new cloud-native security architecture. According to Gartner blog (https://blogs.gartner.com/andrew-lerner/2019/12/23/say-hello-sase-secure-access-service-edge/)
“SASE combines network security functions such as SWG, CASB, FWaaS, and ZTNA with WAN capabilities (i.e., SDWAN) to support organizations’ dynamic, secure access needs. These capabilities are delivered Primarily as a Service(PaaS) and based upon the identity of the entity, real-time context, and security/compliance policies.”
To simplify SASE, it combines multiple existing technologies to provide a holistic cloud security solution to an enterprise. It includes cloud security, network security, web security, and data threat protection capabilities to secure data, users, and applications.
From a technology perspective, there is nothing new as Secure Access Service Edge is a culmination of various existing technologies not creating a new one. But the exciting part is the way these technologies get interconnected to provide seamless integration. To simplify SASE is not a single product but an approach to bind multiple existing technologies innovatively. The focus is on how we deliver the information from one end to another end, and what happens in between.
SASE can either be delivered as a service or as an edge appliance. SASE overcomes the various indicators for geographically bound solutions that include cost, complexity, and rigidity of loosely integrated point solutions.
The SASE technologies, according to many analysts and experts, include the following:
- Cloud-native microservices in a single platform architecture
- Ability to inspect SSL/TLS encrypted traffic at cloud scale
- Inline proxy capable of decoding cloud and web traffic (NG SWG)
- Firewall and intrusion protection for all ports and protocols (FWaaS)
- Managed cloud service API integration for data-at-rest (CASB)
- Public cloud IaaS continuous security assessment (CSPM)
- Advanced data protection for data-in-motion and data at-rest (DLP)
- Advanced threat protection, including AI/ML, UEBA, sandboxing, etc. (ATP)
- Threat intelligence sharing and integration with EPP/EDR, SIEM, and SOAR
- Zero trust network access replacing legacy VPNs and hair-pinning (ZTNA)
- Software-defined perimeter with zero trust access (SD-WAN, SDP)
- Carrier-grade, hyper-scale network infrastructure with global access POPs
- SaaS acceleration, traffic shaping, caching, and bandwidth optimization