What is SASE?
Secure Access Service Edge (SASE) is a cybersecurity framework that combines network security functions with WAN (Wide Area Network) capabilities to support the dynamic, secure access needs of organizations. The concept of SASE was introduced by Gartner in 2019.
According to Gartner, "Secure access service edge (SASE) delivers converged network and security as a service capabilities, including SD-WAN, SWG, CASB, NGFW and zero trust network access (ZTNA). SASE supports branch office, remote worker and on-premises secure access use cases. SASE is primarily delivered as a service and enables zero trust access based on the identity of the device or entity, combined with real-time context and security and compliance policies" (Gartner, 2023a).
"Gartner defines single-vendor secure access service edge (SASE) offerings as those that deliver multiple converged-network and security-as-a-service capabilities, such as software-defined WAN, secure web gateway, cloud access security broker, network firewalling and zero trust network access. These offerings use a cloud-centric architecture and are delivered by one vendor. SASE supports branch office, remote worker and on-premises general internet security, private application access and cloud service consumption use cases" (Gartner, 2023b).
SASE aims to address the changing landscape of network and security requirements, especially with the increasing adoption of cloud services, mobile devices, and the shift towards remote work. Traditional network and security architectures, which relied on a centralized data center, are often not well-suited for the distributed and mobile nature of modern work environments.
Key SASE Characteristics
-
Cloud-Native Architecture: SASE leverages cloud-based services to provide scalable and flexible network and security capabilities. This can include features such as secure web gateways, firewall-as-a-service, and Zero Trust Network Access (ZTNA).
- Cost Savings: SASE integrates networking and security functions, eliminating the need for separate solutions. This consolidation leads to more efficient use of network resources and can result in cost savings by reducing the complexity of managing and maintaining separate networking and security infrastructures.
-
Edge Computing: SASE integrates security and networking functions at the edge of the network, closer to the users and devices. This approach helps reduce latency and improve performance.
-
Zero Trust Security Model: SASE follows the Zero Trust security model, which means that trust is never assumed, and verification is required from anyone trying to access resources, regardless of their location. This is especially important in a world where users may connect from various devices and locations.
-
Identity-Centric Security: SASE emphasizes identity as a key component of its security model. Access is granted based on the identity of the user and the trustworthiness of the device, rather than the traditional perimeter-based approach.
-
As-a-Service Delivery: SASE services are typically delivered as a service, allowing organizations to consume them on a subscription basis. This helps in scalability, agility, and ease of management.
-
Convergence of Services: SASE converges various security services, such as secure web gateways, firewall, VPN, and others, into a unified and integrated platform.
SASE securely and efficiently connects users to applications by integrating the following core cybersecurity components into one platform:
- Authentication Services
- Cloud Access Security Broker (CASB)
- Cloud Gateway
- Next-Generation Firewall (NGFW)
- Software Defined Wide Area Network (SD WAN)
- Secure Web Gateway (SWG)
- Unified Threat Management (UTM)
- Zero-Trust Network Access (ZTNA)
By combining networking and security into a unified, cloud-native platform, SASE aims to provide a more efficient, agile, and scalable solution for organizations facing the challenges of the modern digital landscape due to the recent shift to remote working and increased cloud adoption that requires a converged network and security system. SASE integrates network and security functions into one highly scalable and efficient platform that helps organizations simplify cybersecurity while saving money.
References
Gartner. (2023a). Definition of secure access service edge (SASE) - Gartner information technology glossary. https://www.gartner.com/en/information-technology/glossary/secure-access-service-edge-sase
Gartner. (2023b). Best single-vendor secure access service edge (SASE) platforms reviews 2023 | Gartner peer insights. https://www.gartner.com/reviews/market/single-vendor-sase