Traditional technologies are focused around the data center and don’t effectively scale for en masse remote working and cloud application adoption. Organizations transforming themselves for the modern working world are challenged with their existing perimeter-centric and point-solution architectures being too archaic to cope with modern connectivity needs. They now require technology that is agile, flexible, and scalable. Enter SASE.

Secure Access Service Edge or SASE, pronounced ‘sassy’, is an architecture that can be thought of as a network security fabric allowing users to securely work on any device, any application, anywhere at any time.

How we define SASE

Definition of SASE:

“The secure access service edge is an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS, and ZTNA) to support the dynamic secure access needs of digital enterprises.” – Gartner

In their landmark paper “The Future of Network Security Is in the Cloud” industry analysts at Gartner set out the principles for a new network security model.

The core capabilities of SASE can be expressed as:

  1. Software-defined – Network security can be deployed as needed to any location for any application. This capability routes traffic far more efficiently than traditional network practices, reducing the time and cost to run a network.
  2. Globally distributed – SASE requires a cloud-based architecture with points of presence located around the world. This enables users to work from anywhere and applications to be hosted anywhere without constraint.
  3. End-to-end functionality – Handing traffic off or outsourcing functionality negatively impacts the performance and security of the organization’s network. SASE must operate from the end user’s devices all the way to the application edge.
  4. Zero Trust – Enabling connectivity shouldn’t mean accepting increased exposure to cyber threats. Risk-aware Zero Trust policies ensure that only authenticated users and devices are allowed to connect to authorized applications.
  5. Holistic analytics – Unified reporting greatly improves the organization’s visibility, allowing technology teams to monitor service delivery more effectively, identify threats more efficiently, and determine where to invest in infrastructure more smartly.
  6. Comprehensive compatibility – To truly be a single edge, all forms of users and devices must be supported, from employees with managed laptops to contractors with smartphones. The different protocols used by applications also must be supported.

Where to start?

The reality is that fully migrating to a SASE architecture will not be possible for a few years. This is because no vendor is capable of delivering the functionality required to completely replace existing network and security systems. As highlighted, this should not prevent businesses from embarking on SASE projects.

Read more: Develop your SASE strategy now and get ahead of the curve

Organizations should begin SASE implementation where there is the most need. Principally, enabling remote working and protecting cloud applications. After selecting the use cases for SASE organizations should identify potential vendors to help implement a solution. Vendors should be considered based on their ability to execute.

Find out more about Wandera’s capabilities to enable SASE in your organization here.