SASE

Secure Access Service Edge

Tony Smith Commercial Director

The post-pandemic working environment has caused a rapid surge in the use of cloud and edge computing, supported by work-from-anywhere programmes that have fundamentally changed network and access needs.  

Today, users, devices, programmes, services, and data are more often located outside of an enterprise than inside. Attempts to use traditional perimeter-based approaches to securing anywhere, anytime access have resulted in a patchwork of vendors, policies, consoles, and complex traffic routing, creating complexity for security administrators and users. 

What is needed is an identity-aware and context-aware network and security access fabric that connects users, devices, and locations everywhere to the enterprise’s digital resources anywhere. Or put more simply, “Securely connect users everywhere to the data and applications they need anywhere.” 

Which leads me to the question, “is SASE (Secure Access Service Edge) the real answer to our future networking needs?” 

According to Gartner (who brought SASE to life) it is estimated that by 2025 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access using a SASE/SSE architecture; true SASE offerings deliver multiple converged network and security-as-a-service capabilities, —such as software-defined WAN (SD-WAN), secure web gateway (SWG), cloud access security broker (CASB), network firewalling and zero trust network access (ZTNA) — using a cloud-centric architecture; supporting branch office, remote worker and on-premises general internet security, private application access and cloud service consumption use cases.  

Now is the perfect moment to pause and think about how implementing a SASE network solution will help you protect the company and save networking and security costs while improving access to all business applications, whether they are hosted in the cloud or in a data centre. 

The world of SASE is not as straightforward as it initially appears, despite its obvious operational, security, and financial benefits. 

Do you: Choose a single vendor solution? 

Marry SD-WAN, Remote Workers, and Security solutions to build and operate an in-house solution? Stick with the Status Quo? 

When contemplating a SASE solution, one of the main difficulties I find for businesses today is determining who owns SASE: the network or security?

 In my opinion, it is neither; organisations have to breakdown internal silos to ensure that the enterprise operates in the most secure and efficient manner possible, Networking and Security leads will have to work cohesively to define the strategy, select the vendors or MSP (Managed Service Provider) and agree on the success criteria. 

Maybe the starting point is to consider the Governance, Compliance and Risk (GRC) attitude/appetite of the business.

This is the most logical starting point for any networking and security initiatives and provides the fundamental principle under which such decisions need to be made.  I know GRC is the new darling buzzword of the cyber security world, but the central part of this strategy guarantees that we don't follow tech sector trends but instead just make solid operational and procurement decisions based on what is best for our company.  

My biggest concern is that organisations won’t be able to grasp the thorny end of the stick and break down those long-standing and tech-industry-cemented internal silos. Which in turn will only lead to ever more increasingly complex data networks and security stacks, meaning that very few companies will ever truly be able to 'Securely connect users everywhere to the data and applications they need anywhere'.