Secure Access Service Edge (SASE) for Dummies

The wide-scale use of cloud applications has become fundamental to business operations at all locations. According to Enterprise Strategy Group research, 32 percent of organizations report that the majority of their apps are now software as a service (SaaS) based and that number is expected to increase to 60 percent within two years. The centralized security approach has become impractical because of the high cost of backhauling traffic and the resulting performance issues for branch locations. To overcome these cost and performance issues, many organizations are adopting a more decentralized networking approach to optimize performance at remote locations. This enables a more efficient direct Internet access (DIA) path for these offices, but also highlights a set of new security challenges, including: 

See also: A Roadmap to SASE for Better Network Security

1. Gaps in visibility and coverage: Centralized security policies can’t be effectively managed and enforced in a decentralized network. This is because most traffic from branch locations to the cloud and Internet doesn’t cross a centralized policy enforcement point. This results in visibility and coverage gaps, which increase the risk of a successful breach or a compliance violation.
2. Volume and complexity of security tools: Security teams already struggle to keep up with cybersecurity threats. Many of them have a large number of point solutions that are difficult to integrate and manage. These point products generate thousands of alerts — making it very difficult, if not impossible, for analysts to keep up. As a result, many alerts go untouched.
3. Limited budgets and security resources: IT and security budgets are already constrained. Deploying multiple, costly point security solutions such as firewalls, secure web gateways (SWGs), intrusion detection and prevention systems (IDS and IPS), and data loss prevention (DLP) to multiple locations and remotely managing these solutions with limited security resources is both impractical and ineffective.

Gartner defined the secure access service edge (SASE) concept as “an emerging offering combining comprehensive [wide area network] capabilities with comprehensive network security functions." 

Key Benefits of SASE

• Potential business benefits of the SASE concept include:
• Reduce cost and complexity
• Enable secure remote and mobile access
• Provide latency-optimized, policy-based routing
• Improve secure seamless access for users
• Improve security with consistent policy
• Update threat protection and policies without hardware and software upgrades
• Restrict access based on user, device, and application identity
• Increase network and security staff effectiveness with centralized policy management

This ebook by Cisco helps readers understand the latest trends in networking and the changes to the security landscape. It introduces a new category of security products that can help businesses deal with the new security challenges that have emerged with evolving network architectures. Subscribe to whitepapers.online for more information and resources on network security.