Skip to main content

SASE Overview

In a world where remote work and cloud computing have become the norm, the traditional network security model is no longer sufficient to protect organizations from evolving threats. Enter SASE, or Secure Access Service Edge, a transformative concept that redefines network security by integrating it with wide area networking (WAN) capabilities.

Embedded in the Evolution Platform or available independently, SASE integrates the latest network and security innovations, including multi-cloud security and network security, into a comprehensive, systemic security architecture designed to protect distributed enterprises. It includes SD-WAN to provide end-to-end visibility with optimised traffic from the Internet or private networks to your cloud and data center resources.

More than a product, SASE is a model that takes into account the identity, real-time management, specific rules, and risk assessment of the enterprise to determine how the mitigation and response policy should act most effectively. The goal is to enable users to securely and efficiently access their data and applications from anywhere, at any time.

Market needs

The SASE approach is based on a concept created in 2019 by Gartner that defines it as the convergence of markets between network technologies and network security technologies in which functions are distributed in the cloud as much as possible. Secure Access Service Edge refers to a network architecture framework that combines cloud-native security technologies (SWG, CASB, ZTNA, and FWaaS in particular) with wide area network (WAN) capabilities

Before SASE, networks were complex with scattered configurations, whereas after SASE, a simplified and secure architecture provides seamless and flexible connectivity

Security and network functions are centralised in a point of presence (POP) closest to the user, simplifying and standardising connections in a secure way while improving the user experience.

Benefits of SASE

  • End User : Simplicity of use, Enhanced user performance with improved Latency to key corporate applications
  • Technical : Safer infrastructure with a coherent approach to Security across network (LAN, WAN and Remote users)
  • Business : One stop shop for a consistent approach to entreprise security, derisking the SASE adoption
  • Operational : Solution offers reporting end to end on security status of the entreprise infrastructure and clear remedition in place

In summary, SASE represents a holistic approach to network security and connectivity in the digital age. By merging network and security services into a unified, cloud-native platform, SASE offers simplicity, agility, and enhanced protection against emerging threats, making it a critical technology for modern organizations.

Use cases

Secure Internet Access

"Nothing bad gets in, nothing good gets out"

  • Protects Internet & SaaS access
  • Consistent policy enforcement
  • Mobile users protection
  • Central management & reporting
  • Hybrid solution Integrates cloud & appliances

Secure Cloud Access

"Apply same policies & visibility to cloud"

  • Protects access to the cloud
  • Consistent policy enforcement
  • Centralized visibility & reporting

Secure Private Access

"Control users’ access to internal resources"

  • Consistent policy enforcement independent of App location
  • Mobile users gets connected to closest datacenter
  • Central management & reporting

SASE providers

Netskope

Leader in SSE services to deliver a secure, all-in-cloud solution.

Fortinet

Firewall Leader, single security rules for on-premises and in-cloud security, obvious complement to Fortinet SD-WAN.

Upcoming

Palo Alto Networks

Enhance business performance by providing security and connectivity with an all-in-one solution.

SASE Lexique

  1. Cloud-Native Architecture: SASE relies on the cloud as its foundation. It leverages cloud-native services and infrastructure to deliver scalable and flexible solutions.
  2. Zero Trust Security: SASE adopts a zero-trust security model, meaning trust is never assumed. User identities, device trustworthiness, and contextual factors are continuously verified before granting access to network resources.
  3. Software-Defined Networking (SDN): SASE employs SDN principles to dynamically route traffic based on application and user needs, optimizing performance and reducing latency.
  4. Security Services: SASE integrates a range of security services, including secure web gateways (SWG), firewall as a service (FWaaS), and secure access solutions (ZTNA), to provide comprehensive protection against threats.
  5. Edge Computing: SASE often incorporates edge computing capabilities, allowing for real-time processing and analysis of data at the network edge, enhancing performance for critical applications.