Over the past year there has been much talk about SASE with different vendors sharing their interpretation of this architecture and outlining how their solutions can deliver the key benefits to their customers.
However, what is SASE? Who invented it? How does it work and how do you pronounce it? These are just some of the questions I am going to try and answer as I take on the challenge to demystify SASE.
What is SASE?
SASE (pronounced “sassy”) stands for Secure Access Service Edge. It is an architecture originally designed by Gartner aimed at addressing the challenges faced by the evolution of IT environments to the cloud and an increasing use of remote and virtual access to these environments.
SASE aims to provide a common set of networking and network security services from a cloud-delivered architecture. In simple terms, what this means is a framework that delivers all of the components required to securely and optimally connect the end-user with the applications they need regardless of where these applications reside.
What Challenges Does SASE Solve?
The best way to explain SASE is by looking at the challenges this architecture looks to solve. If we roll back time by a decade, things were a whole lot simpler. A user would use a corporate-owned device connected to a local area network. If they resided in a regional office or branch, their local area network would be connected by a direct secure MPLS network to head office where all of the core systems would be hosted. The world of IT was contained within the corporate network.
Back to today and things are a whole lot different. The user in the branch may be using a corporate-owned device, but they are also likely to sometimes work at home and use their own devices such as a tablet or smartphone. The head office is no longer the hub for all of your systems; many of these have moved to private clouds or may even be utilising the public cloud and end-users are not just using these systems but a myriad of SaaS solutions that you have provided plus a wide range of other apps that you don’t even know about.
The perimeter has not only been redefined, but in many cases is out of control. The challenge is how do you protect your network when this stetches to environments that you no longer own, and how do you connect your users with the systems that are critical to them when these are no longer centralised but dispersed across many clouds?
The Fundamental Principle of SASE
The SASE architecture addresses the fact that your head office is no longer the hub for all of your systems and that your network perimeter extends far beyond the IT infrastructure that you own. It effectively creates a new virtual hub that controls access of the end-user, wherever they may be and whatever device they are using, to the systems they need to access, regardless of where these systems reside.
SASE brings together the two core elements of networking and security to create a common and centrally-managed framework to securely manage access from end-users to the systems they need. It allows you to define your security policies in a single place and for these to be consistently applied across all elements of your virtual IT environment including local and wide area networks, VPNs, private and public clouds and how your users connect to the internet.
What Are The Components of SASE?
The SASE architecture creates a tight coupling of the Security Layer and the Networking Layer in the cloud which becomes your new hub controlling access and ensuring that this access is secure.
SASE combines the Networking elements (SD-WAN, VPNs, ZTNA and QoS) with the Security elements (NGFW, DNS, Threat Protection, Secure Web Gateways, DLP and Cloud Access Security) to support the secure connectivity of end-users in any location accessing the applications and data they require in the new multi-cloud world.
The approach reduces capital expenditure, switching core elements to cloud services. It enables you to seamlessly connect all of the elements of networking and security together to provide unprecedented visibility into your infrastructure while reducing complexity and simplifying management.
How Can NAK Help You with SASE?
Our expertise lies in helping organisations create and manage secure networking and cloud environments. We have been doing this for many years. Our agnostic approach to providing technology enables us to quickly adopt best practices as they emerge and help guide our clients on the technology available to deliver value to their business.
We see SASE as an important framework for our clients to address the challenges of managing multiple clouds and securing access from an increasingly mobile workforce. We see a SASE Architecture as a desired destination for many of our clients and we are focused on helping them to take the incremental steps to this destination.
If you would like to find out more about the SASE approach and how NAK can assist you on your journey, we would love to discuss this with you. Simply give us a call on 0300 456 0471 or email us enquiries@nak.co.uk.
