Earlier this year we looked at the top 5 trends redefining enterprise networking in 2020. With the rise of the perimeter-less workplace, it’s clear that a greater convergence of network and security is required - one that shifts the focal point to the identity of the user and/or device, and not the data centre. Read on to learn how Secure Access Service Edge (SASE) is changing network security architecture for the future.
Building on the software-defined revolution
‘Network and network security architectures were designed for an era that is waning, and they are unable to effectively serve the dynamic secure access requirements of digital business. The enterprise data center is no longer the center of access requirements for users and devices.’ – Gartner 2019.
As Enterprise networks are moving to the cloud, security requirements for enterprise networks also need to evolve. Server virtualisation transformed data centres over a decade ago and software-defined networking (SDN) has been a revolutionary change to enterprise network architectures. SDN has enabled us to create a flexible overlay to:
- move workloads to any cloud, consume cloud-hosted applications or enable new services in remote locations
- deploy centralised policies that enable management of the entire network from a centralised dashboard
- design the network to fit business intent, creating greater efficiency and application resiliency while improving the end-user experience
SDN has enabled digital network transformation - as companies transform and align their networks closer than ever to business intent and operational priorities. The result is that enterprise users, their associated devices, apps and data will increasingly sit outside the traditional enterprise boundary, rather than within. With enterprise traffic originating and arriving from anywhere with an internet connection, enterprises utilising IaaS or SaaS services will require seamless access to their data. What's more, regulators will demand reassurance that data is accessed securely. This concept for an integrated cloud and network security approach has been coined as SASE by Gartner.
So, what exactly is SASE?
“The Zero Trust Model of information security basically kicks to the curb the old castle-and-moat mentality that had organisations focused on defending their perimeters, while assuming everything already inside didn’t pose a threat and therefore was cleared for access.” - CSO, UK
The 'walled garden' enterprise island architecture as we knew it is dead. User mobility has introduced a much broader set of potential security challenges, so the tried and tested ‘triple-A’ security model (Authentication, Authorisation, Accounting) is no longer enough. More detail and context are now required to maintain security and enable policy-based decisions (you can read more about the 6 honest serving men methodology in our blog post here). Secure Access Service Edge, or SASE (pronounced “sassy”), is a new enterprise networking technology category introduced during 2019 by Gartner.1
SASE is the convergence of WAN and network security services, such as CASB and FWaaS into a single, cloud-delivered service model. A SASE architecture identifies users and devices, applies policy-based security, and delivers secure access to the appropriate application or data. This approach allows organisations securely access their data access no matter where their users, applications or devices are located.
According to Gartner, “SASE capabilities are delivered as a service, based upon the identity of the entity, real-time context, enterprise security/compliance policies and continuous assessment of risk/trust throughout the sessions. Identities of entities can be associated with people, groups of people (branch offices), devices, applications, services, IoT systems or edge computing locations.”
New security for a new world: the top benefits
A SASE platform combines network and security functionality into a unified, global, cloud-based service shaping the way for organisations to secure networks today, and in the future. Driven by demand for simplicity, scalability, flex, low latency and pervasive security, here are the top benefits of a SASE model:
- A stronger security posture - streamline security by providing end-to-end encryption with simplified security policy management.
- Enhanced flexibility –easily implement & deliver additional security and threat prevention services e.g. filtering, sandboxing, DNS security, firewall policies, etc.
- Simplified infrastructure – minimise the number of security products you update and maintain, consolidate your security stack into a cloud-based model include CASB.
- Boost performance – better support your dynamic workforce and easily connect global users, wherever they are.
3 things you should be considering now
As with any new security architecture model, what’s important is its relevance to your specific requirements. Naturally, there’s a buzz around the new model (FOMO anyone?) and you need to decide how to adopt SASE in the correct way for your network. You may already be targeted by vendors who have adapted their product line and service to include SASE. We are already seeing service providers, firewall vendors and cloud-first security solution companies offering a form of SASE solution. As you take time to evaluate what’s right for you, here are three things Gartner1 recommends you can be doing now:
- Position the adoption of SASE as a digital business enabler in the name of speed and agility.
- Shift security staff from managing security boxes to delivering policy-based security services.
- Engage with network architects now to plan for SASE capabilities. Use software-defined WAN and MPLS offload projects as a catalyst to evaluate integrated network security services.
It’s hard to accept that the security model we’ve all been following needs to change. But we can’t hide from the fact that our traditional network architectures weren’t created to support the emerging digital ecosystems. They just can’t provide the levels of security and control required. If you’ve already made the leap to an ‘enterprise in the clouds’ world, then exploring SASE models will be the best investment you can make this year.
We’re helping companies every day navigate their way from an enterprise island to an enterprise cloud model. Get in touch if you’d like to find out more.
Reference 1: Gartner - The Future of Network Security Is in the Cloud