What is SASE? And why it’s the next big thing

By Gary Audin|Dec 3, 2019|7:30 am CST

Traditional network architectures and the strategies of yesterday are being fiercely challenged:

The centralized data center is dying. Meanwhile the WAN edge is gaining importance, forcing IT leaders to reverse their perspective–looking from the network edge in, rather than looking from the data center out.
Security is moving away from the data center, shifting to the cloud and to the WAN edge.
Technology advances like SD-WAN and cloud security are tightening the relationship between the network and security, triggering an IT rethink.

All of this is giving rise to a new unified approach to IT services called SASE (pronounced “sassy”). Here’s why every IT leader should grasp this new acronym.

What is SASE?

Gartner coined the acronym, defining secure access service edge (SASE) as “converged offerings combining WAN capabilities with network security functions.” For instance, a SASE solution consolidates SD-WAN with firewall as a service, secure edge gateway, cloud access security broker (CASB) and Zero Trust network access–all into a single unified approach. While Gartner reports SASE solutions are still emerging, many are already defining solution characteristics as:

Cloud-based: SASE solutions are cloud deployed, cloud managed, and delivered as a service. This helps enterprises transition from hardware to software, reducing costs with multi-tenancy, and supporting a remote, distributed, and mobile workforce.
Globally distributed: SASE offerings cater to companies doing business across multiple regions or countries with a software-defined network for low-latency routing across worldwide points of presence.
Identity focused: User identities and individual devices (not the data center) are the focus for SASE, so access to identity analytics and user activity tracking capabilities are key.
Edge flexible: SASE services place emphasis on flexibility and security at the edge, where branch locations, cloud applications, and mobile and IoT devices connect.

What are the benefits of SASE?

Network and security staff supporting the infrastructure will experience:

Increased effectiveness: By reducing and eliminating routine tasks setting up the infrastructure, network security professionals will be able to focus on business, regulatory, and application access requirements. SASE delivers centralized policy management with local enforcement.
Cost savings: SASE supports more capabilities with fewer vendors and may not require the enterprise to invest in new hardware and software. Costs can also be reduced as more and more SASE services come online in the future.
Stronger security posture: SASE supports content inspection such as sensitive data and malware where all the same security policies are applied. The SASE security updates allow quicker adoption of new capabilities. SASE can even reportedly block new threats as they emerge without requiring new deployments.
Simplified security: Identity-based security and Zero Trust are essentially network access based on the user, device, and the application identity which simplifies security policy management. SASE also streamlines security by providing end-to-end encryption for each session with optional web application and API protection that can be extended to Wi-Fi networks. Transparency of the security policies will reduce the number of software agents required. SASE helps avoid software agent and appliance expansion. Plus, it can automatically be applied to access policies without user interaction.

SD-WAN vs. SASE: What’s the difference?

SD-WAN is network-as-a-service, and SASE takes that one step further by adding security to the mix. SASE is considered network-security-as-a-service.

They are complementary, not competitors. By bringing SD-WAN and SASE together under one provider and a single solution, enterprise clients can leverage SD-WAN services with a fully embedded security capability. Beyond simply addressing the basic security concerns of SD-WAN’s public internet connectivity option, here are some examples of why this pairing is particularly advantageous:

SD-WAN, a global software-defined network service, and end-to-end security services all in one solution with one platform and one partner
Consistent security policy across all SD-WAN devices
A single source of truth for SD-WAN visibility, identity analytics, and security threat information — now security data and network data can come together in the same dashboard for heightened levels of visibility and insight
Keeping SD-WAN and security strategies fully aligned is easier now — network micro-segmentation strategies can be easily leveraged for security monitoring based on segmented flow data
Less friction between network and security — as tools and services are unified, operations and teams will likely follow suit

Why is SASE the next big thing?

SASE is popping up everywhere because it solves significant IT challenges. Existing network security architectures were designed for the centralized data center and fail to serve the needs of digital transformation, SaaS, real-time applications, edge computing, IoT, and other cloud-based services.

Historic network security architectures made the data center the epicenter of connectivity and security strategies. But this design can constrain the dynamic nature of IT and the agility required in the age of digital business. A security strategy focused on the data center is insufficient when it comes to:

Supporting more users, devices, applications, services, and data located in cloud services, outside the enterprise
Addressing network latency and complexity requirements
Analyzing encrypted traffic for security purposes

These challenges actively drive the adoption of security-as-a-service capabilities and have triggered enterprises to shift toward a cloud-delivered secure access service edge.

Additionally, SASE needs to be on the radar of every IT leader because change on the inside calls for change on the outside. Executives who grew up with a data-center focus are realizing that IT environments are looking quite different now, and providers and services need to meet the needs of the modern network:

The enterprise is running more IaaS/PaaS and SaaS workloads.
User work performed off of the enterprise network is greater than on the enterprise network and data center.
Sensitive data is located outside of the enterprise data center in cloud services.
The traffic destined for public cloud services is greater than to the enterprise data center.
Branch offices are also increasing their access to cloud services and bypassing the data center.

Isn’t it time for network and security convergence? Are your network services keeping up with your security, multi-cloud, edge-focused strategies?

Read more articles in the SASE Straight Talk series:

Interested in how SASE can improve your business?

Call us now to arrange a consultation (855) 238-1463.
Or arrange for a consultation through our request form.

What is SASE? And why it’s the next big thing

What is SASE?

What are the benefits of SASE?

SD-WAN vs. SASE: What’s the difference?

Why is SASE the next big thing?

Interested in how SASE can improve your business?

Four Strategies to Improve Network Security and Unlock IoT Innovation

Security maturity: How to benchmark your status and focus on strategic objectives

Automation supercharges the Masergy client experience

The impact of AI on cybersecurity: Are humans still your best asset?

New PoPs help Masergy clients enhance network performance

Cloud UC and SD-WAN: Why they’re better together

The How-To Guide for Direct Cloud Connections

Masergy ramps up marketing and introduces new brand identity and website

Masergy Awarded 2019 INTERNET TELEPHONY SD‑WAN Product of the Year

The Multi-Cloud Era: Five Common Network Challenges and the SD-WAN Solution

Masergy AIOps Delivers on a Vision of Autonomous Networking

Masergy Launches AIOps, the Industry’s First Integrated AI-based Network, Security & Application Optimization Solution

Masergy Cyber Security Chief David Venable Honored Among ‘Most Influential People in Security’

Masergy Announces Top Channel Partners for FY 2019

Masergy Launches New Portal Experience Consolidating Analytics and Control

A Breakthrough in Network Visibility: Introducing Masergy’s New SD-WAN Portal

Masergy Launches Integrated SD-WAN And Security Bundles

SD-WAN Benefits: Rising Expectations Create New Action Items for IT Leaders

Masergy Releases 2019 SD‑WAN Market Trends Report

Masergy Announces 2020 STEM Scholarship Opportunities–Students Apply Now!

Is Your Company Doing Any of These Five Things? If So, It’s Time to Move to SD-WAN.

Masergy Appoints Rebecca Carr as Chief Marketing Officer

Masergy Announces Spring 2019 STEM College Scholarship Winner

5 Criteria for Evaluating Managed SD-WAN Solutions

Why Masergy is the ONLY Visionary in the 2019 Gartner Magic Quadrant for Network Services, Global

Threat Minute: Dispelling the Biggest Cybersecurity Myth in InfoSec Today

SD-WAN and the New Era of WAN Performance Improvement: Bandwidth Utilization, Application-Based Routing, and Analytics

Managed Security Services vs. Managed Detection and Response: What’s the Difference?

IoT Necessities: Getting Your Network and Security Ready

Networking, Security, and Visibility: How the Next Evolution of Technology will Serve the CIO

Network Design and WAN Connectivity: A Three-Step Process to Balance Price, Performance, Risk

How To Secure IaaS/PaaS Environments Effectively With Cloud Workload Protection

IoT and Security: Using Your Network to Become an IT Disruptor