Network security has become a much higher priority for businesses and service providers in recent years. This is because now, far more businesses are using cloud-based applications, and many people have been working from home – this necessitates more security systems, and these systems must be able to work together to reach their full capacity.
This has meant that the existing crossover between WAN, security and networking has even more importance. Various network solutions now offer security features – such as virus and malware protection and IPS and vice versa. It’s common to see businesses that offer security also offer networking solutions.
Businesses must begin to see how crucial security is for networking, and providers of network solutions must start to see the value in security offerings. It’ll be bad news if they don’t – many paying customers will come to realize they aren’t getting a good deal and might turn their backs on your business in favor of another.
SASE – An Explanation
As recognized by Gartner, SASE is short for ‘Secure Access Service Edge’. Its definition is derived from two concepts that have converged in the market – network as a service and network security as a service. If you combine these two functions, you get SASE.
Gartner goes on to explain how these functions have multiple components. SD-WAN, CDN and WAN optimization, and Carriers, are all part of the network as a service. Security as a service on the other hand includes such components as Zero Trust Network Access, DNS WEB Security, firewall protection, and Cloud Secure Web Gateway.
Is SASE a Brand New Concept?
SASE might be a new term to most, but really the ideas it is based on aren’t new at all. One popular provider who offers SD-WAN has advocated for the need for SD-WAN monitoring and as well as security for a decent while, only starting to say SASE – referring to both services together – not long ago.
SD-WAN including Secure Web Gateway is something that Cisco has also been offering for some time.
It’s fairly common to see providers offer SASE as one whole package, and this looks to be increasing – meaning we should see more platforms embrace SASE in the future as well.
Business network solutions are evolving non-stop – just think about how SD-WAN superseded MPLS-based network solutions. With the building’s need for security, SASE may well be the next evolution.
Why the Interest in SASE?
There have been several shifts in the world of business that have created this drive towards SASE. Alterations to how businesses make and locate apps, and how these apps are accessed, have both contributed. Here are a couple more reasons, applying to a medium-sized/enterprise business using MPLS:
The Use of Datacentre Apps
It’s common for networks to make use of primary circuits whilst also having backup circuits which are hardly ever used. Traffic from sites on the network is routed to the HQ or the Datacentre. After that, only around 20% of the traffic moves through to the internet – all the rest simply passes around the network.
Usually, the backup circuit relies on the internet, making for a failsafe route to the Datacentre if MPLS went offline. However, this means that many applications do not have a direct pathway to the internet.
The Popularity of SD-WAN
With SD-WAN, businesses could now have this direct pathway to the internet they previously lacked. SD-WAN lets cloud-based application traffic be sent straight across the web, boosting the performance of the network.
This means that all the traffic meant for the Datacentre apps can continue to use the MPLS system – but the bandwidth can be reduced, as there’s less traffic to deal with. SD-WAN is useful as it can prevent congestion, but it makes security vital, to protect data as it travels the web.
The Rise of Remote Working
In the last few years, particularly in, there has been a large increase in remote working. The main reason it has been successful is through the use of the internet. Due to this, there exists more and more business traffic not being seen by business’ security systems, or the Datacentre.
Many apps used by remote workers are outside of the business firewall, as a lot of them won’t be using the business VPN. Workers who are making use of the apps on the business network can use the split-tunneling feature of a VPN to have only the traffic they need to be sent to them.
Holes in Security
These points have all meant that security holes have been created, as much of the traffic workers use is simply not under the protection of the Datacentre’s own security. A lot of email services also need more security as they are based in the cloud – further adding to the need for security.
This is where SASE comes in – it addresses this security issue by giving companies access to a Secure Internet Gateway. Things such as web security and a firewall-based in the cloud can be included.
What’s on the Cards for SASE?
One minor issue with SASE currently is that it brings together many security features and products. All of the information and notifications associated with them can become an annoyance for IT managers – they prefer to be able to see the context for alerts (which tend to be indicated by a correlation) in order for them to see what needs fixing.
Imagine: your car keys go missing. Believing you left them by the door, you check for them, but find the door open, and no sign of the car keys. The context created by the correlation here implies you’d better check your car’s still there, but the isolated events don’t cause the same concern.
The information on its own is given by SASE, but the correlation can only be given with integrated security. The right system could pick up on a threat and deal with it quickly and automatically.
Let’s say an email is scanned and contains a potential phishing attack – SASE could block further emails from the sender, as well as block the domain off from your web browsers. With further integrated security, the networking ecosystem can become much more clever.