Secure Access Service Edge (SASE)
Author: Renato Jager is the CTO for Cipher in LATAM
The concept of Secure Access Service Edge (SASE) has emerged as a popular description for cloud operation scenarios and network security devices. The SASE architecture combines several cybersecurity elements and tools. SASE solutions integrate cloud tools such as Cloud Access Security Broker (CASB), Firewall-as-a-Service (FWaaS), and control devices such as Software-Defined Networking in a Wide Area Network (SD-WAN), Secure Web Gateway (SWG), and Zero-Trust Network Access (ZTNA).
SASE enables a more efficient digital work environment, while also being accessible to different devices at any time with the lowest risk of information exposure. The use of multiple clouds and the deployment of tools ensure the shortest response time at all ends.
This was a trend especially in companies where the synchronicity of information is fundamental to process agility. Analysts at Gartner saw this strategy as one of edge computing’s strongest trends.
A study by the consultancy states that by 2024, at least 40% of companies will adopt strategies for the use of SASE. It’s predicted that organizations will modify supplier relationships by reducing multiple contracts with cloud providers to one or two SASE operations. This model shows the challenge of converging increasing dynamic and time-safe solutions.
When the network leaves the data centers to the edge computing premise, the perimeter is software-defined based on the user’s location and network identity. This new model of data and application traffic requires the reformulation of security policies, both in the cloud and in the access points (hardware). This has led manufacturers to develop complete solutions that can be easily integrated into cloud environments to optimize management.
Having a reliable supplier that delivers flexible, robust, and scalable solutions is the first step towards the effectiveness of SASE operations. Planning the network from the existing physical and logical topology is crucial to define the best path of the data and achieving the expected agility.
Threat to data occurs with each new connected device, leading to the growth of the exposure surface. ZTNA, which is a part of a SASE offering, is one of the approaches that has been adopted in security and decentralized networks.
Based on this scenario, authentication mechanisms gain reinforcement, and new rules of segmented access and parameterized control of applications are deployed. The SASE architecture still requires testing in the chains of protection and validation of processes from the migration of the network.
It is worth remembering that the same way digital environments are dynamic, security cannot be static and needs to be revisited and updated periodically. Organizations need to be constantly prepared to identify and migrate the vulnerabilities that arise in daily life.