SASE is probably the coolest acronym for a reference architecture ever. It’s fun to say and brings back memories of Phil Hartman’s SNL character and skit, Russel Clarke, senior editor or Sassy Magazine. All silliness aside, SASE is quite sassy of a concept that is driving the next level thinking in enterprise networking and security.
What is SASE?
SASE stands for Secure Access Service Edge. Well, what does that mean?
In principle, it is about enabling secure “anywhere, anytime access from any device” according to Gartner, the research firm that coined the term, the acronym, and the concept back in 2019.
In practice it is a conceptual architecture for a cloud-managed enterprise WAN wide area network that supports pretty much any access modality, ideally.
It’s important to understand that it is an architecture, it that is pretty broad but leverages advancements in cloud computing, software-defined (virtualized) networking, and provides tools for implementing Zero Trust networking practices and models for an enterprise.
If you look at the bits and pieces that make up SASE they will look familiar with some new elements. In a lot of ways it looks like the product catalog of most of the big network equipment and security software vendors stitched together by a cloud-managed network/security management framework or platform.
Core SASE capabilities according to Gartner include:
- SD-WAN or software-defined wide area network which virtually extends the enterprise network across a wide geographic area such as a region or even globally.
- SWG or secure web gateway which sits between a user and the Internet to provide network protection and inspection of web requests and blocking of malicious applications and websites.
- CASB or Cloud Access Service Broker for centralized management and monitoring of user access to a growing range of cloud services.
- FWaaS or Firewall as a Service for cloud-based firewalls that protect and secure traffic between users, the Internet, and the enterprise network and cloud services.
- ZTNA or Zero Trust Network Access which are tools for implementing zero trust architectures and networked computing environments.
It’s also important to realize that different vendors approach their implementation of SASE in their product portfolios differently. Furthermore they are positioned differently in driving SASE solutions and adoption among their customer base.
Prominent SASE players include Zscaler, Netskope, McAfee, Cisco, Palo Alto Networks, and a growting number of others.
What many of these players are doing is try to create the ERP of security and networking for the enterprise. A tall order.
What does SASE have to do with edge computing?
A good way to think about SASE is as an architectural progression of enterprise security and networking toward cloud-managed, integrated, and cloud-native-ish form.
SASE sits on top of the access network enabling new edge computing paradigms AND provides users and endpoint devices with secure and more ubiquitous access to a fast-expanding range of cloud and on-prem applications of an enterprise.
SASE aspires to provide IT organizations with integrated, flexible security, and network management features that give users and endpoint devices access to enterprise resources that they might not have had before.
Much like new and more capable access technologies such as 5G (the “how”), SASE expands the realm of the enterprise applications and data that can be accessed and transacted with to and from the “edge” or the “what” of edge computing.
Given all the talk about multi-cloud and hybrid cloud, and work from anywhere, SASE is addressing a growing need for holistic and integrated security and networking.
Key Takeaways for the C-Suite
SASE might seem sexy but it is a pretty tough transformation journey for many IT organizations that have a long legacy of older stuff in their networks and data centers. Despite what we might be led to believe, a small fraction of enterprise applications have been migrated to the cloud though the use of SaaS-based applications continues to grown and proliferate. Most organizations will have a long journey riding up the SASE maturity curve. No doubt, many edge computing possibilities will hinge on the maturity of an enterprise’s SASE maturity level.
No doubt SASE is expansive and even a bit nebulous. It may be difficult to find a single vendor who can deliver against what Gartner calls the future state of SASE. For most organizations, significant modernization of infrastructure and network, and integration of elements and services both cloud and otherwise will be required non-trivial investment and effort to ride up the SASE maturity curve. I would not take SASE transformation lightly.
Best of luck. Find a great partner to help you on this journey. You will need one or maybe more.