Secure Access Service Edge
Secure Access Service Edge (SASE) is a cloud architecture model that combines network and security functions into a single cloud service. This saves external traffic loads from routing back through the data centre. Cloud-based applications, IoT sensor traffic and an expanded remote workforce have driven SASE adoption.
SASE is a new network security approach that is changing the way organizations secure the data, resources, and users present in their networks.
SASE is a relatively new framework that addresses how to handle the network and security demands of external traffic without routing it through the data centre. In the past years, enterprises have shifted more traffic to the cloud, creating significant congestion and latency in the data centre
SASE software solutions provide organizations with the opportunity to connect to a single secure cloud network as a service where they can gain access to physical and cloud resources. In the hands of IT, SASE security enables a more holistic and agile service for business networking and multilayered defence for organizations.
SASE distributes critical network and security functions from the cloud, close to the user and applications, alleviating the burden on the data centre and speeding network response times. SASE, which builds on software-defined WAN (SD-WAN), is characterized by its cloud architecture, ability to distribute packet inspection and policy enforcement, and its support of identity-driven access.
SASE’s consolidated and unified policy management enables companies to quickly and efficiently secure traffic regardless of its origins or the location of corporate resources, making it an attractive option for most organizations.
SASE features a combination of these network and security functions:
• Firewall as a service (FaaS).
• Keep malware from infecting your cloud through advanced threat protection (ATP).
• Protect data and stop the leakage with access control and data loss prevention (DLP).
• Intrusion detection and intrusion prevention (IDS/IPS).
• Maintain visibility in the cloud by tracking user activity and generating security reports.
• Secure web gateways (SWG).
• Protect sensitive data with a full-strength encryption solution that protects data-at-rest in any cloud application.
• Cloud access security brokers (CASBs)
• Zero-trust network access (ZTNA).