What is Secure Access Service Edge (SASE) ?

The CISO Perspective
13 Aug 202007:49

Summary

TLDRThis video introduces Secure Access Service Edge (SASE), a term coined by Gartner that combines multiple network and security technologies into one comprehensive solution. SASE addresses challenges of remote work and complex network infrastructures by integrating security as a service and network as a service. Key components include SD-WAN, Secure Web Gateway, Firewall as a Service, and Zero Trust Network Access, which ensure consistent security policies and optimized performance. The video discusses how SASE reduces latency, enhances security, and centralizes policy management, making it a critical approach for modern, distributed networks.

Takeaways

  • 🔒 **Secure Access Service Edge (SASE)** is a term coined by Gartner that integrates network and security services.
  • 🌐 **Goal of SASE** is to provide secure network services from anywhere a user connects.
  • 🏠 **Work from Home Increase**: The demand for secure cloud access without traditional VPN bottlenecks has grown.
  • 🛠️ **SASE Core Levels** include SD-WAN, Secure Web Gateway, Firewall as a Service, and Zero Trust Network Access.
  • 🔄 **Recommended Levels** in SASE involve sandboxing, browser isolation, network access control, and next-gen antivirus.
  • 📡 **Optional Levels** may include Wireless LAN and VPN services for certain customer needs.
  • 👥 **Zero Trust Network Access** is foundational to SASE, ensuring secure access regardless of user location.
  • 🌐 **Endpoint Client** acts as a vehicle for data, providing connectivity and zero trust access.
  • 🔄 **SD-WAN Integration** in SASE allows for intelligent routing and security offloading.
  • 🔒 **CASB (Cloud Access Security Broker)** is crucial for managing and securing access to cloud applications in SASE.
  • 🔄 **Service Chaining** is a key concept where SD-WAN directs traffic to secure web gateways for inspection.

Q & A

  • What is Secure Access Service Edge (SASE)?

    -SASE is a term coined by Gartner that combines multiple network and security technologies into a single offering, aiming to provide secure network services regardless of where the user connects from.

  • Why is SASE important for modern organizations?

    -SASE is crucial because it addresses the challenges posed by distributed workloads and users, providing a unified security policy and reducing inefficiencies and costs caused by using multiple separate technologies. It is especially important with the rise of remote work and increased demand for secure, direct access to cloud services.

  • What are the three levels of SASE as outlined by Gartner?

    -Gartner outlines three levels of SASE: Core, Recommended, and Optional. The Core level includes SD-WAN, Secure Web Gateway, Firewall as a Service, CASB, and Zero Trust Network Access. The Recommended level includes Sandboxing, Browser Isolation, WAF, Network Access Control, and Next-Gen Antivirus/EDR. The Optional level includes Wireless LAN and VPN for those who still need them.

  • How does SASE solve the latency and bottleneck issues caused by traditional VPNs?

    -SASE addresses VPN-related latency and bottlenecks by distributing security inspection to regional points of presence (PoPs) instead of routing all traffic through a central location. This allows for secure, efficient access to cloud applications without the delays caused by traditional VPNs.

  • What is Zero Trust Network Access (ZTNA), and why is it critical to SASE?

    -ZTNA is a security model where trust is never assumed based on network location. It verifies both the user’s identity and the device before granting access to specific resources. In SASE, ZTNA ensures secure access regardless of the user's location by enforcing strict access control policies.

  • How does SD-WAN play a role in the SASE framework?

    -SD-WAN plays a critical role in SASE by enabling efficient traffic routing and service chaining security inspections. It allows organizations to optimize traffic routes while still ensuring security through features like packet duplication, forward error correction, and quality of service (QoS) prioritization.

  • What role does the Secure Web Gateway (SWG) play in SASE?

    -In the SASE framework, SWG provides cloud-based security services, such as firewalling, web filtering, antivirus, and intrusion prevention, often acting as an SDP gateway for secure communication between users and resources. SWG ensures secure access without the need for centralized inspection points.

  • What advantages does SASE offer over traditional hub-and-spoke network architectures?

    -SASE offers advantages over traditional hub-and-spoke networks by distributing security inspection across regional PoPs, reducing the need for large, centralized security devices, and enabling more efficient routing, reducing costs and latency for remote and cloud-based users.

  • What is Cloud Access Security Broker (CASB), and why is it integral to SASE?

    -CASB is a security policy enforcement point that sits between cloud service consumers and providers, ensuring that cloud-based applications are accessed securely. In the SASE framework, CASB provides visibility, control, and protection for cloud services, centralizing security policies and ensuring secure access to SaaS applications.

  • How does SASE ensure consistent security policies across on-premise and remote environments?

    -SASE provides consistent security policies by integrating Zero Trust Network Access, SD-WAN, and CASB into a unified management plane. Whether users are on-network or off-network, the same security policies are applied without gaps, ensuring seamless protection regardless of the user’s location.

Outlines

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant

Mindmap

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant

Keywords

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant

Highlights

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant

Transcripts

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant
Rate This

5.0 / 5 (0 votes)

Étiquettes Connexes
SASESD-WANZero TrustCloud SecurityRemote WorkCybersecurityNetwork ServicesVPN AlternativesCASBSecure Web Gateway
Besoin d'un résumé en anglais ?