The 2024 guide to SASE

Recently, there has been a dramatic increase in the amount of people working remotely – this has led businesses to rely even more on cloud-based applications. This has caused  businesses to become desperate for more systems providing security for their Network – and in order to be fully efficient, these systems need to have synergy.

There has always been a crossover between WAN, security, and networking, but now more than ever you will find service providers offering security options – such as malware and virus protection and IPS – when they previously only offered networking solutions, and vice versa.

In order to meet the ever-changing demands of their customers, providers of networking solutions must fully understand how important security features are becoming – and businesses need to realise how networking and network security are vital in how they can support each other. That’s where SASE comes in.

What does SASE stand for?

SASE – which is short for ‘Secure Access Service Edge’ – refers to the combination of two different concepts which have come together. These concepts are that of network as a service, and network security as a service.

 

SASE consists of these concepts in one package, and they each consist of various different features. Carriers, CDN, SD WAN, and WAN optimisation, are all different aspects of network as a service. Security as a service has features such as WEB security, secure web gateway, and firewall protection. You may have heard of many of these concepts before, even if the phrase ‘SASE’ is unfamiliar.

 

It’s only recently that businesses have started using ‘SASE’ as a phrase to describe a package, even though for a while now many have been offering security options together with networking solutions like SD WAN. SD WAN superseded MPLS connections for many businesses – and it looks like SASE might be the next step.

 

Offering an SASE package deal is becoming increasingly commonplace for many providers, and as this continues, SASE will become even more compatible in terms of different platforms.

SASE – why the sudden interest?

There are various factors that have contributed towards businesses seeing security and networking as two things which must have synergy – here are a couple of these reasons:

More people working remotely

As we mentioned earlier, nowadays, more and more people are working remotely – be that from home, or elsewhere. If it weren’t for the internet, remote working wouldn’t have been nearly as successful. The issue is, the more people who work from home, the more traffic not passing through a business’ HQ, or datacentre. This data is therefore not protected by the in-house security.

 

Workers who are using apps within the network have have the exact traffic they need sent straight to them, through the use of the split-tunneling feature used by most business VPNs. Any workers using apps which are outside of the firewall cannot be protected by the VPN.

Increased usage of datacentre apps

The majority of a business network’s traffic is routed through the HQ or datacentre using the primary network circuit. There are backup circuits, but these aren’t used frequently. Only around 20% of the primary circuit’s data goes out to the internet – the remaining 80% simply stays within the network.

 

Usually, the less frequently used backup circuit will be hooked up to the internet as a safety net if the MPLS system ever fails. This resulted in the majority of a business’ apps not having a direct connection to the internet.

The widespread use of SD WAN

A large number of businesses adopted SD WAN, as a work around for this. SD WAN allowed the network circuit to have a direct connection to the internet. This improved the performance of the network, as the traffic for many cloud based apps could be sent straight across the web.

 

All of a business’ traffic used by the datacentre applications could continue using the MPLS system, but the bandwidth could be reduced, as there would be less of this variety of traffic.

 

SD WAN necessitates a good security system in order to protect a business’ data and traffic as it is sent across the internet.

Gaps in network security

As you can see, a lot of the changes in the world of business networking has led to there being gaps in security, as a lot of traffic is simply not being protected by the in-house measures of the HQ or datacentre. SASE helps patch these security holes, as it often includes a cloud-based firewall as well as web security with its Secure Internet Gateway. This should bring peace of mind to many different businesses!

What’s next for SASE?

Imagine the following scenario: after waking up, you need to check your emails. You go to grab your laptop, but it’s not there – so you go and check in your car. On your way, you discover that you forgot to lock the front door last night! These incidents as isolated events may not mean anything, but taking them in together gives you the context to worry that you’ve been burgled.

 

Currently, SASE can give you alerts and notifications for isolated incidents – which can get to be overwhelming and irritating for workers on the network. SASE with integrated security can help to present correlations of incidents, which can provide the necessary context without a huge number of alerts.

 

With integrated security, a network system using SASE would be able to pick up on security threats such as phishing scams in emails, and respond to the threat automatically – in this case the solution would be something along the lines of blocking the email address and traffic coming from the domain of the sender, as well as stopping your network browser’s traffic from being able to access said domain.

Thanks to SASE, with developments in integrated security, it’s safe to say the future is looking bright for the world of business networking.

You Might Also Like