Secure Access Service Edge (SASE)
Simple, secure and flexible access to everything from anywhere.
Latency optimised, policy based routing with security built in.
What is SASE?
Secure Access Service Edge (SASE) converges the functions of network and security point solutions into a unified, global cloud-native service.
It is an architectural transformation of enterprise networking and security that enables IT to provide a holistic, agile and adaptable service to the digital business. What makes SASE unique is its transformational impact across multiple IT domains.
Solving emerging business challenges with point solutions leads to technical silos that are complex and costly to own and manage. Complexity slows down IT and its response to these business needs. SASE changes this paradigm through a new networking and security platform that is identity-driven, cloud-native, globally distributed, and securely connects all edges (WAN, cloud, mobile, and IoT).
SASE is the convergence of networking and security that optimises access performance, reduces operational complexity, and enhances security posture on a global scale. To meet these criteria, a true SASE solution must be built on a cloud-native and cloud-based architecture; distributed globally across many Points of Presence (PoPs); and support all edges (locations, users, clouds, and applications).
With SASE, enterprises can reduce the time to develop new products, deliver them to the market, and respond to changes in business conditions or the competitive landscape.
The Challenge
Point Solutions for Networking and Security are too Complex to Manage and Costly to Own
Current networking and security solutions are incompatible with the cloud-centric and mobile-first digital business. The network is rigid and static, and security is heavily fragmented across multiple domains. Together, networking and security are slowing down the business instead of enabling innovation and agility.
The Solution
Cloud-native Convergence of Networking and Security enables Simplicity, Agility, and Lower Costs
FortressAS, in partnership with Cato, is delivering the world’s first SASE platform, (and has been recognised by Gartner as a “Sample Vendor” in the SASE category of the “Hype Cycle for Enterprise Networking, 2019”) through a globally distributed cloud service that provides enterprise network and security capabilities to all edges.
The Benefits of SASE
Secure service access edge (SASE) seems to be the hottest buzzword in networking and security today. Gartner has gone as far as giving SASE a benefit rating of “Transformational”, a label even SD-WAN, a hot buzzword in its own right just a few years ago, never achieved.
So, what’s driving the hype? The ability of SASE to deliver true convergence, cost-effectiveness, and simplicity without compromising performance or security. Simply put, as enterprises like BioIVT have already learned, SASE can deliver benefits traditional point solutions simply can’t match. What exactly are those SASE benefits? Let’s take a look…
Understanding point solutions vs SASE
To appreciate SASE benefits, it is important to understand the difference between true SASE solutions and traditional point solutions.
- Point solutions: Address a specific set of network or security requirements using a cloud platform, physical appliance, or virtual appliance. Examples of point solutions include: SD-WAN, NGFW, and VPN.
- SASE: Addresses network and security requirements holistically using a globally distributed cloud-based platform. The requirements that once required a patchwork of solutions to meet are now addressed with a single converged solution.
SASE Benefit #1: Holistic security
Legacy remote access appliances often fail to deliver security functions such as IPS, NGFW, and SWG. Enterprises often end up deploying additional security point solutions to fill the gap, but that approach still doesn’t lead to truly holistic security and visibility. For example, point solutions are inherently optimised for securing a single location, making mobile and BYOD a challenge. Similarly, many cloud platforms require separate security solutions that reduce network visibility.
SASE solves this problem by building security features such as URL filtering, anti-malware, IPS, and firewalling into the underlying network infrastructure. This means all edges, from sites to mobile to the cloud, receive the same level of protection.
SASE Benefit #2: Reduced costs
Sourcing, provisioning, monitoring, and maintaining a variety of point solutions across an enterprise network drives up both capex and opex. With SASE, enterprises can do away with a patchwork of physical and virtual appliances and instead leverage one cloud-native solution. This eliminates not only the cost of the appliances, but reduces network complexity by abstracting away upgrades, patches, and network maintenance.
SASE Benefit #3: Hyper scalability
SASE can do for WAN infrastructure what platforms like AWS, Azure, and Digital Ocean did for application delivery: enable hyper scalability and elasticity. Spinning up or down sites with traditional point solutions is time consuming and often requires a lot of hands-on IT work. A cloud-native multitenant SASE solution minimises the manual labor and streamlines provisioning times. In many cases, sites that may have taken weeks to spin up with traditional point solutions may take minutes or hours with SASE. Additionally, spinning down sites is less costly and time consuming given the absence of physical hardware and wasted software licenses.
SASE Benefit #4: Simplified management
One of the main SASE benefits is that, unlike point solutions, cost and complexity do not grow at the same rate as the network.
Case-in-point: managing SD-WAN, SWG, NGFW, and VPN appliances across multiple locations within an enterprise network requires significantly more IT labor than a single location. However, with SASE management complexity doesn’t grow in lockstep with the network because a single cloud-based management application can provide control of the entire service, and IT doesn’t need to worry about maintenance tasks like patching or hardware replacements.
SASE Benefit #5: True network and security convergence
We saved the best of the SASE benefits for last. Fundamentally, the benefit of SASE is that it solves the problem of securing and connecting the enterprise WAN in a simple, performant, and holistic way. SASE can do this because the network and security functions are all converged into a single multitenant cloud platform. For example, looking at the Cato SASE platform, enterprises gain the following in a single easy to manage solution:
- Global private backbone. Cato Networks operates the largest independent global private backbone in the world. The backbone has a 99.999% uptime SLA, over 50 points of presence (PoPs) interconnected by multiple Tier-1 ISPs, and NoC and SoC teams supporting it 24x7x365.
- Robust SD-WAN functionality. SD-WAN isn’t SASE, but it is an important part of a broader SASE solution. Features such as active-active failover and WAN optimisations help increase network resilience and improve performance.
- Full network security stack. Functionality like SWG, NGFW, IPS, and next-generation anti-malware are part of Cato’s purpose-built network architecture. The cloud-native model enables enterprises to protect all edges and achieve true network visibility.
Final thoughts: Why purpose-built SASE is important
As with any hot buzzword, many vendors will use the term SASE on any solution that delivers some SASE benefits. However, SASE is the complete set of features achieved by multiple point solutions, a single converged platform.
This convergence and ease of use is key.
The Cato SASE platform, the world’s first true SASE platform, was purpose-built to meet the challenges of the modern digital business, and solve problems point solutions cannot. That’s why Gartner recognised Cato as a “sample vendor” in the SASE category in last year’s Hype Cycle for Enterprise Networking.
If you’d like to learn more about SASE, please get in contact today.
See a demo or trial the solution.
Office
City Reach
5 Greenwich View
London
E14 9NN
Conversation
[email protected]
+44 20 3858 0099