Virtual shields over the globe showing use of SASE for Zero Trust

The SASE Revolution: When Network and Security Converge at Edge

Today, we are witnessing a significant shift in organisations’ technology priorities as digital transformation continues to take a quantum leap with a greater portion of business processes, applications and data, now moving to the cloud.

Despite COVID-19’s financial impact, IT leaders are planning to increase investment in cloud-based networking to meet these new organisational demands. But to achieve the full promise of cloud and digital transformation, enterprises must transform not just their networking but also security architectures. An emerging approach known as Secure Access Service Edge (SASE) is moving organisations in this new direction, wherein networking and security functions are becoming increasingly integrated.

The term, which first appeared in Gartner’s “The Future of Network Security in the Cloud” report, promises to support the dynamic secure access needs of modern, digital enterprises. This has quickly spurred industry interest with Gartner also forecasting that at least 40 percent of enterprises “will have explicit strategies to adopt SASE” by 2024, up from less than one percent in 2018.

Leveraging SD-WAN towards SASE adoption

It is worth noting that while SASE is not a particular technology on its own, it offers organisations the capability to bring together security and networking functions into a single, cloud-based service model. A SASE-enabled architecture identifies unique users, applications and devices, applies policy-based security, and delivers secure access no matter where they are located.

Just as how software-defined networking (SD-WAN) is transforming the network infrastructure with uninterrupted connectivity and simplified workflows, SASE takes this a step further by placing cloud-native security controls at the network edge – closer to the end users and where the data are being generated. This means that SASE also eliminates the need to divert network traffic towards centralised data centres, as more and more applications now live in “centres of data”. By leveraging SD-WAN, organisations can:

  • Steer applications intelligently
  • Transform security model at their own pace
  • Apply consistent, network-wide security policies
  • Prevent application security and performance trade-offs
  • Improve application response time
  • Save valuable WAN bandwidth

The expanding technology alliances where SD-WAN orchestration capabilities are converged with best-of-breed cloud security solutions, will further drive the SASE market which is expected to grow at a compound annual growth rate of 116 percent, attaining a global market value of US$5.1 billion by 2024.

SASE will boost Zero Trust

SASE is not to be confused with Zero Trust, which is another term that is being widely used in the network security world. Rather, SASE must be seen as an approach ideally suited to implementing Zero Trust security at the edge.

In the Zero Trust framework, all access requests must be authenticated, authorised and encrypted, whether the connection is made inside or outside the traditional security perimeter. Zero Trust security ensures that the same controls applied to campus or branch networks, also extend to the home or remote users, as well as IoT devices.

However, perimeter-centric network security of the past was not designed for today’s mobile workforce or emerging IoT devices. The consolidated nature of SASE is capable of performing an extremely granular and consistent access control level. This gives security teams single control point with end-to-end visibility and enforcement to accommodate an ever-changing, diverse set of users and devices across the entire network or at any environment.

For this reason, Zero Trust will become a critical component of SASE’s integrated security stack with this decentralisation of enterprise security perimeter.

A SASE-empowered business in the hybrid work era

It is no surprise that SASE is proving to be both appealing and certainly relevant at a time when traditional work models are being reimagined, and pivoting towards hybrid workplaces. CIOs and IT leaders are being tasked to design a cloud-first and future-ready security architecture, and SASE serves as the starting point about how networking and security will seamlessly work together against emerging and persistent threats targeting previously “trusted” parts of the network infrastructure.

As applications and data are rapidly moving to the cloud, security controls must follow. This agile and flexible approach to an ever-evolving network security will become even more important in a competitive business landscape.