What Is SASE And What Problems Does It Address?

IT Trends | Podcast
07/01/2022

Navigating the 4th Industrial Revolution with SASE for Modern Enterprises

The 4th Industrial Revolution continues to fundamentally transform industries and reshape the way enterprises conduct business across an increasingly distributed, global landscape. In this environment, emerging technologies promise to drive greater efficiency and growth, fusing digital and analog worlds together in new ways. While none of us can say with any certainty what this future world will look like, we can be certain of this much: the ability to access and secure data and applications in real-time will be foundational to realizing its ultimate promise.

Of course, our current world has changed dramatically since the COVID-19 pandemic forced businesses to accommodate millions of remote workers. Whereas legacy IT models were predicated on centralized office locations and secured data centers, the pandemic accelerated the trend of increasingly distributed workforces and necessitated a greater push to make applications, data and other privileged network resources available in a decentralized fashion. Unfortunately, current infrastructure and architectures are wildly insufficient for supporting the real-time access and security demands of next-generation applications and technologies.

And while it’s true that this new way of work offers greater flexibility, new operating efficiencies, lower costs, and a host of other benefits, it comes at a cost. Since legacy infrastructure was never designed to support a decentralized and distributed workforce, there are a variety of performance and security challenges to consider: lagging application performance, network latency, weak data security controls, and perhaps most distressing of all, an unrelenting and constantly evolving threat environment.

A New Architectural Vision: SASE

In 2019, the terminology of Secure Access Service Edge (SASE) started spreading across many industry circles, outlining a new architectural framework designed to meet the challenges of the modern distributed enterprise. As enterprises increasingly adopt SD-WAN to optimize network performance, and new threats emerge outside the defined security perimeter, the complexity of managing these systems in a cohesive manner creates a whole set of new IT management and security challenges.

The SASE framework represents the convergence of several established technologies which aim to merge comprehensive SD-WAN capabilities and network security functions into a unified approach – one that will ultimately be better suited to addressing the needs of tomorrow’s enterprise data workloads and applications. While SASE is more of a philosophy and a direction than a checklist of features and capabilities, it may generally be characterized as comprised of five key networking and security technologies:

  • SD-WAN
  • Firewall as a Service (FWaaS)
  • Cloud Access Security Broker (CASB)
  • Secure Web Gateway, and
  • Zero Trust Network Access (ZTNA)

In this new paradigm, there is an expectation that the applications and the data that workers require to stay productive remain always available, optimized for performance needs, and protected regardless of wherever they might be connecting from.

In essence, the idea of SASE is to offer secure network services anywhere a user might connect from. And this converged solution should ideally optimize and extend the performance of applications that are spread across individual users, premises, edge, and public/private cloud environments.

The Problems That SASE Addresses

Even as the pandemic has subsided, an increasing number of enterprises are considering permanent shifts or hybrid approaches for some portion of their employees to remote work. The typical medium-sized enterprise uses dozens of SaaS applications on a daily basis and also requires access to other administrative and operational resources, such as internal file sharing systems. The conventional approach was to have users tunnel into a single location via their VPN where entitlements and policies could be centrally applied and enforced.

However, as many enterprise CIOs have come to learn, this approach also represents a network choke point that degrades the user experience and requires the organization to invest in larger and more costly inspection devices to manage and inspect the traffic. Secure Web Gateways and next generation Firewall as a Service vendors have emerged to address this gap by distributing these inspection engines to regional PoP locations and partnering with SaaS vendors to apply security in the cloud environment – or what we call Cloud Access Service Brokers (CASB).

But what If the user needs to connect back into the corporate network? How can you leverage the advantages of SD-WAN while still having a single security policy when users return to their homes or elsewhere?

SASE was designed with the end user in mind and begins with the idea of zero trust. So long as the user can verify their identification and the connecting device then it doesn’t matter where the user is physically located. In this type of environment, a trusted user can only connect to the specific resources they’re trying to access and nothing else, which is often enabled by an software-defined perimeter (SDP).

Unlike traditional VPN solutions which centralize all of these inspection points, a SASE approach distributes all of these checkpoints across various regions, improving the efficiency of network resources and reducing the latency found in a conventional ‘hub and spoke’ model.

Ultimately this helps address the complexity of managing these components as separate point solutions that each require their own sets of tools to master. SASE offers a common and centralized cloud-based toolset that improves visibility and control across these systems, which can then be managed and orchestrated in the cloud with policy-setting distributed at the network edge.

The Benefits That SASE Can Deliver

For organizations with distributed users and applications, this convergence of critical IT capabilities offers enterprises significant benefits, including the ability to:

  • Optimize & Scale Performance: maximize business productivity by optimizing network and application performance wherever users are based while enhancing access and response times to cloud-based applications
  • Accelerate Security Deployment & Incident Response: implement identity-based security policies, introduce security controls from the cloud, and improve incident response times by leveraging threat intelligence aggregated across all cybersecurity solutions
  • Simplify Visibility & Control: view and holistically manage consolidated networking and security services from both a single “pane of glass” as well as from a single operator
  • Improve Opex Efficiency: operate more efficiently by automating networking functions, modernizing branch technology, and using virtualized network functions in a more flexible OpEx model.

While the expanding edge of the enterprise network creates opportunities for innovation, it also creates new vectors for cybersecurity threats and introduces complexities that challenge the basic IT function of providing secure and reliable access to protected resources. With SASE, virtually every process can be streamlined and securely applied — allowing you to do more with fewer resources. This integrated architectural approach is what will enable enterprises to confidently adopt immersive digital experiences across distributed environments.

In the next post in our SASE series, we’ll examine some of the most common use cases that are ideally suited to a SASE approach.

This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. Lumen does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. All third-party company and product or service names referenced in this article are for identification purposes only and do not imply endorsement or affiliation with Lumen. This document represents Lumen’s products and offerings as of the date of issue. Services not available everywhere. Business customers only. Lumen may change or cancel products and services or substitute similar products and services at its sole discretion without notice. ©2021 Lumen Technologies. All Rights Reserved.

Jon Paul "JP" McLeary

Autor:
Jon Paul McLeary
Jon Paul “JP” McLeary is a brand messaging leader for Lumen, responsible for developing the strategic messaging that supports Lumen’s purpose, vision and mission across various parts of the company. JP has previously managed cross-regional field marketing teams as well as media relations strategy, including crisis communications. JP received his MA in Communications from San Diego State University along with an undergraduate degree from Point Loma Nazarene University.

Share

Recent Posts

2024 governed by AI: Will the infrastructure move forward consolidation in 2025?

by | Dec 9, 2024 | IT Trends,IT Trends | 0 Comments

2024 governed by AI: Will the infrastructure move forward consolidation in 2025?     2024 will be remembered as the year of the telecommunications revolution....

Business Phone Service for organizations today

by | Dec 2, 2024 | UC&C | 0 Comments

Business Phone Service for organizations today   Cloud systems are a great option for business telephone service due to their Voice over Internet Protocol (VoIP)...

Sustainable digital infrastructure: Engine for innovation, competitiveness, and energy savings

by | Nov 19, 2024 | Data Center & Hybrid Cloud | 0 Comments

Sustainable digital infrastructure: Engine for innovation, competitiveness, and energy savings   How can companies shrink the environmental impact caused by the...

en el sector retail

The meeting rooms of the future

by | Oct 31, 2024 | UC&C | 0 Comments

Creating Collaborative, Future-Ready Meeting Spaces   Today’s technology is already enabling collaborative, immersive and highly productive meetings, offering a...

Data Centers, Free Energy Market, and ESG

by | Oct 3, 2024 | IT Trends | 0 Comments

Data Centers, Free Energy Market, and ESG New emerging technologies and services such as Artificial Intelligence and the crypto market, among others, are accelerating...

Happy CX Day 2024!

by | Oct 1, 2024 | IT Trends | 0 Comments

Happy CX Day 2024!    At Cirion, every interaction counts, and your trust is the engine that drives us to continue growing and innovating. From the beginning, we...

CDN, Emotion, and Security

by | Sep 25, 2024 | IT Trends | 0 Comments

CDN, Emotion, and Security   Nowadays, if you’re able to follow sports events, concerts, and games in real time and with high quality sound and image – and feel...

Data Center Certifications and Compliances strengthen quality of service

by | Sep 23, 2024 | IT Trends | 0 Comments

Data Center Certifications and Compliances strengthen quality of service and contribute to market competitiveness   With 18 Data Centers in Latin America, Cirion’s...

What specific tasks can AI automate?

by | Sep 16, 2024 | UC&C | 0 Comments

Transforming Productivity: Key Tasks AI Can Automate for Businesses What specific tasks can AI automate?   Generative AI has not just changed all professions, it's...

Data Center

AI and corporate digital transformation

by | Aug 22, 2024 | IT Trends | 0 Comments

Overcoming Early-Stage AI Challenges: Insights and Solutions for Businesses Artificial Intelligence early stage: Artificial Intelligence (AI) is emerging as one of the...