In terms of separating the two, SASE describes an architectural framework that consolidates networking – typically SD-WAN – and the security stack – typically cloud access security broker (CASB), secure web gateway (SWG) and zero trust network access (ZTNA) – delivered as a unified cloud-based service. SSE describes the security-as-aservice portion of this framework, leaving out the networking-as-aservice part, explained Mor Ahuvia, product marketing manager for cybersecurity provider Checkpoint. “This new acronym reflects the observation that while organizations are looking to consolidate and simplify their network security for remote and hybrid workers, some prefer a best-of-breed dual-vendor approach with separate solutions for networking-as-service and security-as-a-service,” Ahuvia continued. In other words, some have described SSE as effectively SASE without the SD-WAN, or the “access” element. The market and marketing have become quite crowded and confusing because contestants have entered the SASE space from a range of sectors including enterprise networking, enterprise security, cloud security, endpoint security, content delivery, wide area network (WAN) management and acceleration, telecom and managed services. Indeed, SASE entails a lot of moving parts, representing the convergence of software-defined network and network access, identity service brokering and several formerly disparate security functions into one cloud-delivered framework. “The future vision of all SASE architecture is to deliver the joined networking and security functionality in an as-a-service model,” explained Yuval Yatskan, senior director of solutions and product marketing for SASE at Cisco. “Because SASE architecture combines both networking and security functionality, a full SASE approach requires a coordinated and cohesive approach across both network security and networking teams,” Yatskan continued. All the while, many larger organizations still operate with independent networking and security teams, and still prefer this consumption model. Many also still prefer a best-of-breed, dual- or multi-vendor approach with separate solutions for networking-asservice and security-as-a-service. Due to the sheer complexity of SASE, as well as the potential distance between investment cycles within networking and security departments, many enterprises simply may find it more practical to implement SASE in stages, argued CyberRisk Alliance analysts. So perhaps it’s not surprising that it is taking some time for SASE offerings and adoption to mature. Despite the hype, for instance, there are very few vendors currently offering a fully unified and comprehensive SASE solution. There’s also the COVID 19 factor. Lockdowns meant corporate resources had to be extended out to kitchen tables and coffee shop WiFi; cloud services adoption rapidly accelerated. Gartner’s shiny new SASE framework was right there on the edge, seemingly created for the circumstances. The prospect of a cloud-delivered combination of network (access) and security that could reach to and beyond the edge of networks suddenly became very enticing. And with the shift to remote and hybrid working, one could argue that security was a more immediate and widespread problem than access. Even when access was only adequate or barely serviceable, at least the last mile connection already was in place for most knowledge workers. Security measures, on the other hand, largely were not; and the threats to sprawling networks were real and sometimes expensive to resolve. If already deployed, what are the biggest benefits of a SASE deployment? Time savings in management and maintenance 37% Cost savings 37% Increased agility 33% Increased security posture based on unified networking and security architecture 30% Increased compatibility with cloud migration plans 24% N/A; SASE is not currently deployed 19% Other 1% Source: Aryaka 2022 Global State of the WAN 43 REMOTE WORK SOLUTIONS rwsmagazine.com Security on the Cutting Edge Source: Cisco
RkJQdWJsaXNoZXIy NTg4Njc=