SASE - What is it and why is it growing so quickly?
Secure Access Service Edge, or SASE (pronounced “sassy”) was coined by the research firm Gartner in 2019 to describe a set of solutions to better protect the modern workforce. User traffic patterns shifted from occasional internet usage to being reliant on it for connectivity to the cloud and Software as a Service (SaaS) applications like Microsoft Office 365, Salesforce, Slack, and more.
SASE is a combination of previously separate solutions to provide efficiency and security for modern users, like Software Defined WAN (SD-WAN) to intelligently route traffic and multiple security solutions like Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), and more.
Although initial adoption was slow, the onset of the global pandemic in early 2020 dramatically accelerated the need for SASE. Organizations were forced to rapidly adapt to distributed workforces, making flexible, scalable security frameworks like SASE essential.
In this blog post, we’ll walk you through Zenarmor SASE 2.0, a next-generation implementation of SASE that takes the concept further by eliminating cloud backhauling, supporting distributed inspection, and offering a true plug-and-secure experience anywhere, anytime.
Early SASE Solution Providers
As security and connectivity challenges arose in this “new normal”, SASE solution providers helped address the issues that companies and users faced.
As user traffic shifted to the cloud and SaaS, SASE providers provided cloud-based Points of Presence (POPs) to steer user traffic, inspect it, and connect users to their cloud applications.
This allowed SASE providers to provide additional security for remote users and replace older VPN-based solutions, but they also introduced some new challenges and brought new limitations.
With many of the leading SASE solution providers focused on cloud-based connectivity through their own Points of Presence, customers had to send all of their traffic through their SASE provider’s cloud for inspection and routing. This introduced additional latency, added asynchronous (suboptimal) routing paths, and left organizations with limited visibility and control over where their data was being routed.
Redefining SASE with Plug and Secure Anywhere: Zenarmor SASE 2.0
Zenarmor SASE 2.0 represents the next evolution of Secure Access Service Edge, reimagined for a hyper-distributed world. With our Plug and Secure Anywhere approach, Zenarmor brings security and control directly to where your users and devices are, eliminating the need for backhauling traffic through centralized cloud infrastructure. This architecture delivers ultra-low latency, effortless deployment, and complete visibility into your traffic.
Protecting your environment has never been simpler or more effective. Let’s take a closer look at each of the core components of Zenarmor SASE 2.0:
ZTNA
Zero Trust Network Access (ZTNA) means that we trust nothing by default. Users and their application access requests must be authenticated and connections are encrypted. With granular access control, your users access only what they need and nothing more. Additionally, potential attackers can’t perform any lateral movement on the network since they won’t be authenticated nor authorized.
Zero Trust Network Access (ZTNA) means that we trust nothing by default. Users and their application access requests must be authenticated and connections are encrypted. With granular access control, your users access only what they need and nothing more. Additionally, potential attackers can’t perform any lateral movement on the network since they won’t be authenticated nor authorized.
Upgrade your security posture from legacy VPNs to a true Zero Trust based architecture in just a few clicks.
- Encrypt traffic from your users to the applications they need
- Protect all devices, including IOT and OT
- No lateral movement
- Context-aware access
TLS inspection
The majority of traffic is encrypted today which can allow a potential attacker to hide malware or phishing attempts. With real-time TLS inspection, Zenarmor SASE 2.0 can look inside encrypted traffic and find potential threats before they get to your users. Zenarmor’s innovative approach allows this TLS inspection to happen on nearly any device instead of just a centralized firewall.
- Ensure all threats can be found, regardless of encryption
- Protect against malware, phishing, and other attacks
CASB and DLP
As modern work shifted to cloud-based SaaS applications like Microsoft Office 365 and Google Workspace, many security organizations were unable to secure user traffic that was no longer going back to their data centers. Cloud Access Security Broker functionality that’s built into Zenarmor SASE 2.0 lets you secure your users, regardless of how they’re accessing applications. Data Loss Prevention, or DLP, features can block users attempting to upload company data to unsanctioned cloud storage providers.
- Protect your SaaS and cloud traffic
- Prevent unauthorized uploads of company data
SWG
Secure Web Gateways are an important line of defense for your network and Zenarmor SASE 2.0 allows you to deploy wherever you need protection: Near your users or in the cloud. With real-time TLS inspection, we can shed a light on malware and other threats that could pass through other devices since they’re hiding behind encryption. We can also filter and block zero-day threats, keeping you protected before waiting for signature updates from competing vendors.
- Filter and block malicious traffic before it gets to your network and users, even zero-day attacks
- TLS inspection for real-time detection of threats attempting to hide in encrypted traffic
Policy-based controls (web filtering, applications)
Powerful security features can often be difficult to configure. Not with Zenarmor SASE 2.0. Now you can quickly and intuitively create, configure, modify, and apply policies for your sites, departments, networks, and users in a simple, unified interface.
- Fine, granular control of allowed URLs
- Different levels of control for sites, departments, locations, and more
- Control exactly who can access what, enforce least privilege by default
Unified Management for control and visibility
Power is nothing without control. Zenarmor SASE 2.0 has powerful security features combined with a user-friendly, intuitive interface that lets you quickly configure the security policies and features you need.
Additionally, reports and visualizations provide at-a-glance insights into what’s going on within your network, giving you more visibility than ever.
SD-WAN
Software Defined WAN provides flexible, self-healing network capabilities for all of your underlying circuits. Simply define your locations and let Zenarmor provide secure, reliable routing between your global locations.
- Intelligent routing and usage of links
- Centralized management and visibility
Zenarmor SASE 2.0 - Plug and Secure Anywhere
The rise of SASE solution providers helped many organizations solve their security challenges, but unfortunately they also introduced some new problems.
Take back control of your network, your traffic, and your data while eliminating the additional latency that’s introduced by forcing your traffic to the cloud by some SASE vendors.
Quickly and easily deploy close to your users whether that’s near the edge or in the cloud. Secure all your devices, including IOT, OT, medical, and end user devices.
By protecting your users wherever they are, you’ll improve their user experience while simultaneously providing a fully-featured network security solution.
