The spread of telework has significantly changed the environment surrounding companies, and there is an increasing need to change security measures accordingly. In this context, one thing that is attracting attention is “SASE (SAS)”. In the future, the importance of SASE is expected to increase as the core of corporate security measures.
In this article, we will explain the overview and mechanism of SASE, as well as its advantages and disadvantages, its necessity, and the difference between it and zero trust.
What is SASE?
SASE is an abbreviation for “Secure Access service Edge,” and is a term that represents a cloud service that provides network functions and security functions as an integrated whole, or the idea or concept behind it. In recent years, the spread of cloud services for business purposes and teleworking has made it difficult to provide sufficient measures with traditional security. In 2019, Gartner, Inc. of the United States proposed SASE, and it has attracted attention as a new way of network security.
Differences and Relationships between SASE and Zero Trust
“Zero Trust” is a concept similar to SASE. Zero Trust is a concept that “eliminates the concept of internal and external network boundaries, and protects against threats by verifying the safety of all access to information assets that need to be protected without trusting them.”
Traditionally, internal networks were considered safe and external networks (such as the Internet) were considered dangerous, and security measures were implemented on the network boundary. However, in recent years, with the spread of cloud services and teleworking, the network boundary has become blurred, and traditional security measures are now considered insufficient.
As a result, the idea of zero trust has begun to attract attention, and SASE is being used as a concrete mechanism and service for achieving zero trust.
The Need for SASE
Security is not the only issue that arises with the expansion of cloud services and teleworking. As network and security environments become more complex, the operation and management of hardware and systems that need to be managed can become complicated, and there is also a need to efficiently process large amounts of traffic.
By integrating network functions and security functions, SASE not only enhances security but also reduces the burden by making operation and management more efficient. It also enables efficient network design to prevent delays and deterioration of communication quality, which ultimately contributes to business efficiency.
For these reasons, SASE is needed.
How does SASE work?
SASE is provided as a cloud service and can be accessed and used from a corporate network or a telework environment such as at home. It is a system that allows you to use uniform network security functions by accessing the internet, data centers, etc. through SASE from various networks.
Security functions include SWG, CASB, FWaaS, ZTNA, etc., consolidating security measures that were previously implemented separately, enabling efficient network access.
- SWG (Secure Web Gateway): Provides proxy functionality as a cloud service
- CASB (Cloud Access Security Broker): Centralized management of cloud service utilization
- FWaaS (FireWall as a Service): Providing firewall functions as a cloud service
- ZTNA (Zero Trust Network Access): Access management based on zero trust
Pros and Cons of SASE
There are many benefits to using SASE. The most representative benefits are as follows:
- Strengthening security measures
- Reduce costs
- Performance improvements
- Policy Consolidation
As explained above, security measures suited to today’s network environment can be implemented, and by centralizing operation and management as a cloud service, cost reductions and performance improvements can be expected. In addition, centralized management also makes it possible to integrate security policies.
However, because it is used as the starting point for all access, if a failure occurs in the SASE-related network, it may affect the entire business. Of course, it is rare for a system to be designed in such a way that a single point of failure can affect the entire business, but it is still a disadvantage to keep in mind.
SASE, which provides network and security functions as a cloud service, is a service and concept suited to the current environment, which is changing due to the spread of cloud services and teleworking. It is becoming difficult for companies to adequately respond to security measures with traditional perimeter security, and the need for zero trust thinking and SASE will increase.
If you would like to learn more about Zero Trust, check out the following articles:
Security measures based on the idea of zero trust
Furthermore, traditional password-only authentication methods will no longer be sufficient in the future, and measures to improve security will be essential. Hitachi Solutions Create offers authentication services to protect companies from information leaks and unauthorized access. Why not consider introducing them to use in-house systems and cloud services more safely?