However, SD-WAN primarily focuses on covering wide-area connectivity with limited security functionality built on a box that fails to deliver the security aspects of Edge at the micro-level, diving deep into users, devices, and applications. This is where the concept of SASE kicks in.
Introduction to SASE
Traditionally, organizations bound security to premises with perimeter firewalls, which is no longer relevant after introducing VM & distributed workforce. A granular level of protection attached to workloads with intrinsic security at every layer of infrastructure induces the need for unified networking and security as the envisioned design approach.
Endpoint & last mile security and easy accessibility to the cloud are imperative to today’s distributed/disjointed workforce. One can define SASE, i.e., Secure Access Service Edge, as the convergence of WAN and security, consumed as a cloud service model. With the SASE approach, a secured experience for every user on-prem, cloud, branch/ DC, or remote is possible with direct onramp connectivity to the cloud.
The local secured internet breakout for users to access SaaS applications/generic internet services is possible with the SASE framework, which would otherwise require complex firewall HW implementation at all sites.
SASE and the SD-WAN overlay model cater to a complete end-to-end portfolio of services, including virtual WAN link connectivity, secure internet access, cloud web security, and ZTNA (Zero trust network access).
One can enable security features on service edges called PoP-over-cloud or proximity to public cloud gateways. This approach helps overcome multiple VPN mesh inter-connectivity, adding cost and network complexity. The overlay model is carrier-neutral and supports any underlying infrastructure like ethernet, MPLS, LTE, and internet.
The SASE Pitch
A potential SASE solution pitch could be any of the following:
- A distributed workforce across cloud, on-premises, and edge
- ZTNA for securing remote users, devices, and workloads
- Simplified network and secured connectivity across geographical areas
Kudos to all SASE players like VMware, Palo Alto Networks, Fortinet, Cisco, and Zscaler, for anticipating the need for top-notch security and extending their offerings during the COVID pandemic when most of the resources worked remotely. They have played a significant role in driving the business growth with minimum security breaches ensuring a hassle-free, safe environment.
Network security features cannot be compromised and will continue to be the driving force to protect the overall infra, edges, and workloads.
Convergence of networks & security becomes an integral scope for end-to-end secured connectivity. SASE enhances the security capabilities manifold, ensuring a safe and protective edge. Solutions going forward must be centered around SASE to stay relevant in today’s growing distributive set-ups. If SDN is the new norm, SASE is the future. I can’t possibly think of any potential disrupters for SASE today, so I will wait and watch to see what the future unfolds after SASE.