Gartner introduced the term SASE in September 2019 and since then, it’s been the lightbulb that network and security moths have been fluttering excitedly around.
Put simply, Secure Access Service Edge (SASE: pronounced ‘sassy’) is about delivering network and security in a joined up way, in the places where it can do the most good.
Let me tell you more:
Looking at that acronym in a little more detail, Secure Access is pretty clear. It’s about making sure that the route your users take to get to their information is as quickly and securely as possible.
The speed is achieved by using SD-WAN to optimise the route the information takes from the user to the nearest SASE location. SD-WAN is a critical component of a SASE solution and underpins the end-to-end connectivity between the user and the application.
Securing the information, can be done in a number of ways such as encrypting it, scanning it for anything malicious or checking it’s not going anywhere it shouldn’t. Those functions are all represented in an end-to-end SASE solution.
The second part of the acronym is the Service Edge and this is where it gets a bit more open to interpretation.
The simple word ‘edge’ has become one of the most used in the communications industry. Multi-access Edge Computing (MEC), for example, brings cloud-like computing capabilities much closer to the users. The ‘edge’ that’s being referred to in this case could be anywhere from the customer site itself, all the way back to a regional gateway.
Take a look at the picture below:
You can see here that the ‘edge’ can mean many different things to different people. From my perspective, when I think about SASE, the logical place for the edge is the nearest high capacity network site, closest to the user. This is where we host our Provider Edge (PE) routers that act as the distribution layer of the network.
Putting the security enforcement at the network edge provides the ‘Goldilocks’ balance between cost and performance.
We could move closer to the users, but then the costs would rise exponentially due to the increased number of sites where we would need the SASE services; conversely we could retreat to the cloud, but then the performance can drop off alarmingly as users are forced through more network hops before having their traffic inspected.
Service providers are uniquely placed to meet this need. As owners and architects of the biggest public and private networks, we have access to thousands of Points of Presence (PoPs) around the world.
Importantly, these aren’t just Internet PoPs; they’re also serving private networks and mobile users simultaneously.
We have a deep understanding of how the traffic is moving across the network; what impact different changes will have and where we can achieve the optimal balance of performance and cost. This gives us the flexibility to choose the perfect locations for a SASE deployment that suits private networks, Internet users and mobile endpoints alike.
Users and their applications are much more dispersed than they used to be and the network is the supersonic plane that joins them together.
At the risk of stretching that analogy to breaking point, SASE represents the equivalent of the airport security, protecting the exchange of information.
The performance benefits of edge security are critical in delivering a non-intrusive user experience.
Imagine the frustration of someone who is told that their company is upgrading to a shiny new network and security solution, only to find they spend more time waiting for their IT than before.
They might also see a drop off in the quality of conference calls or video calls with no explanation. These are some of the side effects of a badly designed and integrated SASE platform – one that forces traffic to take an unnecessarily circuitous route, or enforces consecutive security inspections, one after the other.
The counter point to this is the experience they will benefit from if it’s well designed.
There is no more random enforcement of security policy and a greatly reduced risk of using cloud workloads. For remote workers, there is also a huge benefit as there’s no more hair-pinning of traffic to the data centre and back. This means a completely predictable experience, one that is secured to the same degree no matter where the user is, and the chance to enjoy the full range of benefits that cloud computing can bring to bear.
In summary, there’s a strong link between the effectiveness of a SASE solution and the access network. This link should be used to deliver the value and performance that today’s businesses need. SASE represents an unprecedented convergence of network and security that should be mirrored by the delivery model.
Learn more about SASE and what it can do for your business.
Explore the possibilities a Gigabit Society can bring to your business. Receive a monthly digest straight to your inbox.
Around the globe, our network reaches 184 countries.
We provide the underlying transport network, the virtual overlay, and the platform to prioritise everything.
