Secure access service edge (SASE) integrates wide area network (WAN) capabilities with network security functions like secure web gateways, next-generation firewalls and cloud access security brokers to deliver secure connectivity. But IT leaders are beginning to identify the technology as something that should be applied across the network architecture for secure, flexible delivery of all functions.
Some experts point out shortsightedness when it comes to applying SASE only for cyber security reasons. They say it is unnecessarily and overly focused on security functions when its principles could be effectively applied to all functions. In addition, the approach is exclusively applied to intelligent WANs when it could include the full range of networks. It misses segments like the private data center, wired and wireless local area network (LAN), cloud, and deployment at the metropolitan edge.
There’s potential for SASE to be applied across the network architecture because SASE is delivered through software as a service (SaaS). This allows cyber security tools to be located inside a private edge, at a metro edge, or in the cloud. The decision where to physically locate services depends on the location of end users and their specific performance requirements. As a result, security services are delivered in a fully abstracted approach.
There are other non-security network services that would be better delivered through a similar model, and this approach could improve application performance. The network architecture benefits of SASE lie in its service edge, not the security aspect of the delivery.
SASE could also allow the streamlining of network transport as it moves to and from services. The overall removal of silos between users, data, and applications has stretched the limits of traditional routing, requiring network teams to become more creative and complex in their routing policies in order to efficiently prioritize critical traffic and avoid latency and congestion.
The overall philosophy around SASE is putting network services in locations where the data flows reach optimal efficiency. It is similar in concept to the way that cloud providers route their clients to the closest data center using geolocation, but a business would route traffic to an application that is outside the private data center or metro edge, depending on their location and the level of performance required. Any network able to determine performance requirements for a particular service plus its location could also route traffic to the edge that delivers the optimal experience.
Managed services providers are recognizing this same potential for network architecture, with some relinquishing the term SASE for a broader description of network edge services to describe a combination of SASE with software-defined wide area networking (SD-WAN) and additional network functions, packaged together in a single platform. The integrated offerings produce a solution that is far beyond just a cyber security tool.
IT teams can expect that the technology of SASE will continue to expand, but the term is likely to fade from use as companies begin embracing the concept of a flexible edge. In this architecture, the network would determine pathways based on application or device and route traffic to the service edge that offers the required performance levels.Is it time for your company to pursue a network architecture upgrade? For an integrated plan that takes into account your needs and leverages the best and latest technology to help you optimize network performance and cost-efficiency, contact us at Access Tech.