SlideShare a Scribd company logo

Understanding SASE

H
Haris Chughtai

Describing the basis of SASE and clarifying the difference it has with SDWAN

Technology
1 of 7
Download to read offline
Secure Access Service Edge Haris Chughtai Mar 2021 SASE
HARIS CHUGHTAI SASE – Secure Access Service Edge  Term coined by Gartner for a converged Network & Security platform  SASE = Network + Security  Referred as Secure Network access to Cloud as well as on-prem resources to all users (fixed as well as mobile)  SASE is delivered as a service, minimizing or eliminating the need for specialized hardware or security appliances  Though SASE can be applicable to organization’s resources in Private/Public Cloud resources, Remote offices & endpoints, however mostly it is applicable to Remote Sites, Mobile & IOT devices  Key benefits brought by SASE includes agility, cost effectiveness and consistent security 1 "Instead of the security perimeter being entombed in a box at the data center edge, the perimeter is now everywhere an enterprise needs it to be — a dynamically created, policy-based secure access service edge." Gartner, D G00441737 “The Future of Network Security is in the Cloud”, 30 August 2019
HARIS CHUGHTAI SASE Driving Factors  Cloud Adaptation  Enterprise services & applications (including the one carrying sensitive data) migration to public cloud is inevitable  SaaS e.g. Office365, Salesforce etc  IaaS .e.g custom application running on VMs  Decentralized Network Resources  Traffic used to be 80/20 (80% internal + 20% internet)  Now changing to 20/80 (20% internal + 80% internet)  Mobility  Users are no more bound to their office desk  Need access to services from anywhere  Convergence  Network & Security functions are converging 2 Internet/ SaaS/ IaaS FW,SWG, CASB, ZTNA By 2023, 20% of enterprises will have adopted SWG, CASB, ZTNA and branch FWaaS capabilities from the same vendor up from less than 5% in 2019. By 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018. By 2025, at least one of the leading IaaS providers will offer a competitive suite of SASE capabilities Gartner, D G00441737 “The Future of Network Security is in the Cloud”, 30 August 2019.
 Secure Access to services for all users from anywhere  Data Loss Prevention (DLP)  Cloud Access Service Broker (CASB)  Zero Trust Network Access (ZTNA)  Secure Web Gateway (SWG)  Firewall Security (FWaaS)  Intrusion Prevention Systems (IPS)  Flexibility, reduced complexity, increased performance 3 SASE Promises HARIS CHUGHTAI
HARIS CHUGHTAI  SASE provides consistent, agile and holistic approach for a converged network enabled with security  Helps avoiding traditional components based products and services  Converged Networking & Security helps reducing number of devices and vendors that organization has to deal with thus reduces Operational Overheads & bring cost optimizations  When deployed with SDWAN, it enhances not only the security posture but also brings network efficiencies by incorporating automated traffic optimization & continuity  Improved Security by deploying a Zero Trust approach when users, devices and applications connect. A SASE solution expected to provide complete session protection, regardless of whether a user is on or off the corporate network  Reduce dependency on enterprise Data Centers with gradual application migration to public Cloud 4 SASE Advantages to Enterprises
SASE & SDWAN  SDWAN is an Access agnostic, agile WAN access (typically used for site-site connectivity to reduce expensive MPLS cost). Moreover SDWAN is mainly intended for branch sites not for Mobile users  Think of SASE as a platform to securely connect enterprise users to your Cloud as well as on-prem resources irrespective of their location  SDWAN vendors are strongly pitching their solutions as SASE which may not be entirely true  SASE expected to offers more features than plain SDWAN  SDWAN can be viewed as a SASE solution for branch sites if it can provide the expected security features 5 HARIS CHUGHTAI
Key Take Aways 6  SASE is a fairly newly evolved term, vendors are interpreting it in their own ways Firewall vendors are positioning their edge FWs as branch SASE (Security + SDWAN) SDWAN vendors adding limited security features to pitch it as SASE  Be careful in mixing SASE with SDWAN SDWAN is just a piece of broader solution SASE is expected to provide Do your due diligence in selecting your SDWAN solution as SASE  Not all Cloud firewalls offer capabilities anticipated from a SASE solution  Don’t ignore the security of Mobile users which are major part of every organization now  Avoid vendors that propose to deliver the broad set of services by linking a large number of products (e.g. many purpose built VMs)  If organization offices and users are dispersed globally, look for a SASE providers with worldwide POPs for low-latency user access [providing a distributed edge computing capabilities]  Shift security from boxes to a software based policy driven security service HARIS CHUGHTAI

Recommended

What is SASE
What is SASEWhat is SASE
What is SASE
Adi Ruppin
 
Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)
Cloudflare
 
How SASE can help you move securely from the PSN with VMware and Breeze Networks
How SASE can help you move securely from the PSN with VMware and Breeze NetworksHow SASE can help you move securely from the PSN with VMware and Breeze Networks
How SASE can help you move securely from the PSN with VMware and Breeze Networks
Articulate Marketing
 
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BASASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
bourhan88100
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
Anwesh Dixit
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?
QOS Networks
 
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfAryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
KlausSchwegler
 
Transform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanTransform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wan
DATA SECURITY SOLUTIONS
 

Recommended

What is SASE
What is SASEWhat is SASE
What is SASE
Adi Ruppin
 
Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)
Cloudflare
 
How SASE can help you move securely from the PSN with VMware and Breeze Networks
How SASE can help you move securely from the PSN with VMware and Breeze NetworksHow SASE can help you move securely from the PSN with VMware and Breeze Networks
How SASE can help you move securely from the PSN with VMware and Breeze Networks
Articulate Marketing
 
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BASASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
bourhan88100
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
Anwesh Dixit
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?
QOS Networks
 
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfAryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
KlausSchwegler
 
Transform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanTransform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wan
DATA SECURITY SOLUTIONS
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAlto
Prime Infoserv
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
Cloudflare
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021
Cloudflare
 
security-reference-architecture.pdf
security-reference-architecture.pdfsecurity-reference-architecture.pdf
security-reference-architecture.pdf
JoniGarcia9
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
 
SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN
Ashutosh Kaushik
 
Secure sd wan
Secure sd wanSecure sd wan
Secure sd wan
Dr. (Engr.) OLUGBENGA BABATUNDE(FBCS,CPMP,FCIPM,FIPMA,FIMC,CMC,MNSE)
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Aruba Networks - Overview ClearPass
Aruba Networks - Overview ClearPassAruba Networks - Overview ClearPass
Aruba Networks - Overview ClearPass
Paulo Eduardo Sibalde
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
 
DDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS ShieldDDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS Shield
Amazon Web Services
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
Aruba, a Hewlett Packard Enterprise company
 
Azure DDoS Protection Standard
Azure DDoS Protection StandardAzure DDoS Protection Standard
Azure DDoS Protection Standard
arnaudlh
 
Extending Security to EVERY Edge
Extending Security to EVERY EdgeExtending Security to EVERY Edge
Extending Security to EVERY Edge
itnewsafrica
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Vignesh Ganesan I Microsoft MVP
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
Maganathin Veeraragaloo
 
SD WAN
SD WANSD WAN
SD WAN
Bri Molina
 
Container Security Using Microsoft Defender
Container Security Using Microsoft DefenderContainer Security Using Microsoft Defender
Container Security Using Microsoft Defender
Rahul Khengare
 
Top SASE (Secure Access Service Edge) Vendors of 2024
Top SASE (Secure Access Service Edge) Vendors of 2024Top SASE (Secure Access Service Edge) Vendors of 2024
Top SASE (Secure Access Service Edge) Vendors of 2024
Konverge Technologies Pvt. Ltd.
 
SASE-for-Superheroes-The-Complete-Integration-eBook.pdf
SASE-for-Superheroes-The-Complete-Integration-eBook.pdfSASE-for-Superheroes-The-Complete-Integration-eBook.pdf
SASE-for-Superheroes-The-Complete-Integration-eBook.pdf
Anto664537
 

More Related Content

What's hot

Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
Cloudflare
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
 
SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN
Ashutosh Kaushik
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 

What's hot (20)

Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAlto
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021
 
security-reference-architecture.pdf
security-reference-architecture.pdfsecurity-reference-architecture.pdf
security-reference-architecture.pdf
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
 
SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN
 
Secure sd wan
Secure sd wanSecure sd wan
Secure sd wan
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Aruba Networks - Overview ClearPass
Aruba Networks - Overview ClearPassAruba Networks - Overview ClearPass
Aruba Networks - Overview ClearPass
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
DDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS ShieldDDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS Shield
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
 
Azure DDoS Protection Standard
Azure DDoS Protection StandardAzure DDoS Protection Standard
Azure DDoS Protection Standard
 
Extending Security to EVERY Edge
Extending Security to EVERY EdgeExtending Security to EVERY Edge
Extending Security to EVERY Edge
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
SD WAN
SD WANSD WAN
SD WAN
 
Container Security Using Microsoft Defender
Container Security Using Microsoft DefenderContainer Security Using Microsoft Defender
Container Security Using Microsoft Defender
 

Similar to Understanding SASE

SASE-for-Superheroes-The-Complete-Integration-eBook.pdf
SASE-for-Superheroes-The-Complete-Integration-eBook.pdfSASE-for-Superheroes-The-Complete-Integration-eBook.pdf
SASE-for-Superheroes-The-Complete-Integration-eBook.pdf
Anto664537
 
DIFFERENCE BETWEEN SaaS, PaaS & Iaas (Presentation).pdf
DIFFERENCE BETWEEN SaaS, PaaS & Iaas (Presentation).pdfDIFFERENCE BETWEEN SaaS, PaaS & Iaas (Presentation).pdf
DIFFERENCE BETWEEN SaaS, PaaS & Iaas (Presentation).pdf
Chinmayee Behera
 
Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...
Cyrus Sorab
 
A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...
ijccsa
 

Similar to Understanding SASE (20)

Top SASE (Secure Access Service Edge) Vendors of 2024
Top SASE (Secure Access Service Edge) Vendors of 2024Top SASE (Secure Access Service Edge) Vendors of 2024
Top SASE (Secure Access Service Edge) Vendors of 2024
 
SASE-for-Superheroes-The-Complete-Integration-eBook.pdf
SASE-for-Superheroes-The-Complete-Integration-eBook.pdfSASE-for-Superheroes-The-Complete-Integration-eBook.pdf
SASE-for-Superheroes-The-Complete-Integration-eBook.pdf
 
SASE.pptx
SASE.pptxSASE.pptx
SASE.pptx
 
What is SASE? And Its Unique Benefits?
What is SASE? And Its Unique Benefits?What is SASE? And Its Unique Benefits?
What is SASE? And Its Unique Benefits?
 
DIFFERENCE BETWEEN SaaS, PaaS & Iaas (Presentation).pdf
DIFFERENCE BETWEEN SaaS, PaaS & Iaas (Presentation).pdfDIFFERENCE BETWEEN SaaS, PaaS & Iaas (Presentation).pdf
DIFFERENCE BETWEEN SaaS, PaaS & Iaas (Presentation).pdf
 
Why Integrating Network Technology & Security Makes Sense Now
Why Integrating Network Technology & Security Makes Sense NowWhy Integrating Network Technology & Security Makes Sense Now
Why Integrating Network Technology & Security Makes Sense Now
 
What is SASE? And Its Unique Benefits?
What is SASE? And Its Unique Benefits?What is SASE? And Its Unique Benefits?
What is SASE? And Its Unique Benefits?
 
SD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivitySD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivity
 
Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...
 
2021 Predictions and Trends for the SD-WAN and Edge Market
2021 Predictions and Trends for the SD-WAN and Edge Market2021 Predictions and Trends for the SD-WAN and Edge Market
2021 Predictions and Trends for the SD-WAN and Edge Market
 
Cisco SD-Wan introduction and caracteristics.pdf
Cisco SD-Wan introduction and caracteristics.pdfCisco SD-Wan introduction and caracteristics.pdf
Cisco SD-Wan introduction and caracteristics.pdf
 
Sase Deployment - Digital Carbon
Sase Deployment - Digital CarbonSase Deployment - Digital Carbon
Sase Deployment - Digital Carbon
 
Comprehensive Information on Software as a Service
Comprehensive Information on Software as a ServiceComprehensive Information on Software as a Service
Comprehensive Information on Software as a Service
 
SAS® Visual Analytics for SAS® Cloud
SAS® Visual Analytics for SAS® CloudSAS® Visual Analytics for SAS® Cloud
SAS® Visual Analytics for SAS® Cloud
 
De-Witt Tromp- Introduction to Zero Trust & SASE.
De-Witt Tromp- Introduction to Zero Trust & SASE.De-Witt Tromp- Introduction to Zero Trust & SASE.
De-Witt Tromp- Introduction to Zero Trust & SASE.
 
A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
Cloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloudCloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloud
 
ATC Delta Elite Dinner - 4.15.21 - Jags
ATC Delta Elite Dinner - 4.15.21 - JagsATC Delta Elite Dinner - 4.15.21 - Jags
ATC Delta Elite Dinner - 4.15.21 - Jags
 
PSee Solutions
PSee SolutionsPSee Solutions
PSee Solutions
 

More from Haris Chughtai

More from Haris Chughtai (8)

Cybersecurity Interview Preparation Questions.pdf
Cybersecurity Interview Preparation Questions.pdfCybersecurity Interview Preparation Questions.pdf
Cybersecurity Interview Preparation Questions.pdf
 
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdf
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdfISC2 CC Course (Certified in Cybersecurity) - Part 2.pdf
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdf
 
Cybersecurity Fundamental Course by Haris Chughtai.pdf
Cybersecurity Fundamental Course by Haris Chughtai.pdfCybersecurity Fundamental Course by Haris Chughtai.pdf
Cybersecurity Fundamental Course by Haris Chughtai.pdf
 
Cybersecurity Free Tools for Practice Project.pdf
Cybersecurity Free Tools for Practice Project.pdfCybersecurity Free Tools for Practice Project.pdf
Cybersecurity Free Tools for Practice Project.pdf
 
Networking Fundamental Course by Haris Chughtai
Networking Fundamental Course by Haris ChughtaiNetworking Fundamental Course by Haris Chughtai
Networking Fundamental Course by Haris Chughtai
 
Demystifying Prisma Access
Demystifying Prisma AccessDemystifying Prisma Access
Demystifying Prisma Access
 
SDWAN vs MPLS: What Enterprises need?
SDWAN vs MPLS: What Enterprises need?SDWAN vs MPLS: What Enterprises need?
SDWAN vs MPLS: What Enterprises need?
 
Emerging Telecom Technologies - Muhammad Haris Chughtai
Emerging Telecom Technologies - Muhammad Haris Chughtai Emerging Telecom Technologies - Muhammad Haris Chughtai
Emerging Telecom Technologies - Muhammad Haris Chughtai
 

Recently uploaded

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Recently uploaded (20)

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 

Understanding SASE

  • 1. Secure Access Service Edge Haris Chughtai Mar 2021 SASE
  • 2. HARIS CHUGHTAI SASE – Secure Access Service Edge  Term coined by Gartner for a converged Network & Security platform  SASE = Network + Security  Referred as Secure Network access to Cloud as well as on-prem resources to all users (fixed as well as mobile)  SASE is delivered as a service, minimizing or eliminating the need for specialized hardware or security appliances  Though SASE can be applicable to organization’s resources in Private/Public Cloud resources, Remote offices & endpoints, however mostly it is applicable to Remote Sites, Mobile & IOT devices  Key benefits brought by SASE includes agility, cost effectiveness and consistent security 1 "Instead of the security perimeter being entombed in a box at the data center edge, the perimeter is now everywhere an enterprise needs it to be — a dynamically created, policy-based secure access service edge." Gartner, D G00441737 “The Future of Network Security is in the Cloud”, 30 August 2019
  • 3. HARIS CHUGHTAI SASE Driving Factors  Cloud Adaptation  Enterprise services & applications (including the one carrying sensitive data) migration to public cloud is inevitable  SaaS e.g. Office365, Salesforce etc  IaaS .e.g custom application running on VMs  Decentralized Network Resources  Traffic used to be 80/20 (80% internal + 20% internet)  Now changing to 20/80 (20% internal + 80% internet)  Mobility  Users are no more bound to their office desk  Need access to services from anywhere  Convergence  Network & Security functions are converging 2 Internet/ SaaS/ IaaS FW,SWG, CASB, ZTNA By 2023, 20% of enterprises will have adopted SWG, CASB, ZTNA and branch FWaaS capabilities from the same vendor up from less than 5% in 2019. By 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018. By 2025, at least one of the leading IaaS providers will offer a competitive suite of SASE capabilities Gartner, D G00441737 “The Future of Network Security is in the Cloud”, 30 August 2019.
  • 4.  Secure Access to services for all users from anywhere  Data Loss Prevention (DLP)  Cloud Access Service Broker (CASB)  Zero Trust Network Access (ZTNA)  Secure Web Gateway (SWG)  Firewall Security (FWaaS)  Intrusion Prevention Systems (IPS)  Flexibility, reduced complexity, increased performance 3 SASE Promises HARIS CHUGHTAI
  • 5. HARIS CHUGHTAI  SASE provides consistent, agile and holistic approach for a converged network enabled with security  Helps avoiding traditional components based products and services  Converged Networking & Security helps reducing number of devices and vendors that organization has to deal with thus reduces Operational Overheads & bring cost optimizations  When deployed with SDWAN, it enhances not only the security posture but also brings network efficiencies by incorporating automated traffic optimization & continuity  Improved Security by deploying a Zero Trust approach when users, devices and applications connect. A SASE solution expected to provide complete session protection, regardless of whether a user is on or off the corporate network  Reduce dependency on enterprise Data Centers with gradual application migration to public Cloud 4 SASE Advantages to Enterprises
  • 6. SASE & SDWAN  SDWAN is an Access agnostic, agile WAN access (typically used for site-site connectivity to reduce expensive MPLS cost). Moreover SDWAN is mainly intended for branch sites not for Mobile users  Think of SASE as a platform to securely connect enterprise users to your Cloud as well as on-prem resources irrespective of their location  SDWAN vendors are strongly pitching their solutions as SASE which may not be entirely true  SASE expected to offers more features than plain SDWAN  SDWAN can be viewed as a SASE solution for branch sites if it can provide the expected security features 5 HARIS CHUGHTAI
  • 7. Key Take Aways 6  SASE is a fairly newly evolved term, vendors are interpreting it in their own ways Firewall vendors are positioning their edge FWs as branch SASE (Security + SDWAN) SDWAN vendors adding limited security features to pitch it as SASE  Be careful in mixing SASE with SDWAN SDWAN is just a piece of broader solution SASE is expected to provide Do your due diligence in selecting your SDWAN solution as SASE  Not all Cloud firewalls offer capabilities anticipated from a SASE solution  Don’t ignore the security of Mobile users which are major part of every organization now  Avoid vendors that propose to deliver the broad set of services by linking a large number of products (e.g. many purpose built VMs)  If organization offices and users are dispersed globally, look for a SASE providers with worldwide POPs for low-latency user access [providing a distributed edge computing capabilities]  Shift security from boxes to a software based policy driven security service HARIS CHUGHTAI