SASE, or Secure Access Service Edge, seems to be the new hotness in the tech and business worlds right now. Gartner predicts that by 2024, at least 40% of enterprises will have a strategy for implementing SASE and International Data Corporation (IDC) predicts that the edge computing market will hit $250.6 billion in the next three years.
Yet, despite these optimistic predictions regarding the future growth of the SASE market, a recent Masergy study found that although 82% of IT leaders were familiar with the term, more than 50% didn’t have a clear understanding of the business implications and applicability of a SASE solution.
Much of this drive towards SASE has been the result of the COVID pandemic that rapidly and dramatically changed the way we work and indeed where we work. This shift towards a work-from-anywhere culture has opened the door for increased flexibility but has presented a unique challenge for IT leaders in ensuring they’re adequately securing their network.
SASE comes in at a time when businesses need to start addressing the changed shape of work culture and environments, however, the need for a solution like this was always in the air.
What is Secure Access Service Edge (SASE)?
Secure Access Service Edge, or SASE (pronounced “sassy”) is a term that Gartner coined in 2019 to define a service that combines wide-area networking (WAN) and security into a cloud-based solution rather than relying on enterprise data centres.
The security component of SASE architecture is conducted at the edge where identity, such as a user, cloud service, application, or location, as well as real-time context, and individual enterprise security policies determine appropriate access.
Using a traditional WAN, all traffic would converge to a limited number of enterprise data centres for security functions. When there are users and cloud applications dispersed around the world, as opposed to being on-site, this backhauling of all WAN traffic causes increased latency.
But, by securing the edge in a cloud-based environment, global traffic is dispersed while the level of network security remains intact.
In the before-times...
Before COVID-19, Australian offices stuck with the traditional in-person work environment.
In March 2020 -- that far-off pandemic before-time that feels so hard to recall -- the Australian Bureau of Statistics (ABS) reported that 24% of employed Australians worked from home at least one day a week.
In February 2021, that number almost doubled to 41%.
And this new work-from-anywhere approach is one that the majority of Australians want. A recent PwC survey found that this hybrid work environment of a mix of in-person and remote working is the preferred scenario for around three quarters of Australian workers.
Yet although this shift to a work from home or anywhere model is appealing to employees, many of whom report they are more productive when working remotely, this dispersed workforce introduces new challenges to IT teams.
In those long-ago before-times when we all worked out of static office locations, managing your WAN and channelling network security through one or a few data centres made some sense.
However, according to Superloop CTO, Ryan Crouch, in the scramble to set up secure networks as people needed to start working from home during the pandemic, instead of reaching for new solutions, many IT teams just repeated old mistakes with traditional, cobbled-together solutions.
“Prior to the COVID outbreak, [IT teams] had been using many disparate security systems with multiple different policies, all of which came at a high management cost.
“In the rush to secure staff at the start of lockdown, working VPN infrastructure was suddenly pivotal to the productivity of the entire workforce of a business.
“Quick responses often resulted in reinvestment of old technologies, or just adding bigger, shinier boxes that had previously been deployed before. Really just the same old VPN solutions on a higher scale.”
Today, in an (almost) post-pandemic work-from-anywhere world, those old, traditional solutions just don’t make as much sense anymore.
“Housing a VPN at a branch or from a physical location means you’re going to have all your users pulling data from the cloud or from the data centre via the VPN at head office,” said Crouch, “so you’ll essentially be hairpinning or backhauling the traffic twice and losing half your bandwidth on each user and endpoint in the process. This method just doesn’t scale.”
With employees working in less controlled environments from anywhere in the world, Australian businesses need to address the security implications of today's mobile, decentralised workforce.
Why so SASE?
The landscape of not only where we work but how we work has also been in a transition phase for many years now.
Although COVID may have sped up the need for businesses to adopt a cloud-edge security solution sooner and far more rapidly, the world was always moving in this direction.
The thirst for cloud resources has grown immensely in recent years, and the pandemic has further accelerated its growth and adoption. In 2020, public cloud revenues increased 25% year-over-year hitting $271.9 billion. Estimates suggest that 2021 will be no different, with another 23% increase predicted.
But with this shift comes new network security challenges that Australian business and IT leaders can no longer ignore.
“The majority of applications that workers are using these days are either hosted out in public cloud infrastructure or as cloud-based Software as a Service (or SaaS).
“Based on that notion, why would we need to go back into the physical office environment to manage those endpoints when everything we're doing is sitting at the edge of the cloud itself anyway?
“When the security environment is so dynamic and is constantly evolving, it makes a lot more sense to manage it from there.”
For many business leaders, there also seems to be an inflated sense of security around cloud applications and their interests in protecting a client’s data and network. While many cloud service providers secure their own networks, cloud security isn't a given; what you put on their platform isn’t always protected in ways that businesses and employees expect.
“The assumption that obviously, a cloud service provider is going to take security seriously, so we can pass the responsibility over to them, is really dangerous,” says Duca.
“Of course they're taking it seriously for their own infrastructure, for their own platforms. But any data that you're putting out there, you really need to think about securing that yourself.
“Any business who has assets or IP they consider to be material to their organisation need to start thinking about a different way to consume network security altogether.”
The bigger picture
Although SASE is managed by a single source, which, to some, is one of its main drawbacks, the solution is also incredibly flexible. Services like SD WAN and Firewall as a Service (FWaaS) work harmoniously together with a SASE solution.
According to Crouch, SD WAN is “an undeniable piece of the whole SASE package” that cannot be overlooked, particularly for “businesses that have a lot of branch offices or retail spaces that may include tens of hundreds of devices that still need to participate in the network securely.”
In a previous post, we talked about the key benefits of SD WAN, including simplified management and operation, lower costs, and increased visibility and security. With SASE, you get those too, except with the extra layers of network functionality as well as underlying cloud-native security architecture.
“Securing the endpoint of users is one thing,” adds Crouch, “but from all those branch offices there will be a lot of infrastructure communicated inside the network using SD WAN from the branch.”
Ultimately, SASE gives IT teams as well as an enterprise's entire workforce the flexibility to function securely in the new normal of this post(ish)-COVID world.
“If our teams are leveraging SaaS applications for most of their work,” said Crouch, “why would you not have a cloud-delivered security service provided to meet them wherever they are.
“Having a SASE solution gives organisations a solid offer to be able to give to their staff members flexibility in terms of the devices they choose to work across, and how they participate with the business.”
Superloop has partnered with Palo Alto Networks to deliver a comprehensive SASE solution. The advantage of this partnership resides in the fact that our respective companies have developed and refined the individual pieces of these technologies for decades yet remain agile in our abilities to quickly adopt new technologies and adapt to the changing global landscapes.
Get in touch with one of our expert SASE consultants today for a free demo to see what a SASE solution can do for your business.
What to read next: