The SASE Framework was initially developed by Gartner for the sole purpose of simplifying the convergence and adoption of a myriad of security and network point solutions which enterprises implemented to address a variety of emerging challenges including poor user experience, limited visibility, and Increased attack surface, while pursuing a Digital Transformation strategy.
SASE or Secure Access Services Edge as defined by Gartner is a combination of Network-as-a-Service (NaaS) and Security-as-a-Service (SaaS) delivered via the cloud. The SASE framework is itself broken down into three categories of distinct capabilities; Core, Recommended, and Optional:
SASE market remained crowded and fragmented with over 35 vendors vying for a slice of the market. According to the Del’Oro Report, SASE service providers come from two sub-segments:
Disaggregated SASE consists of separate networking (e.g., SD-WAN) and security (e.g., SWG) products and services that can be bundled into a SASE solution, whereby the services may come from a collage of distinct products from the same or different vendors. A majority of SASE vendors belong to this category.
This results in multiple policy repositories (i.e., separate networking and security policies), multiple software stacks, multiple management interfaces, and multiple sources of visibility and analytics.
The ideal solution to solve customer’s challenges is the unified SASE approach. The defining characteristics of SASE-Unified are:
Versa SASE delivers a comprehensive integrated SASE solution within a single software stack which mitigates the requirement to perform service chaining, cascading, or virtual interconnect between SASE services required by other solutions in the market. Versa Single-Pass Parallel Processing architecture combines full-featured SD-WAN, complete integrated security, advanced scalable routing, genuine multi-tenancy, and sophisticated analytics into one software image.
With a single interface to configure and implement corporate policies, Versa SASE delivers visibility and control through a single pane of glass. Versa protects all corporate resources with unified security policies for every session for every user, on any device, accessing any application. Security is embedded which results in no security breakage from service chaining which leads to better security hygiene, true access authenticity and only one point of decryption.
![]() | Tony Garcia DIRECTOR, SECURITY EVANGELISM Tony is a Director of Security Evangelism for Versa Networks. He brings over two decades of experience in the field of technology and cybersecurity. Tony has previously served in many diverse roles in cybersecurity from consultant, strategist and vCISO/CISO in the Fortune 500 space with Deloitte, US Department of Defense, Microsoft, British Telecom, Toyota, and Mr. Cooper Group. He currently holds multiple industry leading certifications, including CISSP, CISM, CRISC, CCSK, and a masters in cybersecurity and information assurance. |
![]() | Avik Bose SECURITY EVANGELIST Avik is a Security Evangelist with Versa Networks. He brings in over 18+ years of experience in Cybersecurity and Consulting. Avik has previously served in multiple organizations including F5 Networks, Palo Alto, Mcafee, Barclays. in various capacities ranging from a Security Consultant, Principal Security Architect and Presales Lead. His areas of interest include Cloud & Cloud Security, Kubernetes etc. He is a certified AWS Solution Architect-Professional. |
Tony – The SASE framework was proposed by Gartner to address a host of challenges organizations were facing while trying to adopt digital transformation. Some of these challenges like optimized network and application performance, better network visibility can only be addressed with a SD-WAN solution. While Security Services Edge can help address the security challenges associated with digital transformation, they cannot do anything to elevate or address the challenges w.r.t network and application performance which can result in poor user experience. Also, more often than not introducing SSE solution in isolation can impact application performance and user experience in a negative fashion by introducing additional overhead/latency to the processed traffic.
Avik – A Unified SASE solution by combining traffic engineering capabilities of the SD-WAN component of the solution ensures that the traffic originating both from Branch Locations and End user’s machine is processed optimally including but not limited to Application –QOS, IP SLA, automatic most optimal gateway selection, automatic failover of the traffic between multiple gateways which results in much lesser latency either for Internet bound or private access traffic.
Tony – A Unified SASE solution by offering a single policy engine and a single pane of glass both for Network as a Service Component and Security as a Service component ensures that the operations teams don’t have to toggle through a multitude of UI’s / Management console to either define the required policies or get the required visibility. Also, integration with 3rd party solution like SIEM and SOAR, ITSM tools also becomes much simpler since instead to trying to get a number of network and security components integrated into them, with a unified SASE solution the number is just reduced to one.
Avik – A unified SASE Solution by design will have a lot a smaller number of components than an independent SD-WAN & SSE solution put together. For example, an Independent SD-WAN + SSE solution will have at the very least 2 different Management /Analytics console + 2 different Logging Services + 2 different Gateway devices + 2 different end point agents while on the other hand a unified SASE Solution will have only 1 Management/Analytics console + 1 logging Service and 1 single gateway device + 1 single endpoint agent. This automatically simplifies the architecture and hence the deployment time and effort to a great degree.
Versa’s Unified SASE solutions allows organizations to take full advantage of the SASE framework by combining both the Network as a Service component and Security as a Service Component into one single cohesive solution with a unified policy engine both for network and security components and a single pane of glass to get a consolidated view of both the network and security landscape. This results in: