The enterprise architectures of the past, based on separate networking and security infrastructures, no longer fit the needs of most enterprises. They were designed to backhaul traffic from remote branch offices and mobile VPN clients to a central location where network traffic is monitored for performance issues, malicious activity, and malware before sending the traffic to its destination, which was often in the same data center. However, the once-centralized applications that end users seek to access no longer universally reside in those concentrated data centers as enterprises more fully embrace cloud services of all kinds.
With SASE, rather than making the enterprise data center the center of the policy universe, identity becomes that center. Access or privilege levels are determined and policies are applied based on the identity of the user, device, and application. Using that identity information, along with additional context, a range of different networking and security services is applied to each session.
EMA outlines outlines in detail the security functionality, SASE architectures, support models, and go-to-market motions supported by the SASE vendors on the market.