Secure Access Service Edge (SASE)

Secure Access Service Edge, or SASE, is an emerging cybersecurity concept. In this video, you understand how the key capabilities of SASE address the demands of growing network sprawl and the challenges of digitally transforming your business.

Versa for Work-From-Home

Versa has made it simple for organizations to offer Secure SD-WAN for Work-From-Home users on home appliances or working from anywhere

Top Energy Firm Achieves Comprehensive “Work-From-Anywhere” with Versa SASE

A large, publicly traded energy company operating in all areas of the oil and gas industry has dramatically simplified their network stack and realized huge cost savings with Versa SASE.

 
Availability and Buying Options in the Emerging SASE Market

EMA evaluates the different SASE vendors and their approaches to architecture, go-to-market, and support for their cloud-delivered and hybrid services.

 
Gartner Magic Quadrant for WAN Edge Infrastructure, 2020

Gartner 2020 Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

 
Versa SASE (Secure Access Service Edge)

SASE is the simplest, most scalable way to continuously secure and connect the millions points of access in and out of the corporate resources regardless of location

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

Primary SASE Challenges

SASE converges all networking and security capabilities into a single-service cloud-native, globally distributed architecture that shifts the security focus from traffic-flow-centric to identity-centric.

SASE encompasses a package of technologies that embeds security into the global network fabric so it is always available no matter where the user is, where the application or resource being accessed is, or what combination of transport technologies connects the user and the resource.

SASE is not an instant panacea for all security exposures, but it is a technology that locks down the new software-defined “border” in an era when networking interactions are increasingly disassociated from known locations or devices, and yesterday’s fixed-border security measures no longer provide adequate protection.

As with the adoption of all new technologies, SASE implementation will come with bumps in the road. Choosing the right strategy, and the right partner/vendor can significantly ease the path of a successful implementation.

Gartner and other industry analysts advise everyone to pay close attention to the following aspects of SASE implementation to navigate the most likely hurdles.

SASE is Not a New Technology, but an Integration of Technologies

Networking and security have long existed in parallel as separate, yet interconnected, technologies that engendered specialized IT skills, IT structures, vendors and products. SASE integrates both disciplines in a new playing field, with new rules, new solutions, and new packaging of technologies.

Trusted SASE Vendors and Providers

Vendor selection should be done with great care, and an organization must do sufficient piloting and testing to ensure a SASE solution fits their needs before implementation. SASE encompasses all networking and security technologies, making it difficult to apply a policy of no single-sourcing. Enterprises should familiarize themselves sufficiently with a proposed SASE solution to understand the technology and security practices underlying the solution, as well as the vendor’s ability to provide specific features the enterprise may be looking for.

SASE Architecture Must Scale

SASE must scale to provide top application performance to a potentially vast number of globally distributed endpoints, users, devices and applications. Encryption/decryption and security enforcement policies must be applied at line-rate speeds. The SASE architecture must provide scalability not only for the data plane, but also for the control and management planes, as well as for cloud-native and on-prem solutions.

A streamlined, single-pass software architecture—where the traffic flow is opened (potentially decrypted) and scrutinized a single time only using multiple policy engines in parallel, ideally in-memory, without requiring chaining of inspection services—is the best candidate to provide the required scalability. The Versa SD-WAN from-the-ground-up SASE implementation provides all of these advantages.

Organizational Culture

SASE is not just a technology, or even a package of technologies. It spans the traditional IT separation of security and networking teams and responsibilities. Integrating the technologies into a single solution also requires that IT teams be tightly integrated in operations, responsibilities, deployment, management, solution testing and vendor selection.

The business world is increasingly moving to an on-demand model. Companies beginning their transformation toward this more flexible and agile structure and means of operation will see the prominence of SASE increase.

A Distributed System of Cloud Gateways

Cloud-native SASE offerings are bounded by the distribution of the set of cloud gateways (POPs) they can leverage. A global build-out of POPs is necessary to provide predictable application performance and QoE for all users. You may use your own system of gateways (though this may prove costly for smaller enterprises), and/or leverage gateways provided by your SASE vendor or service provider.

Skillset of the SASE Provider or Vendor

SASE integrates the services encompassed by traditional networking and security solutions. Legacy hardware vendors with backgrounds in either field may not be the best SASE vendor choice as they may lack expertise in the other field. They may also not bring a true cloud-native mindset to the SASE architecture, leading to lack of performance and insufficient integration capabilities. As the SASE market is still young, Gartner expects disparate offerings from vendors with differing backgrounds while the market settles.

Integration and Interoperability

The scope of SASE makes it important that providers have well integrated features, not ones that are strung together from pre-existing standalone point products. SASE endpoint agents must integrate with other agents to simplify deployments, with cloud gateways of various flavors, and with a number of types of proxies required in the overall solution.

Avoid DIY Solutions

SASE solutions that cobble together a disjointed set of single-purpose appliances or services are destined to result in a solution with undesirable attributes.

  • Complex infrastructure and management
  • High latency
  • Unpredictable attack surface
  • Insufficient performance at scale
  • A general lack of network visibility, control as well as the administrative tools necessary to comply with industry standards and government regulations/laws
  • Lacking the flexibility, simplicity, and security that a well-engineered SASE solution should deliver

Gartner recommends adopting a true SASE solution provided by one or two vendors. Enterprises are advised to do thorough SASE solution testing to ensure it fits your scale, deployment and security needs, rather than just doing a “datasheet comparison”.

Free eBook

SASE
For Dummies

Learn the business and technical background of SASE including best practices, real-life customer deployments, and the benefits that come with a SASE enabled organization.