Secure Access Service Edge (SASE)

Secure Access Service Edge, or SASE, is an emerging cybersecurity concept. In this video, you understand how the key capabilities of SASE address the demands of growing network sprawl and the challenges of digitally transforming your business.

Versa for Work-From-Home

Versa has made it simple for organizations to offer Secure SD-WAN for Work-From-Home users on home appliances or working from anywhere

Top Energy Firm Achieves Comprehensive “Work-From-Anywhere” with Versa SASE

A large, publicly traded energy company operating in all areas of the oil and gas industry has dramatically simplified their network stack and realized huge cost savings with Versa SASE.

 
Availability and Buying Options in the Emerging SASE Market

EMA evaluates the different SASE vendors and their approaches to architecture, go-to-market, and support for their cloud-delivered and hybrid services.

 
Gartner Magic Quadrant for WAN Edge Infrastructure, 2020

Gartner 2020 Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

 
Versa SASE (Secure Access Service Edge)

SASE is the simplest, most scalable way to continuously secure and connect the millions points of access in and out of the corporate resources regardless of location

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

Why is SASE necessary?

SASE converges all networking and security capabilities into a single-service cloud-native, globally distributed architecture that shifts the security focus from traffic-flow-centric to identity-centric.

SASE encompasses a package of technologies that embeds security into the global network fabric so it is always available no matter where the user is, where the application or resource being accessed is, or what combination of transport technologies connects the user and the resource.

Modern enterprises conduct business in the client-to-cloud era. Gartner writes that the “Network and network security architectures were designed for an era that is waning, and they are unable to effectively serve the dynamic secure access requirements of digital business.”

Gone is the time when employees all worked in a physical building and all corporate resources were resident in private data centers that were both physically and digitally secured.

CIOs of modern enterprises need exemplary client-to-cloud experiences that are secure, reliable, scalable, and simple. These are the requirements that necessitate the capabilities that SASE deliver.

Cloud Adoption

Gartner points out that more traditional enterprise data-center functions are now hosted outside the enterprise data center than in it—IaaS clouds, SaaS applications, cloud storage. The data center is no longer the focal point of access for users and applications. Digital transformation initiatives and cloud adoption have completely changed the enterprise network. In today’s IT world:

  • More user work is performed, and more sensitive data is located, outside the traditional enterprise perimeter than inside it.
  • More workloads are running in the cloud than in the enterprise data center.
  • SaaS applications are used more frequently than locally installed ones.
  • More traffic is destined to public cloud services than to the enterprise data center.
  • More traffic from branch offices is heading to public clouds than to the enterprise data center.

Consistent Client-to-Cloud Performance for WFA and Mobile Users

Users are connecting from everywhere. After the exigencies of the covid-19 pandemic there is now widespread acceptance of work-from-anywhere (WFA). Remote users traditionally connected via VPNs that required VPN aggregation and firewalls at hub locations and data centers to authenticate users and apply security policies once only, and then granting wide/full access inside the enterprise network. This legacy architecture is hampered by scalability meltdown, complexity, latency and security threats.

SASE architecture authenticates and applies security policies per transaction, and grants least-privilege access only. This significantly improves performance and reduces the attack surface.

Consistent Policy Enforcement for WFA Users

SASE has cloud-native flexibility to apply consistent policies, at consistent performance, for all users and assets regardless of location—whether resident in a data center, cloud platform, or at a SaaS provider.

Network Perimeter Expansion

The mandate is to secure the edge of the network—we’ve long done that—but with increasing WFA and SaaS access the edge has become amorphous and blurred. Security policies can no longer succeed by protecting a fixed perimeter, instead they must follow the user: enforceable wherever the user is; on whatever device is used; wherever the accessed asset is; and it must protect traffic equally well over Internet access as it used to on MPLS. In short, the perimeter has become software-defined and SASE is the flexible technology to protect a SD-perimeter.

Unmanaged Devices

The WFA trend has exacerbated a parallel trend in workers using their personal devices for business purposes. Today’s personal devices are as powerful and flexible as IT-managed devices and users keep them up to date themselves. IT-managed devices have long been a burdensome IT-team responsibility.

The proliferation of IoT devices adds to the strain of unmanaged devices. Business communications from all devices must be secured at scale and without delay. Traditional WAN security architecture is unfit to achieve this, but SASE does—especially the SASE implementations that require no client software agent.

Sophisticated, Always-Changing Threat Landscape

Threat actors and the tools they use are rapidly increasing in sophistication and ease of use. Just like enterprises, bad actors also leverage the flexibility of the cloud. SaaS architectures significantly lower the bar for relatively inexperienced hackers to launch highly sophisticated and damaging attacks.

With traditional VPN access, a threat actor can gain access to the enterprise network once only, and then move laterally with little or no further security enforcement to all data and assets. Network segmentation helps mitigate this threat landscape, but SASE protects assets much better due to its transaction-orientation (identity-based authentication per transaction) and by granting only least-privilege access.

Enterprise Digital Transformation Trends

The side effects from digital innovation efforts—dynamically changing network configurations; dramatic expansion of the attack surface—are that traditional security solutions no longer provide the level of speed, performance, security, and access control that organizations and users require.

IT Management Complexity

Installing disparate point products in branch locations is costly, results in sprawl, is complex to manage, and neither enables WFA nor optimizes cloud access. A SASE architecture—with all network and security capabilities embedded in a single software stack—reduces capital investment, frees IT staff to focus on strategic work, enables a coherent security policy deployment, reduces hardware complexity and cost, and moves the enterprise towards the on-demand, pay-as-you-go model that is increasingly prevalent.

Free eBook

SASE
For Dummies

Learn the business and technical background of SASE including best practices, real-life customer deployments, and the benefits that come with a SASE enabled organization.