cybersecurity

Secure Access Service Edge

SASE (Secure Access Service Edge) is a cloud-based security model designed to support the dynamic, secure access needs of today’s hybrid organizations.

A necessary change

SASE is a network architecture that combines connectivity, networking and security functions in a single integrated system, which are delivered from the Cloud and provided as a service by the SASE provider. The SASE approach represents the logical evolution of security needs and technological trends and addresses to these needs, by providing network and connectivity security controls at the edge, i.e., as close as possible to the users.

0 %

of enterprises will develop
strategies to adopt SASE
by 2024

0 %

of enterprises will adopt
SWG, CASB, ZTNA and branch FWaaS
by 2023

Fonte: Gartner Report “The future of network security is in the cloud”

Why SASE?

The increasing deoloyment of Cloud and Saas (Software-as-a-Service), Iaas (Infrastructure-as-a-Service) and Paas (Platform-as-a-Service) have inverted access requirements, with more users, devices, applications, services and data located outside an enterprise than inside. This makes the WAN network inadequate, expensive and unable to guarantee the levels of dynamism, speed, performance, security and access control required by modern applications.

SASE convergence

benefits

Benefits of the SASE network and security model

Optimized connectivity

Independence from transport mechanism and network equipment
Active-active hybrid connections for all network scenarios
Dynamic routing on all available connections
Uniform extension of the WAN to multi-cloud systems

Cost saving

Replace or combine the use of expensive MPLS routes with cheaper and more flexible Broadband (DSL, LTE, 4G, 5G, etc.)

Better User Experience

Application traffic with dynamic routing to ensure better performance for critical applications

Increased security

Centralized Policies based on the Zero Trust model and customization
Real-time access monitoring and control
Secure traffic in Internet and Cloud connections
Security deployment in remote endpoints

Centralized and simplified application management

Centralized monitoring and management dashboard
Zero-touch provisioning on all functional components

Dynamic and secure network access

Dynamic identification of users and devices
Secure access to appropriate applications or data regardless of where users, data, applications, or devices are located

CLOUD-NATIVE SOLUTION

Components

The SASE model is based on access security, transforming the network model from hub and spoke, where access to Internet applications and resources is Data Center-Centric, to user centric, where access decisions are Identity-centric and applied to the endpoint.

Software Defined WAN (SD-WAN)

a technological approach that decouples network hardware from its control mechanism. It implies the possibility of creating hybrid networks (on intelligent and dynamic platforms) that allow multiple access technologies, bandwith on demand, dynamic routing and security services, integrated with each other.

Zero Trust Network Access (ZTNA)

a network security model that verifies users' identities and establishes device trust before granting them access to authorised applications. It helps organisations prevent unauthorised access, contain breaches, and limit an attacker's lateral movement on your network.