Skip to main content

Let's get SASE!

The Bell team assesses whether this organization would be best served by SASE or SSE

By Chandraduth Bullywon, Senior Technical Product Manager, Cloud and SDWAN security

The way we work has changed dramatically over the last few years, with workforces becoming more mobile than ever. However, the way we connect to each other – and the way we secure those connections – hasn’t kept up. Many businesses still rely on traditional firewall solutions and VPNs, which were the standard some 20 years ago, but are no longer suitable for today’s reality of hybrid and remote work. 

Secure access service edge (SASE) is an approach designed for the modern workplace, offering protection for every user and giving them secure access to company systems and data, regardless of the location where they work. But what exactly is SASE? How does it work, and why should you adopt it for your business? Here are the facts you need to know. 
 

What is SASE?

SASE is a term coined by Gartner to describe a new cloud-based security framework that brings together networking and security services. A complete SASE solution includes: 

  • Software-defined wide-area networking (SD-WAN) – Delivers a better user experience and lets you deploy new apps and services faster.
  • Secure web gateway (SWG) – Keeps unsecured internet traffic out of your network.
  • Cloud access security broker (CASB) – Protects against data leaks, malware infection, and other threats to cloud apps and services.
  • Firewall as a service (FWaaS) – Provides all the benefits of a traditional firewall, without the need for physical hardware.
  • Zero-trust network access (ZTNA) – Never assumes trust, and grants users access only to the applications needed to fulfil their roles. So only a subset of the network would be exposed in the event of a breach. 
  • Centralized management – Gives you a unified view and control of all workloads, applications, and data protection from a single pane of glass for greater visibility and convenience. 
     

How is SASE delivered?

SASE is delivered over the cloud by an SASE provider as a subscription-based model. This offers a predictable monthly cost and eliminates the need to maintain, repair, and upgrade bulky and expensive on-premises equipment. This also means it’s accessible from anywhere, so your users are protected whether they’re in the office, at home, or working from another remote location. 
 

Why should my business implement SASE? 

Historically, remote users would have to log in through a VPN. This type of connection involves sending traffic back and forth between the user and the office through various data centres (an operation known as “hairpinning”). The result is higher latency, which adversely affects the user experience and makes users less productive. 

With SASE, a direct secure link is created between the user and the apps they need to access. This provides better performance, shrinks the potential attack surface, improves flexibility, reduces complexity, and cuts costs – delivering a better outcome for users and your business. 
 

Who should implement SASE?

Security – including the protection of customer data – is vital to the success of every business. That means every business can benefit from the structured and transformational approach of SASE. And even though there’s no minimum number of users, larger companies with growing remote or hybrid workforces will reap the greatest benefits. 

If your company deals with personal or financial information and is subject to additional regulatory compliance requirements, the business case for SASE is even better. Along with extremely robust security, SASE also delivers complete visibility and traceability – making audits and other proof-of-compliance processes simple and efficient. 
 

When should SASE be implemented?

As soon as you start planning to migrate workloads and applications to the cloud, start planning your SASE implementation. Make sure SASE implementation is included along the entire process so you’re protected as soon as you flip the switch at each phase. 

Every situation is different, so your SASE solution needs to be designed to meet your specific needs. To make sure you get the right solution for your business, bring on an expert SASE provider as early as possible to reduce the risk of misalignment and ensure that your migration goes smoothly. 
 

How should SASE be implemented?

Start by determining exactly what you plan to migrate and in what order. Make sure you understand what’s currently in place at each location, including firewalls, network infrastructure, on-premises equipment, and policies. Your SASE provider can help you remap and optimize to reduce the number of distinct policies you need to manage. With your provider, go over your current needs as well as your anticipated future needs and design your solution accordingly. Then you can start building your policies and rules to manage your users and devices holistically as you start migrating. 

Security is a continuously evolving endeavour. Ask an SASE provider how they keep their solution up to date from their end, how they stay at the forefront of identifying new threats, and how they manage their human capital to deliver them. 

With the right SASE partner, you can help make sure nothing falls through the cracks by periodically reassessing your needs as your business grows. Learn more at our SASE Solution page (Managed Cloud Security Gateway). For guidance on how to best implement SASE to suit your business needs, we encourage you to reach out to the Bell Security Professional Services team