SASE is still a new trend in the security industry, and is still on the rise. Though within the next year it will be ubiquitous, for now it is offered by only a select few providers. Thanks to mergers and acquisitions, technology partnerships, and startup buyouts in the space, providers are quickly building a SASE solution that contains all the functionality as defined by Gartner. Of them Perimeter 81 is the undeniable leader, and offers a fully-fledged SASE solution to organizations on a flexible subscription model.
SASE is comprised of multiple technologies that make for smarter networking and stronger security. A complete platform would include Secure Web Gateway, URL or DNS filtering, VPN-like tunneling with IPSec and other protocols, cloud sandboxing, Cloud Access Service Broker, Firewall as a Service, multi-factor authentication, and more. The key to SASE is combining these utilities and serving them as a single product through the cloud, not the selection of tools included.
SASE is ideal for implementing a Zero Trust access model on your network. This means that no users are trusted with unrestricted network access, and no one (not even administrators) gets away with unmonitored traffic. With such diligent security possible, SASE also becomes an excellent solution for compliance, for healthcare companies, financial institutions, and other highly-audited businesses. Of course, SASE is also a solid all-purpose security platform, and allows IT teams to deploy an impressive array of security tools across to the edge of a network (no matter how large).
SASE solutions are inherently cloud-native, distributed to the edge of the network, and based on users and their qualifiers (role, identity, device etc.). This means that point solutions like a VPN are not considered SASE, as they do not combine different softwares nor put them in the cloud.
SD-WAN is a half-measure for organizations that are really looking for SASE. As a Software-Defined Wide Area Network, SD-WAN merely makes it easier to set up a network, since it doesn’t require hardware and related maintenance to control. However, SD-WAN doesn’t have any built-in security, doesn’t integrate nicely with cloud-based services, and doesn’t make managing access any easier. SASE fills in the missing pieces, and brings SD-WAN to the peak of agility and protection.
SASE does have some technological components in common with a VPN, such as the ability to encrypt traffic that occurs to and from the network using protocols like IPSec, SSL, and even WireGuard. This is already head and shoulders above any singular VPN, as organizations can choose the protocol they prefer to encrypt with. VPNs also lack add-on security tools and any networking functionality at all - they do not allow the creation or management of a network (only encryption of traffic on the network) and certainly not custom access profiles.
As with any security solution, there is no cure-all for hacking, but SASE does a significantly better job at putting more barriers in front of potential hackers while also reducing effort for security professionals. Risks of a hack or a breach still exist, but the point is that with SASE, these are likely to occur less frequently, as hackers must expend much more time and effort to reach their goal. SASE simply makes organizations a much more elusive target.