Why SASE is the rising star of network architecture

Please note: This post was written by Highlander prior to their rebrand to FluidOne Business IT - Sheffield.

As the old saying goes, it’s never too late to mend, and this philosophy certainly applies to all areas of your IT strategy.

While traditional approaches may have served you well in the past, the rapid rate of digital transformation has driven considerable changes across your business, challenging the status quo like never before.

This is especially true of the network, where traditional approaches to network design are no longer able to properly meet the needs of a digital business. An influx of mobile devices, the adoption of cloud-based applications and an increase in remote working see that more and more traffic occurs ‘off-network’. And while point solutions can offer some respite by patching up absent capability, they only serve to create additional layers of complexity and costs, as well as unwanted latency that hampers the user experience.

The demands of the cloud-centric, mobile business have given rise to a new approach to the network, Secure Access Service Edge, otherwise known as SASE (pronounced ‘sassy’).

Essentially, SASE network technology sees the convergence of network functions and security controls within a single, cloud-based platform.

Leading-edge network capabilities such as SD-WAN, route optimisation, and path selection are delivered as part of a single service, with the addition of policy-based access controls, Firewall-as-a-Service (FaaS), and other security features to ensure compliance with organisational security policies.

Crucially, SASE solutions are built on these four defining characteristics:

Global SD-WAN – Instead of passing through the public internet, traffic should be re-directed through a private SD-WAN network, put in place by the solution provider, which is accessed via localised points of presence, or PoPs for short. This approach means that traffic can be better protected, more easily directed, and avoids the unwanted latency associated with public connections.

Distributed inspection and policy enforcement – Whereas traditional network approaches direct traffic through a central inspection point, SASE technology sees that multiple security engines, including anti-malware, are distributed in tandem at the PoPs level. This avoids the need for an initial re-direct to a central point for inspection and qualification, thus reducing latency.

Cloud-native architecture – All SASE solutions should deliver a converged, cloud-native, and multi-tenant network software stack, with little to no dependence on specific hardware.

Identity driven approach – At their core, SASE solutions should be built on policy-based access. Crucially, this should focus on specific user details, not network information such as IP addresses.

As with much technology innovation today, SASE networks are intended to better meet the current demands of the digital business. This means that they are agile, scalable, easy to manage, and perhaps most importantly, cost-effective.

By converging network and security functions within a single platform, the complexity of network administration is significantly reduced. New access policies and security controls can be rolled out across the entire network in minutes, with configuration undertaken remotely without the need to get hands-on with on-premises hardware.

Equally, as a cloud-based, as-a-Service offering, SASE provides a predictable cost model while also poised to scale quickly in line with changing demands.

Quality of service is also preserved, with traffic typically removed from public channels and instead re-directed via a private network, avoiding unwanted latency. By moving the moment of traffic identification closer to the point of connection, users also benefit from a faster, more enjoyable experience, without the business compromising on security.

We always endeavour to help our customers benefit from the latest innovations. Thanks to our strong relationships with SASE providers such as CATO Networks, as well as our own expert resources, we can help you implement your own SASE solution to reduce costs, remove complexity, and better secure your business for life in the digital world.

To learn more about SASE and the solutions we can deliver, get in touch with a member of our team.