Meeting the challenge of security in the cloud
Today’s workforce expects seamless access to applications wherever they are, on any device. The need for cloud-delivered security service expands daily as contractors, partners, IoT devices and more each require network access.
In this new paradigm, IT requires a simple and reliable approach to protect and connect with agility. This is forcing a convergence of network and security functions closer to users and devices, at the edge — and is best delivered as a cloud-based, as-a-service model called Secure Access Service Edge (SASE).
What is Secure Access Service Edge (SASE)?
With the digital transformation of businesses, security is moving to the cloud. This is driving a need for converged services to reduce complexity, improve speed and agility, enable multicloud networking and secure the new SD-WAN-enabled architecture. Secure Access Service Edge (SASE) is a network architecture that combines VPN and SD-WAN capabilities with cloud-native security functions such as secure web gateways, cloud access security brokers, firewalls, and zero-trust network access. These functions are delivered from the cloud and provided as a service by the SASE vendor.
Why SASE, why now?
Securing the modern network requires a great deal of time, energy, and resources that
organisations don’t always have
of workforce will be roaming by 2021
of orgs shifting to some or all direct internet access (DIA)
of orgs are looking for multifunction cloud security services
How can I benefit from a SASE model?
The SASE model consolidates numerous networking and security functions–traditionally delivered in siloed point solutions — in a single, integrated cloud service. By consolidating with SASE, enterprises can:
- Reduce costs and complexity
- Provide centralised orchestration and real-time application optimisation
- Help secure seamless access for users
- Enable more secure remote and mobile access
- Restrict access based on user, device, and application identity
- Improve security by applying consistent policy
- Increase network and security staff effectiveness with centralised management
Components of the SASE model
SD-WAN is a cloud-delivered, overlay WAN architecture that provides the building blocks for cloud transformation at enterprises. It helps ensure a predictable user experience for applications and provides a seamless multicloud architecture while integrating robust, best-in-class security.
Cloud security is a set of technologies and applications that are delivered from the cloud to defend against threats and enforce user, data, and application policies. It helps you better manage security by extending controls to devices, remote users, and distributed locations anywhere in minutes.
Zero trust network access
Zero trust network access verifies users’ identities and establishes device trust before granting them access to authorised applications. It helps organisations prevent unauthorised access, contain breaches, and limit an attacker’s lateral movement on your network.
Start your SASE Journey
Major security analysts and industry experts all have their own view of the elements you should look for in a vendor that provides SASE security. Talk to an expert to see how Cisco can meet your SASE needs.