Secure Access Service Edge SASE - Has Gartner made a new set of emperors clothes?

Robert-Smith-Maintel

18th Oct 2021

By: Robert Smith, Product Manager, Security, Maintel

Following on from my last article on ‘Zero Trust – who do we trust? No one!’, I wanted to touch on another area making waves in the industry press.

Gartner coined the term ‘SASE’ or ‘Secure Access Service Edge’ in August 2019 ‘The Future of Network Security in the Cloud’ and again in their more recent 2021 ‘Strategic Roadmap for SASE Convergence’. It appeared to most people a good idea but one burdened with too many acronyms. “We see but we don’t understand” was the message back.

Maintel started looking at this in 2020 and with our strategic vendor partnerships, began defining what this would look like from a Maintel point of view and more importantly, how we could translate this into a simple set of best practice guidelines that we could take to our customers.

Let’s first look at why it exists. Primarily, the move to the cloud is being driven by Microsoft 365 adoption and was given a big kick following the Covid outbreak. Lots of HD video calls over Team, Zoom, Webex Teams etc were breaking traditional networks. “Why do we trombone our data into the back out of the network when we can break out locally?” SD-WAN provided the answer and looked to be finally coming of age.

To do this, we need to secure the edge, the cloud, the endpoint etc, or NetSec if you prefer. We also need to consider InfoSec best practices like Zero Trust. SASE provided the perfect umbrella to bring these together into a coherent structure.

But with so many components and a big bang approach, not a viable option, where do we start?

As with any plan, the key is to base it on best practice principles. Zero Trust or Least Privilege is a must-have baseline. Always ask this question of any products or services you consider ‘How do you deliver zero trust?’

My recommendation is to start with the thing that is used the most – the humble browser. We recommend Cisco’s Umbrella cloud-based Secure Web Gateways, (SWG), which combine multiple services in a single solution. Granular web controls, DNS protection, threat detection/prevention, Firewall as a Service, (FWaaS), cloud application security (CASB) to name but a few.

Next up, email. We are seeing the rapid rise of ransomware which is chiefly delivered via email. Spam filtering, cloud sandboxing, Data Loss Prevention (DLP) and staff awareness training are all important but somewhere, at some point, one will get through.

We then come to the final item we are discussing today, endpoint security. We have traditional malware and AV products but under SASE, these have now become part of a wider ‘security fabric’ with automated response to attacks built-in, helping mitigate risk and stop the spread. (Threat Detection applications such as Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR) fall into this category). Additional measures such as application whitelisting can block rogue applications running in the first place or stop corrupted applications from taking control of your data stores.

So, we have a new set of clothes with more accessories than before, but it all looks very familiar. What is clear is that the world of networking and security is moving at a rapid pace, but all is not lost.

Take these 3 easy steps and start your journey

  1. Invest time into defining a strategy that supports your organisation and follows the zero-trust principles.
  2. Focus on the things people do the most and that pose the greatest risk.
  3. Consider ways to mitigate the risk of malware spread

Want to know more? Then speak to a great managed service provider with strategic partnerships with the industry’s leading SASE vendors – contact us.

You may also like: