Network security architectures were designed for an era that is now waning. Legacy architectures can't meet the dynamic secure access requirements of today’s business world or digital transformation initiatives that drive future growth. Notably, they can’t secure remote users or cloud services.
 
In this world, Secure Access Service Edge, or SASE (pronounced “sassy”), is an emerging cybersecurity concept that Gartner described in the August 2019 report The Future of Network Security in the Cloud.
 
In the SASE model, organizations can extend consistent security to all enterprise resources. From a single control point, security teams can configure policies that secure SaaS apps, control access to web destinations, identify shadow IT, and defend on-prem apps. Integrating SASE with SD-WAN also delivers consistent security across branch sites.
 
Because the architecture will often include Cloud Access Security Broker (CASB), Secure Web Gateway (SWG) and Zero Trust Network Access (ZTNA) functionality, security teams are able to achieve reduced complexing by replacing disjointed point products and unlock significant cost savings with a single SASE vendor.

 

Cloud Access Security Brokers

Gain visibility and control for data that has moved off premises and into SaaS apps and IaaS platforms.

  • Protect data and stop leakage with access control and data loss prevention (DLP)
  • Keep malware from infecting your cloud through advanced threat protection (ATP)
  • Maintain visibility in the cloud by tracking user activity and generating security reports
  • Protect sensitive data with  with full-strength encryption solution that protects data-at-rest in any cloud application.
  • Authenticate users with single sign-on (SSO) and multi-factor authentication (MFA)

Secure Web Gateways

Secure web traffic as users browse websites and access unmanaged applications (shadow IT).

  • Filter content by categories like streaming and gambling to enhance productivity
  • Keep threats at bay by blocking access to destinations like botnets and malware sites
  • Control the usage of shadow IT and direct employees to correct, sanctioned apps
  • Prevent data leakage by stopping the upload of sensitive files to the web
  • Secure encrypted traffic at cloud scale

Zero Trust Network Access

Ensure consistent security for on-prem and data center resources like Jira and Confluence as well as thick client apps like SSH and remote desktops.

  • Secure access to internal apps by factors like user group, location, and device type.
  • Prevent employees from downloading or uploading malware to the network
  • Log user activity to enable audit and demonstrate regulatory compliance
  • Authenticate users through native functionality or integrations with leading IdPs

Cloud-Delivered Architecture

Only when underlying architectures are cloud based can SASE offerings be called true cloud security platforms that scale to firms’ needs.

  • SASE solutions that use hardware appliances or private clouds fail to scale and perform
  • Platforms deployed in the public cloud exhibit the highest uptime and performance
  • Cloud-based architectures scale to your needs proactively rather than reactively
  • The worldwide public cloud enables security and usability anywhere in the world
bottom-cta-image

Bitglass SASE

Want to see Bitglass solutions in action?

Request a FREE trial below.