Gartner's take on SASE: enabling secure access anywhere

If you manage network security in cloud or hybrid cloud settings, you’ve probably encountered Secure Access Service Edge (SASE).

First defined by Gartner security experts in 2019, SASE is a next-generation network security approach. It urges organizations to integrate security stacks via cloud-based SD-WAN tools. And it seeks to protect dynamic network edges generated by remote access and SaaS resources.

When we talk about SASE Gartner continues to set the agenda. The security sector looks to Gartner’s papers and experts for guidance. They also offer valuable predictions about coming innovations and security trends.

This blog will look at how the concept has evolved and why Secure Access Service Edge approaches could suit your network architecture.

How Gartner describes SASE?

When it comes to SASE, Gartner defines it as an approach that delivers “converged network and security as service capabilities, including SD-WAN, SWG, CASB, NGFW and Zero Trust Network Access (ZTNA).

Furthermore, SASE is “primarily delivered as a service and enables zero trust access based on the identity of the device or entity, combined with real-time context and security and compliance policies.”

A Security Service Edge setup brings security tools together via SD-WAN and Secure Web Gateway tools. A single security stack covers cloud and on-premises resources. Managers can control firewalls, access, and authorization via centralized panels. And users can connect securely wherever they are.

Gartner discourages the use of many vendors. Organizations should source SASE security solutions from a single provider.

The Gartner definition has quite a lot of flexibility. However, most SASE deployments feature the following elements:

• Software-defined Wide Area Networking (SD-WAN)
• Next-generation cloud firewalls (FWaaS)
• Secure Web Gateways
• Cloud Access Security Broker (CASB)
• Zero Trust Network Access (ZTNA)
• Data Loss Prevention tools (DLP)
• Real-time cybersecurity intelligence and threat protection
• DNS security services
• Sandboxing to segregate browsers and malicious agents

Gartner’s SASE security model benefits

The SASE Gartner model has many advantages if implemented well. Benefits of the model include:

• Efficiency – Combining security stacks avoids silos that duplicate work. Silos also make sharing threat data problematic. SASE reduces workloads and makes policy implementation simple. SASE exchanges inefficient hub-and-spoke architecture for a cloud-based distributed approach.
• Security – Web gateways use global threat intelligence to filter traffic. Suspicious data can be sent to sandboxes for analysis and neutralization. Enhanced identity management also screens access requests. This makes illegitimate network access less likely.
• Scaling – Organizations can scale security automatically. Security systems adapt organically as cloud deployments expand.
• Lower costs – Simplification results in lower costs for cloud-reliant organizations with large remote workforces.
• Remote access – SASE was devised with remote workers in mind. Cloud-native edge defenses allow workers to access critical resources securely anywhere in the world.
• Visibility – Centralized management panes monitor activity and visualize network architecture. Security officers can instantly deploy security policies to all endpoints.
• Cloud optimization – Identity-focused SASE controls track every user request. Managers can assign tight authentication requirements and granular authorization to enforce ZTNA.

Gartner SASE model characteristics

According to Gartner SASE models have several core characteristics. Combining these elements allows organizations to create agile, scalable, and highly secure network architecture.

Cloud-native design using containerized micro-tools

SASE setups are cloud-native. Cloud containerization boosts speed, allows maximum flexibility, and scales as cloud environments change.

On-demand cloud services to all endpoints 

Cloud security extends to all global endpoints according to consumer needs. Edge security adapts to user communities automatically.

Integrated security and networking

The Gartner SASE model brings together cybersecurity and networking. Simple control panels and SD-WAN systems combine the security stack. Managers can police all network assets with ease.

Centralization of policy control

Security policy deployment is centralized. Managers can distribute policies to endpoints, cloud applications, or devices within the SASE perimeter.

Localization in emergencies

Local access must be guaranteed if SD-WAN or other systems fail. SASE security architecture builds in the survivability of local services if emergencies arise.

Why SASE is important for cloud-native design

SASE has gained popularity with the expansion of cloud computing and remote work. Since the Covid pandemic, millions of workers have remained off-premises. Every remote worker needs secure ways to connect to SaaS resources.

SASE enables that level of security. When applied properly, it protects sensitive data held in cloud containers or processed via cloud apps. And it ensures data is only available to authorized users.

Organizations with SASE implementations can scale cloud environments smoothly and safely. They can add new SaaS applications within a single security stack. Every endpoint is visible and secure. Managers can apply encryption as needed across all critical services.

Additionally, regulations now require enhanced cloud security. Regulations protecting consumer privacy cover around 5 billion people worldwide. Executives are being graded based on their ability to protect user privacy. SASE security services are becoming crucial for compliance teams.

Gartner's vision for SASE

Does reality match the expectations of Gartner? Are real-world organizations applying the SASE framework effectively?

According to Gartner’s team, several trends suggest that SASE is the future of network security:

• Firstly, single-vendor SASE products are becoming routine with SD-WAN deployments. A Gartner report suggests that by 2025 50% of SD-WAN roll-outs will be part of single-vendor SASE environments. The model is gaining traction.
• Gartner predicts that existing SASE deployments will consolidate at a rapid pace. By 2025, 65% of organizations using many SASE components will bring them together in single-vendor solutions. The figure for 2022 was just 15%.
• Industry participants also show an overwhelming preference for SASE adoption. In one Gartner I&O conference, 31% of respondents reported an intention to invest in SASE. This compares with single-digit showings for NetDevOps or MCNS.
• At the same time, risk is becoming a critical priority in managing enterprises and rewarding executives. Gartner sees this as a core driver of accelerated SASE adoption.
• Gartner analysts think that by 2025 60% of companies will prioritize data protection when assessing business collaborations. Up to 50% of C-level executives will have cybersecurity goals written into their contracts.

In other words, SASE is being entrenched in corporate culture, not just the strategies of IT departments.

How can NordLayer help you achieve SASE security?

Nordlayer’s SASE solutions can help you put in place Gartner’s security best practices and implement Zero Trust Network Access. Our tools blend cybersecurity and efficient networking, with cost-efficient services and cloud-native technology. For instance, relevant features include:

• Next-generation, soon-to-be-released, Cloud Firewall (FaaS) that regulates access to SaaS services.
• Secure Web Gateway enables safe remote access to network resources.
• Threat prevention tools to filter malicious traffic before it reaches apps and data containers. 
• DNS security services to block specific websites categories  and allow employees to use the web securely.
• Zero Trust Network Access (ZTNA) 

Stage your next digital business transformation safely and provide secure remote access to everyone who needs it. To find out more about Nordlayer’s SASE solutions, get in touch with the team today.