What is SASE?

1. What is SASE (Secure Access Service Edge)?
2. Why should companies use SASE?
3. What are the advantages of SASE?
4. What are the components of SASE?
5. Why choose Proximus as a partner to implement SASE's solution?
6. How is SASE delivered?

What is SASE?

SASE or Secure Access Service Edge aims to centralize the management of network security. SASE is a framework that brings together network management efficiency SD-WAN and security (SSE or Secure Service Edge) to meet the dynamic secure access needs of the digital enterprise, such as the shift to hybrid working or the transition to the cloud. It enhances network efficiency by delivering security closer to users and applications.

In a way, SSE or Secure Service Edge complements the SD-WAN commitment to flexible application access by expanding the security boundaries. In the past, security relied on conventional firewalls located in data centers and branch offices. With SASE, security encompasses users and applications beyond these traditional perimeters, enhancing both end-user experience, no matter where the end user is, and security through an uniform policy throughout the security posture.

Combine SD-WAN & SASE

Why should companies use SASE?

Gartner, August 16, 2023

With the urge for digitalization, the corporate network of companies has changed dramatically in the last decade. The use of public cloud apps and services has exploded. Every year, companies produce more data, and increasingly this data is stored in SaaS applications in a public cloud.

Also consider that the number of mobile users and employees working remotely is growing. Post-covid we see a mix of working from home and in the office. Employees will connect to the company network from wherever and whenever they want.

Thanks to SASE, these companies can manage security, networks, and hybrid workplace policies in one solution. Cyberthreats are constantly evolving. Organisations need solutions such as SASE that can quickly detect and counter increasingly sophisticated attacks. Finally, SASE helps organisations to manage the costs and complexities of implementing multiple security and network solutions.

What are the advantages of SASE?

SASE empowers companies to confidently manage their networking and security while supporting a work-from-anywhere (WFA) workforce. The flexibility offered by SASE enables companies to enhance their operational efficiency and productivity.

Secure

Effective security measures are put in place through Secure Web Gateways (SWG), Cloud Access Security Brokers (CASB) and Zero Trust Network Access (ZTNA) for instance. All this is done to improve and secure the flow of traffic between the user and the application within the same service.

Speed and flexibility

Simplified management that allows you to control a fragmented IT landscape and prevent interoperability issues by implementing a single dashboard that displays all necessary metrics.

Access management

Substantial reduction of cyber risks thanks to the zero-trust model offered by SASE. Zero trust represents a system that manages access management without affecting the end user and significantly reduces cyber risks.

Compatibility

The SD-WAN underlay can exist of MPLS, Internet and/or 4G/5G. By using different access types and multiple circuits thanks to SD-WAN features you increase the redundancy and availability of the network.

Futureproof

SASE's flexibility makes it the intelligent network solution for the future, that allows it to adjust to the ever-changing needs of businesses and embrace emerging technologies.

Simplified security for hybrid working

In the era of remote work and distributed teams, SASE shines as a solution that guarantees secure, reliable access to company resources from any location. This capability addresses a crucial challenge that traditional network architectures often struggle to meet.

What are the components of SASE?

SASE brings robust edge security through Secure Service Edge (SSE) and intelligent, flexible connectivity via Software-Defined Wide Area Network (SD-WAN) together. This convergence simplifies IT services by unifying two essential solutions.

Secure Service Edge (SSE)

Secure Web Gateway (SWG)

A cloud-based web proxy or a Secure Web Gateway (SWG) provides security features such as malware detection, file sandboxing, dynamic threat intelligence, SSL decryption (Secure Sockets Layer), and content filtering.

Cloud Access Security Broker (CASB)

The Cloud Access Security Broker provides a secure connection to your cloud service provider. It allows you to control permissions within individual SaaS applications and web applications. The CASB service identifies and prevents unauthorized data sharing related to cloud services, unapproved applications, and shadow IT.

Firewall-as-a-Service (FWaaS)

Firewall-as-a-Service (FWaaS) is a cloud-based security model that replaces traditional physical firewalls with a centralized, scalable, and flexible cloud infrastructure for managing and protecting network traffic and data.

Zero Trust Network Access (ZTNA)

ZTNA provides application access with the least privilege possible based on the employee's identity, role, location, and equipment, reducing password proliferation through a multi-factor-based single authentication solution.

SD-WAN

Automating connectivity is the key to this solution, enabling centralized management of Wide Area Networks (WAN) connecting all sites. SD-WAN is built on three key elements:

• The SD-WAN sublayer can consist of MPLS, internet, and/or 4G/5G. Using different access types and multiple circuits increases network redundancy and availability, with SD-WAN actively and concurrently utilizing them.
• Application-aware routing ensures that each application receives the appropriate priority, connectivity, and routing.
• All data is encrypted for enhanced security.

Why choose Proximus as a partner to implement SASE's solution?

At Proximus we have the experience and experts to help companies design, deploy, and develop their IT environments. We see SASE (Secure Access Service Edge) as an evolution and part of a broader virtualisation and digitalisation story.

Proximus will help you in a step-by-step approach on the road to SASE. After all, you do not undo existing investments in hardware and software. In this way, you gradually work towards a future-proof, hybrid working environment.

Proximus is working together with several market leading vendors to provide the best-in-class solution for your requirements and roadmap. To help you maximize the potential offered by SASE, we offer you a specialized consultancy service. With a step-by-step approach, we assist you in successful implementation and provide you with all the necessary guidance and support.

Because customer needs are very different, we work with different vendors on the evolution towards a ZTNA (Zero Trust Network Access) or SASE (Secure Access Service Edge) architecture and seek the best technological fit for each customer. Our professional services make the difference by defining a state-of-the-art architecture that meets today's needs while being sustainable and cost-effective.

How is SASE delivered?

Implementing or migrating to SASE can be a complex endeavor that requires accurate planning and strategy. At Proximus, we believe that a carefree SASE integration consists of several steps.

1. Discover

Before you start with SASE it is important to balance the advantages and disadvantages. This enables us to make the right decisions.

2. Evaluate

Co-create a future-ready intelligent end-to-end network design: Minimize the risk and cost of a (phased) migration by obtaining a personalized insight in a future network setup. Learn from relevant use cases and the latest technological developments. Identify quick wins but also dependencies with other domains.

3. Build

We work with several vendors to build your SASE environment based on Best of Breed solutions.