Best Practices for Protecting the Network Edge Include SASE

The increased use of remote and cloud-based resources resulting from the COVID-19-fueled work-from-home trend has highlighted another trend that was already underway before the pandemic: The network edge isn’t what it used to be.

According to a 2019 Gartner report, “The Future of Network Security is in the Cloud,” the entire concept of the network perimeter has rapidly evolved. “The enterprise perimeter is no longer a location,” Gartner says. “It is a set of dynamic edge capabilities delivered when needed as a service from the cloud.”

The data center isn’t at the center of connectivity requirements anymore as companies shift to a dynamic access model. More users, devices and applications are located outside the organization than within.

According to Gartner, complexity, latency, and the need for decryption and inspection of encrypted traffic will increase demand for the secure access service edge (SASE), which consolidates networking and security-as-a-service capabilities into a cloud-delivered service.

That’s because digital transformation is built on anytime/anywhere access to applications and services. Building out from the data center can actually inhibit digital progress.

To ensure low latency, businesses will need edge computing capabilities that are distributed and operate closer to systems and devices.

That’s where the value of SASE offerings will be critical.

According to Gartner, “SASE offerings will provide policy-based software-defined secure access from an infinitely tailorable network fabric. Security professionals can precisely specify the level of performance, reliability, security, and cost of every network session based on identity and context. The emergence of SASE will create a significant opportunity for security and risk professionals to enable the changing security access requirements of digital transformation, providing secure access capabilities to a variety of distributed users, locations and cloud-based services.”

Inspection engines and algorithms will move closer to end users and edge devices. Endpoint identities will include branch offices, IoT devices and individual users operating a mobile device. All of these identities need access to network capabilities across the network.

According to Gartner: “Secure access decisions must be centered on the identity of the entity at the source of the connection (user, device, branch office, IoT device, edge computing location and so on).”

A SASE approach enables security teams to deliver secure network security services consistently, no matter where the network access occurs.

These solutions require robust toolsets. Barracuda, for example, has introduced Barracuda CloudGen WAN, a secure, global SD-WAN service built on Microsoft Azure. Using CloudGen WAN, companies and service providers can create a practical SASE solution in the public cloud.

In a recent report, “Secure SD-WAN: The Launch Pad into Cloud,” Barracuda found that SD-WAN is being used by more than half of organizations that have added security to the public cloud to address lack of access control and backhauling traffic.

CloudGen WAN is a SaaS service deployed directly from the Azure Marketplace for as many regions as needed and administered centrally in the CloudGen WAN portal for all office locations and remote endpoints.

With SASE, organizations can reduce security complexity and costs by consolidating secure access services. SASE also enables new applications and services because they are securely available to partners and contractors. There is also lower latency and greater transparency for users.

SASE also enables zero-trust network access because access is based on user/device identity.

SASE adoption will be disruptive.

Gartner provided several recommendations for