What are the greatest advantages offered by SASE?

1.5k views1 Upvote5 Comments

CISO in Software, 51 - 200 employees
Every vendor is calling themselves SASE now. The CISOs and CIOs that I speak with say, "We're working on being secure now because we're going to get SD-WAN." But it's a secure access service edge (SASE) company so it has all the security protections built-in.

When you actually dig down into it, SASE is just a multiprotocol label switching (MPLS) replacement, except you can use public lines or open internet connections. So, what makes it SASE is adding Zscaler or some security tool on top of that. We had a huge discussion with a SASE industry leader recently and they fully admitted that networking really hasn't changed in the last 30-40 years. You still have your firewall, switches, routers, gateways, WiFi, etc. We just have a different way of accessing it now. Instead of a firewall you just throw in your huge SD-WAN appliance, depending on how you're setting it up, and you do all your security and network management from there. I'm not sure how that’s different, besides the internet connections and the simplicity of rolling it out. 

I'm a big SD-WAN user, so I was a VeloCloud customer back in 2014 because I had offices all over the world and it didn't make any sense to pull out network stacks. I just shipped out a little VeloCloud box with some arrows and stickers that said, "Plug internet in here, plug switch in here." And we could see those come online as the receptionist plugged them in—it was simple and easy and it worked. It wasn't perfect, but it was better than waiting 90 days to get a MPLS connection and an AT&T internet connection. I could do things instantly—that's the advantage I see of SD-WAN, but I don't see any security advantages to it.
Director, IT in Software, 201 - 500 employees
After I moved to a more SaaS-focused company, I was exposed to cloud access security brokers (CASBs) and SD-WAN was more prevalent at that point. But we kept that hybrid approach because we still had to do things on-prem at a much smaller footprint and we had to be able to backhaul traffic to inspect it. We had to be able to geolocate users from 14 offices around the world at the time. So, there were still a lot of old practices I had to bring in and mix with the new ones. That's what I'm seeing with SASE.

But outside of your traditional VPN, where you're likely sending all your traffic back to one hub, being able to optimize that traffic, then inspect it on top and then get creative with those packets is a benefit. And that’s whether you want to block people from doing things or optimize connections based on certain criteria. I see that being more beneficial moving forward, especially in the hybrid or even full-remote workspace.
Director of Technology in Government, 501 - 1,000 employees
Some of the advantages of SASE is that it is designed for virtualized connections (SD-WAN) while providing flexibility and simplicity in managing your WAN traffic and security in your environment. It is also built so that you can add your own capabilities in regards to unified security and policy management. One other benefit Is that it can enable edge to edge security, DLP and can significantly increase your network performance.

While there are many benefits, there are some issues that must be overcome. SASE requires a lot of expertise and personnel time to configure SASE to work within your network environment. You also need to pay special attention in protecting your data and ensuring that your security and network personnel work very closely together and not independently.

Overall, I still see SASE as a solution with great benefits but still needs some fine tuning.
CISO in Services (non-Government), Self-employed
Traditionally in organisations network grows organically and with virtualisation and "Hot-Hot" availability, the network is still flat. Now with the new normal, cloud adoption and SaaS, networks architecture can be software-defined, one can implement micro-segmentation and granular cyber security policies much needed to implement an effective, manageable and secure network architecture, and cyber security in the host environment and for Zero Trust.
Board Member in Healthcare and Biotech, 1,001 - 5,000 employees
SASE is useful only if you use Clouds extensively and there is a need to protect the Edge (Employees and Customers) especially when there is Zero Trust principle for security. I think one of the key benefits is an all-in-one security management solution as compared to a mix-and-match. 

One of my customers which had multi-cloud environment upgraded their security with SASE and were able to demonstrate to the management and their customers that their security was as good as it gets. 

If a vendor is selling SASE for closed network enterprises, they should carefully evaluate if they indeed need it.

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
46.3k views133 Upvotes323 Comments

Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.30%

No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.56%

No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.9%

I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).3%


8.6k views9 Upvotes1 Comment