What’s your current understanding of Secure Access Service Edge (SASE)?

CloudSecurity & GRCNetwork
1.9k views1 Upvote6 Comments
Sort By:
Oldest
Co-Founder, SVP, CISO3 years ago
Just from talking with people, it seems to be just a VPN where they try to bake services into the box. They throw some stuff into the box to give it capabilities right at the edge, but It's just more stuff in one box. You're still doing a VPN over an internet connection.

There’s the router feature for which outbound queue and the way it's servicing the quality service queues—we used to do it within a router. But it's not like you've got a prioritized pipe through the network to the other end.
1
Director, IT in Software3 years ago
I think part of the SASE architecture is creating that zero-trust model. If you have 5K people all working from home, you're not going to send them all Meraki MX devices. They use their own internet connection and we just make sure that if they're accessing anything that belongs to the company, they're doing so securely from a device that we trust.
2 2 Replies
Co-Founder, SVP, CISO3 years ago

We threw certs on every laptop we gave out so you could not come in unless you had a cert—we knew your machine and we knew you, so it was super secure. But in SASE, how does it know anything about your home machine?

lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Director, IT in Software3 years ago

I don't have any SASE products at my company now, so I can't give you any definitive answer there. But from the zero-trust model specifically, if you're trying to access something, whether you're first hitting your Intrusion Detection and Prevention (IDP) or you've gotten through to the IDP, the application you're trying to use is then attempting to verify something that's either an executable running or the criteria that you set, including a cert or a trusted block of IPs that has been vetted by your network provider. I think these different companies are just putting their own spin on it a little bit, but I think the underlying model is the same: never trust, always verify.

Director of Enablement4 months ago
Honestly, the market is confused.

When our Gartner overlords defined the category in 2019, it was looking to take the complexities of networking and security, and simplify them into a single manageable platform. ZTNA, SD-WAN, NGFW, SWG, IPS etc were key buzzwords, and everything was fine and dandy.

Business started booming, but then covid struck.

Remote access became super important, so all of these point-product SD-WAN and VPN companies decided they need to hop on to the SASE train. Then firewall and IPS vendors copied.

Over time the definition has shifted, and some folks claim to be ‘single vendor SASE’ while others say they’re ’unified SASE’ or ‘multi vendor SASE.’ The waters have been muddied due to market demand.

If you’re looking to learn more about SASE, I’d recommend looking at Gartners market definition from 2019, and investigating the sample vendors on that list. Focus on the innovators, not the clout chasers

Disclaimer: I am biased as I work for a SASE company, as well as have written a vendor-agnostic book explaining the key methodologies, drivers and components of a SASE architecture.
Director of IT in Energy and Utilities4 months ago
There is definitely an opportunity with the idea / technology.  The providers of the solution are still sorting it all out though so quite a bit of change is expected in my opinion.

Content you might like

Will rising cloud costs lead to a reverse migration, from cloud to on-prem?

CloudCost OptimizationInfrastructure
Director IT | CTO Office | Digital Factory / Industry 4.0 in Hardware2 years ago
I don't think rising costs will make people migrate back to on-prem because they're too  invested. If you're already in the cloud, you would have to bring everything down and set up an on-prem environment, which ...read more
2 Replies
Read More Comments
3.2k views11 Comments

What is your primary deciding factor in adopting enterprise search?

Strategy & ArchitectureCloudEnd-User Services & Collaboration+26 more

TCO19%

Pricing26%

Integrations21%

Alignment with Cloud Provider7%

Security10%

Alignment with Existing IT Skills4%

Product / Feature Set7%

Vendor Relationship / Reputation

Other (comment)

View Results
5.7k views3 Upvotes1 Comment

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Applications & PlatformsCloudData & Analytics+15 more
Head of Enterprise Architecture MERCK Group in Healthcare and Biotecha year ago
Strategy & Architecture
Read More Comments
39k views5 Upvotes34 Comments

What cybersecurity topics do you think are critical for CIOs to be more involved in, even in orgs that have a CISO?

Relationship ManagementSecurity & GRCSecurity Strategy & Roadmap+1 more
Director of IT in Healthcare and Biotech9 days ago
Cybersecurity governance and risk management (setting up monitoring of emerging threats), data protection and privacy compliance (standardize on data protection across all channels), incident response and recovery planning ...read more
Read More Comments
1.3k views3 Comments

In the past 6 months, have you seen an uptick in targeted cyberattacks on telehealth devices and networks?

Security & GRCNetworkThreat & Vulnerability Management+2 more

No Increase16%

1-5% increase47%

6-25% increase24%

26-50% increase6%

51-75% increase1%

76%+1%

Other2%

View Results
1.7k views1 Upvote