Define SASE

SASE is pronounced sassy. Andrew Lerner at Gartner coined the phrase in a blog post on December 23, 2019. That post can be found at https://blogs.gartner.com/andrew-lerner/2019/12/23/say-hello-sase-secure-access-service-edge/. He explains that Software-Defined Wide Area Network (SD-WAN) needed a security package. SD-WAN effectively replaces router-based WAN solutions in a next-generation software based package.

The SD-WAN solution varies from vendor to vendor but incorporates secure data forwarding with policies that leverage application specifications to guarantee the best handling of traffic for each application. This improves the User Experience (UX) as well as the network's resilience.

We now refer to SASE as a framework. SASE leverages multiple security services into a framework approach. Not all services offered as SASE solutions are required to be compliant, but adherence to a comprehensive security framework approach is expected. Currently, there is no SASE certification; instead, most of the SASE hype comes from intense competition through effective marketing.

The idea of SASE was not far from what security consultants were already doing by integrating multiple security solutions into a stack that ensured a comprehensive, layered, secure access solution. This approach is something I was already doing for my customers in ensuring Next-Generation Firewall (NGFW), Intrusion Detection System (IDS), Intrusion Prevention System (IPS), and other necessary security solutions were a part of every SD-WAN installation. By calling it a SASE framework, the approach to a comprehensive solution somehow felt more focused than what the industry recognized as just a best security practice.

Commonly, SASE services include SD-WAN, Zero-Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), NGFW, Secure Web Gateway (SWG), unified management, and orchestration. Just what constitutes a real SASE solution varies greatly by source. Several organizations, such as the Metro Ethernet Forum (MEF), are trying to establish neutral industry standards for SASE. These standards will pave the way for a universal understanding, the ability to integrate multiple manufacturers into a solution, and a method for teaching SASE.

Most network communications and security vendors have been working to create a full SASE framework under their brand. Their marketing presents the idea that a full SASE solution from a single vendor is the way to ensure security. Current customer feedback from the Fortune 500 class of NCE link" businesses is that two to three Original Equipment Manufacturer (OEM) vendors will need to be integrated to allow for best-of-breed solutions. This provides an opportunity for a Managed Service Provider (MSP) to give orchestration across multiple platforms to achieve optimal security.

To summarize, SASE is a new, next-generation secure communications services framework that combines many different services to close previous gaps in security. In the next section, we will define the market as it pertains to SASE services and solutions.