Book Image

Diving into Secure Access Service Edge

By : Jeremiah
Book Image

Diving into Secure Access Service Edge

By: Jeremiah

Overview of this book

The SASE concept was coined by Gartner after seeing a pattern emerge in cloud and SD-WAN projects where full security integration was needed. The market behavior lately has sparked something like a "space race" for all technology manufacturers and cloud service providers to offer a "SASE" solution. The current training available in the market is minimal and manufacturer-oriented, with new services being released every few weeks. Professional architects and engineers trying to implement SASE need to take a manufacturer-neutral approach. This guide provides a foundation for understanding SASE, but it also has a lasting impact because it not only addresses the problems that existed at the time of publication, but also provides a continual learning approach to successfully lead in a market that evolves every few weeks. Technology teams need a tool that provides a model to keep up with new information as it becomes available and stay ahead of market hype. With this book, you’ll learn about crucial models for SASE success in designing, building, deploying, and supporting operations to ensure the most positive user experience (UX). In addition to SASE, you’ll gain insight into SD-WAN design, DevOps, zero trust, and next-generation technical education methods.

Related Content you might be interested in

Current Title:

Small book image
Diving into Secure Access Service Edge
Jeremiah
Nov, 2022 | 192 pages
Small book image
Edge Computing Patterns for Solution Architects
Ashok Iyengar | Joseph Pearson
Jan, 2024 | 214 pages
Small book image
Network Architect's Handbook
Alim H Ali
Jan, 2024 | 418 pages
Small book image
Zscaler Cloud Security Essentials
Ravi Devarasetty
Jun, 2021 | 236 pages
Table of Contents (28 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1 – SASE Market Perspective
Part 1 – SASE Market Perspective
Free Chapter
2
Chapter 1: SASE Introduction
Chapter 1: SASE Introduction
Define SASE
Market SASE
Value SASE
Embrace SASE
Present SASE
Summary
3
Chapter 2: SASE Human
Chapter 2: SASE Human
Human Issue
Human Problem
Human Behavior
Human Solution
Human Patterns
Summary
4
Chapter 3: SASE Managed
Chapter 3: SASE Managed
SASE Self
SASE Co-managed
SASE Managed
SASE Operational
SASE Success
Summary
5
Chapter 4: SASE Orchestration
Chapter 4: SASE Orchestration
SASE Manual
SASE Template
SASE Integrate
SASE Orchestrate
SASE Automate
Summary
6
Chapter 5: SASE SD-WAN
Chapter 5: SASE SD-WAN
SD-What
SD-Why
SD-How
SD-When
SD-SASE
Summary
7
Part 2 – SASE Technical Perspective
Part 2 – SASE Technical Perspective
8
Chapter 6: SASE Detail
Chapter 6: SASE Detail
Service Definition
Service Components
Service Roles
Service Requirements
Service Flight
Summary
9
Chapter 7: SASE Session
Chapter 7: SASE Session
SASE Session
SASE UNI
SASE Actors
SASE Flow
SASE Lifecycle
Summary
10
Chapter 8: SASE Policy
Chapter 8: SASE Policy
SASE Policy
SASE Quality
SASE Dynamic
SASE Trust
SASE Effective
Summary
11
Chapter 9: SASE Identity
Chapter 9: SASE Identity
Access Identity
Dimensional Identity
Context Identity
Situation Identity
Integrate Identity
Summary
12
Chapter 10: SASE Security
Chapter 10: SASE Security
Secure Overview
Secure Details
Secure Session
Secure Automation
Secure Summary
Summary
13
Chapter 11: SASE Services
Chapter 11: SASE Services
Services Overview
Services Core
Service Options
Services Expanse
Services Explain
Summary
14
Chapter 12: SASE Management
Chapter 12: SASE Management
Management Overview
Management Systems
Management Templates
Management Automation
Management Simplified
Summary
15
Part 3 – SASE Success Perspective
Part 3 – SASE Success Perspective
16
Chapter 13: SASE Stakeholders
Chapter 13: SASE Stakeholders
Stakeholders Overview
Stakeholders Business
Stakeholders Technical
Stakeholder Users
Stakeholder Success
Summary
17
Chapter 14: SASE Case
Chapter 14: SASE Case
Case Overview
Case Insight
Case Examples
Case Design
Case Value
Summary
18
Chapter 15: SASE Design
Chapter 15: SASE Design
Design Overview
Design Theory
Design Function
Design Support
Design Communication
Summary
19
Chapter 16: SASE Trust
Chapter 16: SASE Trust
Zero Overview
Zero Framework
Zero Feed
Zero Trust
Zero Explained
Summary
20
Part 4 – SASE Bonus Perspective
Part 4 – SASE Bonus Perspective
21
Chapter 17: SASE Learn
Chapter 17: SASE Learn
Learn Overview
Learn Model
Learn Perpetual
Learn Timing
Learn Explain
Summary
22
Chapter 18: SASE DevOps
Chapter 18: SASE DevOps
DevOps Overview
DevOps Fervor
DevOps Continuous
DevOps Act
DevOps Impact
Summary
23
Chapter 19: SASE Forward
Chapter 19: SASE Forward
Forward Overview
Forward Present
Forward Future
Forward Measured
Forward Concept
Summary
24
Chapter 20: SASE Bonus
Chapter 20: SASE Bonus
SD-WAN Overview
SD-WAN Design
SD-WAN Failure
SD-WAN Experience
SD-WAN Practice
Summary
SASE Conclusion
25
Index
Index
Why subscribe?
26
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Download a free PDF copy of this book
Appendix: SASE Terms
Appendix: SASE Terms

What this book covers

Chapter 1, SASE Introduction, introduces the term SASE, which was recently coined by Gartner and has been dominating IT projects to ensure cost savings and provide the needed security. The overall book provides a comprehensive foundational-level understanding of what SASE is, how to use SASE for success, how to learn through each evolution, where to find more information, and what the future of integrated secure access solutions looks like.

Chapter 2, SASE Human, discusses how understanding SASE requires a mix of skills not commonly found in one person. Due to the DevOps methodology’s acceleration of software releases, a rapid approach to learning just-in-time prior implementation within two to six weeks is required for success. Miss the mark on this requirement and your employer ends up in the news for having the latest security failure in the market. Using a managed service provider that has multiple teams in lockstep with the developers allows an organization to pivot on demand, transfer liability, and meet the urgent needs of the organization on demand.

Chapter 3, SASE Managed, discusses how SASE is a different approach that requires the experience level of even the best engineers to be reset to zero. Once at zero, it can take 6 weeks or 6 months to achieve basic proficiency with design, implementation, and troubleshooting skills. This “retooling” of the engineering team within a non-technology-focused enterprise offers little value to shareholders or customers. Outsourcing to the right managed services partner allows the technology to provide business value much more quickly and change at the speed of the market.

Chapter 4, SASE Orchestration, looks at automated service management across potentially multiple operator networks, including fulfillment, control, performance, assurance, usage, security, analytics, and policy capabilities, which are achieved programmatically through APIs that provide abstraction from the network technology used to deliver the service.

Chapter 5, SASE SD-WAN, discusses SD-WAN, which provides a virtual overlay network that enables application-aware, policy-driven, and orchestrated connectivity between SD-WAN user network interfaces and provides the logical construct of an layer three, virtual private, routed network for the subscriber that conveys IP packets between subscriber sites.

Chapter 6, SASE Detail, deep dives into what makes a service SASE.

Chapter 7, SASE Session, looks at SASE sessions, which are the core component of a SASE solution. Connecting the target actor to the subject actor, regardless of connection type, in a secure session is the heart of SASE.

Chapter 8, SASE Policy, looks at SASE policies, which are sets of rules applied to the SASE session that can be integrated into SASE connectivity quality mechanisms as well as other SASE service inputs. In the past, policy-based firewall or routing solutions have been prescriptive, requiring a comprehensive understanding of the five Ws prior to implementation. The policy was written in stone to guarantee specific results. With SASE, a dynamic environment that allows machine interaction on demand is required for the service to offer a relevant value proposition. This environment is precursive to AI and has to be designed in a manner that allows for AIOps.

Chapter 9, SASE Identity, discusses how a multidimensional approach is required to integrate IAM, context, situational components, time of day, location, and many other factors to deliver sub-millisecond active security that is continuously relevant.

Chapter 10, SASE Security, discusses how each software product developer uses security vertically. In SASE sessions, these vertical solutions must integrate to form the pervasive security that is required for the solution.

Chapter 11, SASE Services, looks at how there are many services that can be included in a SASE service. Every service is not mandatory for a solution to be considered SASE, but every SASE service should have the ability to be integrated into an overall comprehensive solution for a secure connective solution. Potential example services for inclusion are listed in this chapter and are expected to evolve as this market matures.

Chapter 12, SASE Management, looks at establishing, monitoring, and enforcing the configuration, policy, and performance of any given component of or the overall SASE solution.

Chapter 13, SASE Stakeholders, discusses how the foundation for SASE solutions requires identifying all stakeholders in the end solution. Each stakeholder contributes to the cross-functional matrix approach in the project planning phase to qualifying security requirements.

Chapter 14, SASE Case, provides examples for educational purposes, but they are by no means “recipe cards” for implementation strategies or architectural blueprints. The Use Case in turn provides a model that allows for templated approaches that are necessary for scaling the ultimate solution.

Chapter 15, SASE Design, discusses how designing for SASE involves concepts relating to DevOps, security, SD-WAN, and the cloud, and displaces legacy LAN/WAN design principles primarily due to the disaggregation of data plane and control plane activity.

Chapter 16, SASE Trust, discusses the Zero Trust Framework, which is a cybersecurity architecture where all actors are authenticated, authorized, and continuously validated before subjects are granted access, maintain access to, or perform operations on targets.

Chapter 17, SASE Learn, discusses how SASE is a moving target that does not stop evolving. How do you learn something that is perpetually becoming more complex daily? How do you get ahead of the requirements? Where can you independently research this subject? We will provide answers to these questions in this chapter.

Chapter 18, SASE DevOps, discusses the DevOps mindset, which is a rigorous systematic, fervent approach to continual improvement through secure development iteration. Through iteration, the production release of code improves in security, reliability, and user experience.

Chapter 19, SASE Forward, discusses how the future of SASE will be completely different from today. But like the history of x86 computer hardware, it is somewhat predictable, and therefore, a pattern emerges that allows us to stay diligent and ahead of the next change.

Chapter 20, SASE Bonus, discusses how designing SD-WAN solutions is much more complex than a routed WAN with an identical scale. Multiple circuits across routers may be integrated by configuring a dynamic routing protocol that uses all available routes. In contrast, each SD-WAN path must be considered independently, and policies should be designed to give the orchestrator as much autonomy as possible in selecting the ideal path for each packet or flow.

Previous Section
Next Section