Book Image

Diving into Secure Access Service Edge

By : Jeremiah
Book Image

Diving into Secure Access Service Edge

By: Jeremiah

Overview of this book

The SASE concept was coined by Gartner after seeing a pattern emerge in cloud and SD-WAN projects where full security integration was needed. The market behavior lately has sparked something like a "space race" for all technology manufacturers and cloud service providers to offer a "SASE" solution. The current training available in the market is minimal and manufacturer-oriented, with new services being released every few weeks. Professional architects and engineers trying to implement SASE need to take a manufacturer-neutral approach. This guide provides a foundation for understanding SASE, but it also has a lasting impact because it not only addresses the problems that existed at the time of publication, but also provides a continual learning approach to successfully lead in a market that evolves every few weeks. Technology teams need a tool that provides a model to keep up with new information as it becomes available and stay ahead of market hype. With this book, you’ll learn about crucial models for SASE success in designing, building, deploying, and supporting operations to ensure the most positive user experience (UX). In addition to SASE, you’ll gain insight into SD-WAN design, DevOps, zero trust, and next-generation technical education methods.
Table of Contents (28 chapters)
1
Part 1 – SASE Market Perspective
7
Part 2 – SASE Technical Perspective
15
Part 3 – SASE Success Perspective
20
Part 4 – SASE Bonus Perspective
Appendix: SASE Terms

Service Components

The components of a SASE service typically include Identity and Access Management (IAM), an Actor Access Connection (AAC), a Policy Endpoint (PEP), and Endpoint Connectivity (EPC).

IAM is a technology where someone or something's identity is validated before being granted access to a system. Once this has happened, the system or service that access has been requested for will be permitted or denied based on the access policy. The policy may restrict access based on the context surrounding the validated identity, such as the time of day, location, user role, application, IP address, or other known variables at the time of access. Access may also be restricted based on the access method or device. The IAM service may also terminate access based on input from another service, such as Data Loss Prevention (DLP) systems.

AAC is essentially the point where a person, device, or service is provided access to the SASE service. The subject actor is essentially...