What Is SASE?

Pronounced "sassy", SASE is an enterprise networking technology category introduced by Gartner in 2019 – coining a phrase to describe an assortment of security tools and practises.

Pronounced “sassy”, SASE is an enterprise networking technology category introduced by Gartner in 2019 – coining a phrase to describe an assortment of security tools and practises.

SASE allows organisations to grant users and devices access to data and applications from any location, says Kevin Bloch – former Cisco ANZ Chief Technology Officer and founder of corporate technology advisory firm Bloch Advisory.

“The network perimeter is no longer the office walls, in the age of work-from-anywhere you and your device – wherever you are – are now the network perimeter,” Bloch told Orro’s recent ‘Serious SASE’ virtual fireside event.

“SASE helps address this challenge by reimagining the concept of security to be more location-agnostic – the idea of trusting users or devices simply because they’re in the building is obsolete.”

SASE’s rethink of where security is applied is also accompanied by a rethink of how it is applied. It moves beyond adhering to a set of static rules. Instead, SASE continually optimises security for each user and device – regardless of their physical location – based on identity, context, policies and continual risk assessment.

SASE is less focused on policy violations and more focused on dynamically identifying unusual and suspicious behaviour. This holistic approach to security can flag out of the ordinary activity, even if it does not actually break the rules and policies laid down for that user or device.

By proactively watching for the telltale signs of an impending security incident, it can help thwart breaches before they occur.

“The network perimeter is no longer the office walls, in the age of work-from-anywhere you and your device – wherever you are – are now the network perimeter”

Kevin Bloch – Founder Bloch Advisory

SASE can encompass a range of network and security solutions. In terms of networking, it can incorporate Wide Area Network (WAN) optimisation, Software Define WANs (SD-WAN), Content Delivery Networks (CDN) and bandwidth aggregation.

On the security side, it can incorporate Zero Trust Network Access (ZTNA) and cloud Secure Web Gateways (SWG), as well as Firewall (FWaaS) and Web API Protection as a Service (WAAPaaS).

According to the Ponemon Institute’s global survey “The State of SD-WAN, SASE and Zero Trust Security Architectures”, 49 per cent of respondents say their organisations either have or will deploy SASE architectures. The figure is 57 per cent for Zero Trust and 45 per cent for SD-WAN.

It is important to appreciate that SASE in itself is not a product, but rather an architecture, says Cris Bailiff – CTO of Cyber Services at Orro.

With the COVID-19 pandemic scattering workforces to the wind, one of the key drivers of SASE adoption is the move away from the limitations of relying on VPNs for secure external access. As a result, 60 per cent of enterprises are predicted to phase out the use of VPN in favour of ZTNA by 2023, according to Gartner.

“SASE is a philosophy, it’s a mindset with regard to how you design, build, secure, operate and maintain your environment”

Robert De Nicolo – Director of Cybersecurity at Cisco Systems, ANZ

Even so, Bailiff says SASE is far more than simply a replacement for VPNs.

“It’s not enough to simply view SASE as an alternative to VPNs for secure remote access, the key to SASE is the identity-based security aspect,” he says. “It’s that granular, dynamic security which is the real game changer, especially combined with the improved performance that SD-WAN offers remote workforces.”

The two most common use cases for SASE are providing secure access for remote workers and securing the network edge, says Robert De Nicolo – Director of Cybersecurity at Cisco Systems, ANZ.

“Most organisations today are wanting to provide an equitable application experience to all users – high quality, predictable, reliable and secure,” De Nicolo says. “The expectation is that it should be delivered regardless of where users are accessing it from.”

“SASE is a philosophy, it’s a mindset with regard to how you design, build, secure, operate and maintain your environment, to ensure you achieve both the user outcomes and business outcomes required for success.”


Get In Touch With Orro Today

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Related Insights

21 November 2023

On AI, IoT & Cyber Security: Cisco Partner Summit 2023 Insights

An insight into Orro’s Chief Technology Officer, Michael Van Rooyen’s account of the 28th Annual Cisco Partner Summit.
29 March 2023

The Importance of Having a Cyber Incident Response Plan

Rehearsing and refining your cyber incident response plans ensures you can minimise the damage if attackers manage to breach your defences.
14 February 2023

Orro and TAFE Collaborate for Cyber Security Certification Course

Across Australia, around 18,000 graduates are currently required annually, to fill vacancies in cyber security. Within this rapidly growing industry, the need for job-ready graduates has never been higher, with demand outstripping the number of graduates each year.