One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 2310938 |
| Date de publication | 2021-02-08 11:00:00 (vue: 2021-02-08 11:05:21) |
| Titre | A beginner\'s guide to SASE |
| Texte |
If you are in the security or networking industry, there is no doubt that you’ve been hearing the latest Gartner inspired buzz word being dropped in conversations with your colleagues, customers, and vendors alike. In case you haven’t already guessed, I am referring to SASE (pronounced “sassy”). Although it is a hot topic of conversation, it is clear to me that there is still a considerable amount of confusion about what SASE is, its purpose, and what sort of level of urgency it should be given.
SASE stands for Secure Access Service Edge and is an architecture model (I’ve also heard it referred to as a concept or framework) developed by Gartner in 2019 that combines software-defined wide area networking (WAN) with comprehensive security functions in order to support the dynamic nature of today’s modern workforce. Applications are moving out of the data center and into the cloud, more employees are working from remote locations than ever before, and data is being accessed from a wide range of company and personally owned devices. All of these factors make it very difficult for network and security administrators to know what applications and data are being accessed by whom as well as their usage. And what you cannot see, you cannot manage or secure. Some of the key principles of SASE are:
The data center is no longer the center of the network and organizations that continue to route all of their network traffic through the data center, using a legacy hub-and-spoke topology, will create a situation where their network becomes a business inhibitor. Backhauling remote users’ traffic to the data center that is destined to the cloud inevitably produces latency and affects productivity.
Access to data should be based on identity, not the location of the user. The old approach to security was that everyone on the network was trusted while traffic originating from outside of the network should be scrutinized. This philosophy does not work in today’s environment of employees and partners working from just about anywhere and conducting business off network. But besides being antiquated, providing open access to anyone on network is just reckless because it does not take into account the possibility of insider threats.
Users and applications are more distributed than ever before, therefore technologies that offer worldwide points of presence and peering relationships should be an important consideration. Having a point of presence that is geographically near a user facilitates a shorter logical path between them and the resource they are accessing, allowing them to focus on accomplishing their job duties or tending to customers, as opposed to waiting for applications and web pages to load.
Consolidating the number of vendors can help reduce the complexity of management. This is especially true when network and security technologies are integrated to share data in order to provide contextual intelligence and automation or when they can be managed through one pane-of-glass.
These digital transformation trends and diversification within vendor portfolios started well before Gartner had coined the phrase SASE, but businesses have been very receptive to their recommendations for how they should approach networking and security in the future.
Something important to note, and I cannot stress it enough, is that despite what all of the great marketing may lead you to believe (and this is coming from a marketer), there is not one off-the-shelf SASE solution on the market. That’s because there is no cut and dry definition of what combination of technologies must be offered to be called SASE.
Gartner does specify that there are fi |
| Envoyé | Oui |
| Condensat | sd 2006 2007 2010 2013 2014 2019 ability about access accessed accessing accomplishing account acknowledges acquiring acquisitions across administrators adoption affects against alike all allowing already also alternative although amount analysis analyst another answer antiquated anyone anywhere appliance application applications applied approach appropriate approved architecture are are: area around assets attained attractive automation back backhauling bandwidth based because becomes been before beginner being believe benefits besides between beyond both box branch broadband broker browse build building business businesses but buzz called can cannot capabilities casb case cases center centralized check choose circuits claim clear cloud coined colleagues combination combines come coming company complete completely complexity compliance comprehensive concept concern conduct conducting confusion connect connected consider considerable consideration consolidate consolidating constant contextual continue controls conversation conversations core cost could create critical customers cut cybersecurity cycle cycles data day deciding decision dedicated defined definition demonstrate deploy deployed despite destined developed devices difficult digital directly disruptive distributed diversification dlp does doubt dropped dry duties dynamic each early edge else employees enables end enough enterprises environment especially even ever every everyone everything existing expose facilitates factors fewer finally firewall first five flows focus follows forrester four framework frameworks from full functions funding future fwaas gartner gateway geographically get given glass goal good grant great greater greatly guessed guide had has have haven’t having heard hearing help higher hitting hosted hot how hub hype i’ve identified identity important include included including increase increased industry industry’s inevitably infrastructure inhibitor initiatives insider inspected inspired integrate integrated intelligence interact internet interoperate introduced isn’t its job jobs just key know large latency latest lead least legacy level levels like likely lines load located location locations logical longer look loss low lte make malware manage managed management many market marketer marketing mass may mean model modern months more most moving mpls mssp multiple must nature near necessarily need needed needlessly network networking new newly next ngfw ngfws not note number occur off offer offered offers office offices often old one open opposed option order organizations origin originating others out outlined outside outsourcing over owned pages pane particular partners path paths peering performance personally phases philosophy phrase pitch platforms poc point points policies policy portfolios possibility possible potential prefer prem presence principles prioritize privilege procedures process produces productivity products pronounced proof protect protection provide provided provides providing public publications purpose qualify range reasons receptive reckless recommendations reduce referred referring refresh regardless regulations relationships relatively reliability remote require research resiliency resource response responsible retaining risks roadmap role rolled route routed saas safe sales same sandboxing sase savings scenarios scrutinized secure security see segment sensitive separate service setup several shadow share shelf shortage shorter should similar simplified since single site sites situation skills software solution solutions some something sometimes sort source sourced sourcing specific specify spoke stack stands staple started starting stress such suite support surge swg take takes team teams technologies technology tenants tending term than that’s them therefore these think threats through time times today’s tools top topic topology traffic transformation transforming trends true trust trusted try typically understand unrelated unsecured upcoming urgency usage used user users |
| Tags | Malware Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.