This website uses cookies. By continuing to browse this website, you accept our use of cookies and our Cookie Policy. Close

Explore the future of cloud & network security at the 2020 SASE Cybersummit.

Close
Monday, Apr 13, 2020

How People Are Starting to Use SASE

Share

With people moving beyond the bounds of traditional offices to work just about anywhere, the way in which you defend them and your data is also changing. Security that used to be delivered via a patchwork of point products is following apps, data, and people into the cloud in a new approach that Gartner calls Secure Access Service Edge (SASE). Part I of this series looked at what SASE is and how it will redefine network and cloud security; Part II suggested ways you can begin moving towards a SASE future by using the cloud to secure the cloud. In today’s entry, let’s dig into some of the initial ways that SASE is being applied in the real world.

SASE is all about convergence in the cloud

With organizations more distributed than ever before, putting stacks of hardware at every location or using disparate products for remote workers creates holes for attackers, costs too much, and puts a strain on scarce IT resources. SASE solutions, such as Forcepoint Dynamic Edge Protection (DEP), provide an all-in-one way for you to deliver advanced web, network, and application security as a service from the cloud.

 

Here's a visual to illustrate the concept:

SASE - convergence in the cloud diagram

Unifying web, network, app security makes many problems easier to solve

DEP implements the SASE model, weaving together advanced security capabilities such as firewalling, intrusion prevention, web content inspection, malware scanning, URL filtering, application access, and more into a single, unified cloud service. This converged approach eliminates gaps and redundancies to stop attackers from breaking into your enterprise from the internet, web content or cloud apps—consistently, no matter where your people work.

SASE branch security without extra hardware diagram

Some of the first ways that enterprises and government agencies have told us they plan to use SASE and DEP include:

  • Branch Security-as-a-Service – Opening new stores, remote sites or branch offices can now be done without having to send security hardware or technicians out to each location. With DEP, you can provide consistent firewall, intrusion prevention, web security and cloud app access control everywhere, managed form a single console in the cloud.
  • Security for SD-WAN – Like many organizations, you’re probably already looking at software-defined wide-area networking (SD-WAN) technologies to replace old, slow MPLS networks. DEP provides the network and web security that is missing from most direct-to-internet SD-WAN solutions. These defenses are critical to keeping ransomware and internet intruders from sneaking into remote locations that could then be used a jumping-off point for spreading throughout the rest of your enterprise.
  • Security for Guest Wi-Fi – Providing internet access via Wi-Fi to your visitors, partners, and customers has become standard practice. But it’s not enough to just isolate it from your internal network. DEP makes it easy to apply stringent security controls without any special hardware so that you can enforce your Acceptable Use Policies and inspect files for malware coming in to any internet application, not just web browsers.
  • Offload SSL/TLS Inspection – A majority of internet traffic is now encrypted, up dramatically from just a few years ago. However, decryption is time-consuming and your existing firewalls may not have been sized with that high of a load in mind. With DEP, you can decrypt and inspect the rapidly growing volume of encrypted traffic without overloading your existing infrastructure. This not only extends the life of your existing firewalls—it also gives you granular control so that you can protect your business without exposing your enterprise to your users’ personal information.

And that’s just the start. In Part IV later this month, we’ll talk about some of the ways in which DEP, Forcepoint’s platform for SASE solutions, will be changing how cloud-based security is done.

Resources

About the Author

Jim Fulton

Jim has been creating and evangelizing enterprise connectivity and security solutions for more than 20 years. At Forcepoint, he focuses on how network security can go beyond simply keeping people safe to truly transform their business. Previously, he held marketing and engineering roles at...