Definition of SASE and How It Will Impact the DevSecOps Organization
What is SASE (Secure Access Service Edge)?
Secure access service edge (SASE) is a security model delivering protection based on an entity’s identity, the organization’s security and compliance policies, continuous risk assessment, and real-time context. An identity can include a person, a group of people, an application, a device, an edge computing location, or a service.
SASE unifies network functions and security functions into a single cloud-based service. Common SASE capabilities include secure web gateways (SWGs), integrated software-defined wide area networks (SD-WANs), cloud access security brokers (CASBs), zero trust networks, and next-generation firewalls (NGFW).
Here are notable benefits of SASE:
- Low costs—SASE consolidates disparate security functions, requiring fewer on-premises hardware components than a traditional network. Organizations can leverage SASE to reduce existing security and network overheads.
- Management efficiencies—the main advantage of the SASE model is that it offers centralization. When IT and security teams use disparate tools, they need to manage each network device separately across multiple locations. SASE enables teams to manage all tools from one location
- Enhanced network security—a SASE model takes an in-depth approach to network protection, providing enhanced network security. Organizations can leverage a SASE service to detect and block various cyberattacks, including Distributed Denial of Service (DDoS), phishing, Man-in-the-Middle (MitM) attacks, email spoofing, and malware.
How Does SASE Work?
The SASE model works by combining SD-WAN edge capabilities with cloud security functionality. Because traditional networks are built around network policy enforcement points and forced-routed traffic, it leads to bottlenecks and inefficient aggregation points. The SASE model helps avoid this issue altogether.
A SASE architecture enforces security where the traffic is located—at application and user endpoints. It delivers security and WAN functionality as a single service at various SASE points of presence (PoPs), letting users connect to the closest available PoP to access services.
This integration between SD-WAN and security enables the SASE model to reduce operational complexity and ensure consistent policy enforcement and access control for users, applications, devices, and IoT.
How SASE Will Impact Your DevSecOps Organization
Easier DevSecOps Implementation
SASE helps secure internal applications and interactions with these applications. As a result, it reduces the burdens on DevSecOps teams. DevOps teams can further secure applications running over SASE/SD-WANs using software-defined perimeter (SDP) and zero trust network access (ZTNA). These technologies help keep all interactions between an application and an endpoint secure.
The SASE model also helps protect proprietary applications, including information too sensitive to run over the public Internet. SASE protects this information by obfuscating traffic, using a zero trust architecture to restrict access, and employing an NGFW to protect all entry points. It also continuously inspects all internal application traffic for threats.
Reducing Collaboration Challenges
DevOps teams emphasize time-to-market, continuously trying to shorten CI/CD pipelines. They must collaborate while physically separated, using reliable, secure connectivity. Additionally, DevOps teams work to reduce their dependency on networking and security teams. The SASE model helps solve these challenges.
SASE integrates WAN with cybersecurity and helps reduce team collaboration challenges. SASE solutions provide robust security and optimized performance, ensuring DevOps teams do not rely on infrastructure personnel to provision resources. SASE gives DevOps teams control and operational cadence without compromising security and performance.
SASE provides the native cybersecurity capabilities needed to secure DevOps projects. It enables teams to integrate disparate security technologies into their network stack, allowing all security services to share one unified context. As a result, it closes gaps in legacy security architectures that threat actors often exploit, protecting applications from threats.
SASE offers many cybersecurity capabilities, including NGFW, SWG, antivirus, intrusion prevention systems (IPS), and managed detection and response (MDR) services, consolidating all capabilities into a single-pass architecture.
Improved Incident Response
With SASE, many attack vectors can be blocked immediately by security controls built into the network fabric, supporting incident response efforts. SASE also provides better visibility into security incidents and anomalies happening anywhere across the hybrid environment.
By integrating SASE security solutions into the security information and event management (SIEM) system, incident responders can get a better view of anomalous traffic and automated security actions taken by SASE systems. In many cases, incidents will already be contained or eradicated by SASE capabilities such as NGFW, SWG, IPS, or anti-malware.
Improving Infrastructure Reliability
SASE provides integrated failover and load balancing capabilities that significantly improve overall network performance. DevOps teams cannot lose connectivity when rolling out new software iterations or resolving bugs. They must maintain fast and reliable application performance.
A SASE architecture connects all edges, mobile users, cloud resources, and data centers with the same self-healing, fully-optimized, secure global network. The architecture automatically switches to an alternate path when a line fails, or a route becomes congested. As a result, DevOps teams do not have to worry about infrastructure performance.
In this article, I defined SASE and showed a few ways this new framework will impact security organizations everywhere:
- Easier DevSecOps implementation – provides better control and visibility of applications running in hybrid environments.
- Reducing collaboration challenges – makes it easier for teams to manage new releases without dependency on physical network resources.
- Built-in security – reduces the effort needed to deploy and integrate security tools, because the entire security stack comes built into the network.
- Improved incident response – blocks many attack vectors without human intervention and provides better visibility into networks to react to incidents.
- Improving infrastructure reliability – ensuring developers, operations, and security teams are not slowed down by connectivity issues.
I hope this will be useful as you evaluate the impact SASE can have on development, security, and operations in your organization.