return to news
News

Dissecting the true value of SASE is a challenge

Maximilian Brook
Published 01 - December - 2021
technologycomputer weeklycloud
Source: Computer Weekly
Read full article

As a relatively nascent technology that is getting a lot of publicity, dissecting the true value of SASE is still a difficult proposition, for now.

Secure access service edge (SASE) is a relatively nascent development in the cloud architecture space. This infancy, matched by its widespread publicity, makes dissecting the true value of investment in this service difficult.The hype around SASE needs to be balanced by the context in which SASE has emerged. Thanks to the global pandemic, the trend of remote working has transformed operational and security requirements for an organisation’s network architecture, while traditional reliance on connectivity with physical datacentres was already in decline before the pandemic hit.The need for innovation in this area rapidly accelerated as office blocks were replaced by desks filled with remote devices that benefited from little, if any, defence in depth. This phenomenon of network sprawl was exacerbated by challenges linked with recent innovations such as the internet of things and the ease of remote connection through 5G technologies.As a result of this step-change, traditional network security approaches and associated technologies are no longer fit for task – they are unable to provide the security and accessibility required for organisations operating from multiple locations.

SASE essentially brings together wide-area networks and network-focused security services via a cloud-based architecture model. SASE is an enticing proposition – it complements existing SD-WAN structures, eliminates the need for traditional VPNs and consolidates several network security technologies. The flexibility associated with cloud-based architecture and confluence of various capabilities enables SASE providers to pitch it as reducing complexity at a reduced cost to reduce the attack surface.

The issue for potential buyers is deciphering whether SASE is a valuable cloud network security service or a hyped sales campaign. Suppliers have suggested that SASE can offer 30% savings in set-up costs, 10% reduction in annual operating costs and a 50% increase in productivity. These numbers are appealing, but buyers must be aware that SASE implementation still requires significant investment, a shift in organisational approach to network security and a different set of resources to deliver SASE successfully.

As part of selecting an appropriate resourcing model for SASE, organisations need to understand the skills overhead involved in its deployment. They have the option to purchase SASE “as a service”, which provides access to expert knowledge and established good practice. However, while this facilitates quick deployment, third-party providers often lack familiarity with the organisation’s operating environment and culture.

An alternative is to upskill internally, but limited prior exposure to SASE deployments may mean that unforeseen difficulties arise during implementation. Some organisations therefore prefer a hybrid approach, which allows them to leverage external expertise, while developing internal skills with a view to moving to an internal model in the longer term.

Read the full article here.

Maximilian Brook is a research analyst with the Information Security Forum (ISF).