Secure Access Service Edge (SASE) – defined by Gartner – is a security framework prescribing the conversions of security and network connectivity technologies into a single cloud-delivered platform to enable secure and fast cloud transformation. SASE’s convergence of networking and network security meets the challenges of digital business transformation, edge computing, and workforce mobility.

As organizations seek to accelerate growth through use of the cloud, more data, users, devices, applications, and services are used outside the traditional enterprise premises, which means the enterprise perimeter is no longer a location. Despite this shift outside the perimeter, network architectures are still designed such that everything must pass through a network perimeter and then back out. Users, regardless of where they are, must still channel back to the corporate network often using expensive and inefficient technologies only to go back to the outside world again more often, than not. This creates significant challenges in terms of service availability, user performance, and productivity. As we’ll explain, these challenges are addressed through a SASE framework.

Because network architectures are still stuck in this mode, it changes the way organizations must approach security and risk management. Environmental coverage, including visibility and control, can be easily lost when users, devices, and data are created and stored virtually everywhere.

According to Gartner, “Security and risk management leaders need a converged cloud-delivered secure access service edge (SASE) to address this shift.” [1] Gartner’s SASE model has emerged as a comprehensive framework for enabling secure and fast cloud transformation based on a suite of dynamic edge security and connectivity capabilities delivered when needed as a service from the cloud.

Gartner’s SASE framework provides for the dynamic creation of policy-based, secure-access service edge, regardless of the location of the entities requesting the capabilities, and regardless of the location of the networked capabilities to which they are requesting access. On the security side, SASE prescribes the converged offering of delivering unified threat and data protection capabilities. This converged service is based upon a low-latency, ubiquitous footprint that is very close to the user location regardless of where they are.

While SASE frameworks won’t be implemented in a day, the route to SASE is gaining speed and urgency, as Gartner has predicted that “by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.”1 The reality is that SASE adoption has accelerated significantly in the last 18 months in part due to the pandemic forcing businesses to transform to a primarily remote workforce. More businesses are seeking solutions to the SASE challenge.

How SASE works

Secure Access Service Edge (SASE) merges network traffic and security priorities, ubiquitous threat and data protection, and ultra-fast, direct network-to-cloud connectivity. While SASE used to be a matter of sacrificing speed vs. control, improved technology now offers businesses speed AND control. The SASE framework is designed to allow enterprise security professionals to apply identity and context in order to specify the exact level of performance, reliability, security, and cost desired for every network session. Organizations using the SASE framework can realize increased speed and achieve greater scale in the cloud while addressing new security challenges inherent in these cloud environments.

An example: A sales force needs greater efficiency and efficacy through mobility. The use of the Internet through public Wi-Fi can become a security risk. Therefore, accessing corporate business applications and data in a timely, secure manner is a challenge. A SASE framework provides the construct to maintain higher access speed and performance, while also enabling more stringent control of users, data, and devices traversing networks – regardless of when, where, and how they’re doing it.

Benefits of SASE

According to the Gartner report: “In cloud-centric digital business, users, devices, and the networked capabilities they require secure access to are everywhere. . .What security and risk professionals in a digital enterprise needs is a worldwide fabric/mesh of network and network security capabilities that can be applied when and where to connect entities to the networked capabilities they need access to.”

According to Gartner, meeting the challenge of implementing a SASE architecture would benefit enterprises by providing:

  • Lower costs and complexity – Network Security as a Service should come from a single vendor. Consolidating vendors and technology stacks should reduce cost and complexity.
  • Agility – Enable new digital business scenarios (apps, services, APIs), and data shareable to partners and contractors with less risk exposure.
  • Better performance/latency – latency-optimized routing.
  • Ease of use/transparency – Fewer agents per device; less agent and app bloat; consistent applicate experience anywhere, any device. Less operational overhead by updating for new threats and policies without new HW or SW; quicker adoption of new capabilities.
  • Enable ZTNA – Network access based on identity of user, device, application – not IP address or physical location for seamless protection on and off the network; end-to-end encryption. Extended to endpoint with public Wi-Fi protection by tunneling to the nearest Point of Presence (POP).
  • More effective network and network security staff – Shift to strategic projects like mapping business, regulatory, and application access requirements to SASE capabilities.
  • Centralized policy with local enforcement – Cloud-based centralized management with distributed enforcement and decision making.

SASE represents the best way to achieve a direct-to cloud architecture that doesn’t compromise on security visibility and control, performance, complexity, or cost. Speed without compromising security.

Why MVISION Unified Cloud Edge is your fastest route to SASE

MVISION Unified Cloud Edge is a first-of-its-kind cloud-native and cloud-delivered solution that provides unified data and threat protection from device to cloud, fully integrating data loss prevention (DLP), device/user control and other security technologies into web filtering (SWG), endpoint management and cloud control (CASB). MVISION Unified Cloud Edge provides policy management that is unified, enabling shared data protection policies and incident management between endpoints, web, and cloud, with no increase in operational overhead.

Unified Cloud Edge Integration with SD-Wan

MVISION Unified Cloud Edge uses common cloud-based management capabilities and systems that share information (e.g., ePO, DXL) so its decisions are based on multiple parameters. By enforcing consistent data context and policies across endpoints, web, and cloud, UCE protects data as it leaves the device, travels to and from the cloud, and within cloud services to create a new secure cloud edge for the enterprise. This unified solution helps stop cloud-native breach attempts previously invisible or native to the corporate network.

With industry leading Cloud Access Security Broker (CASB), Secure Web Gateway (SWG), and Data Loss Prevention (DLP) technology, McAfee is the only vendor to be awarded all 3 Gartner Peer Insights Customer’s Choice Awards in 2020. MVISION Unified Cloud Edge features and benefits match Gartner’s enterprise benefits of a SASE architecture:

Reduction in Cost and Complexity, Increased Speed and Agility

  • The resulting converged cloud service is substantially more efficient than building your own SASE using manually integrated, separate cloud-based technologies
  • Minimize inefficient traffic with efficient intelligent and secure direct-to-cloud access
  • Protect remote sites via SD-WAN using industry standard Dynamic IPSec and GRE protocols leveraging SD-WAN technology that connects office sites to cloud resources faster and more directly than ever before
  • Enjoy low latency and unlimited scalability with a global cloud footprint and cloud-native architecture that includes global Peering POPs (Point of Presence) reducing delays
  • Cloud service with 99.999% uptime (Maintained Service Availability) and internet speeds faster than a direct connection, improves the productivity of your workforce while reducing the cost of your network infrastructure