In a Decentralized World, a Cloud-Delivered Secure Access Service Edge Emerges Just in Time
By: Matt Goggin
In what may be the clearest representations of how the new world of edge computing can operate and scale, with resilience and security, Gartner recently coined a new term: SASE. Pronounced “sassy”, we believe this is more than just another trend, another set of buzz words, another acronym, or another hype cycle.
This is real, and this is the closet external statement describing what Dispersive has been building over the last six years, ahead of our time and ahead of the curve.
Here’s what Gartner says, in this report sponsored for free download from Zscaler.
The three Gartner analysts who authored the report present this thesis:
“Digital business transformation inverts network and security service design patterns, shifting the focal point to the identity of the user and/or device — not the data center. Security and risk management leaders need a converged cloud-delivered secure access service edge to address this shift.”
The report’s first finding says, “Network security architectures that place the enterprise data center at the center of connectivity requirements are an inhibitor to the dynamic access requirements of digital business.” We couldn’t agree more! While applications are being pushed to the edge, driven largely by mobile devices, the Internet of Things (IoT) and Industrial Internet of Things (IIoT), using a legacy approached to centralized networking simply won’t scale.
Neither will the data centers residing at the centers of enterprise networks support what’s required to make things work securely in an increasingly distributed world. We’re starting to see “Edge Data Centers” to reduce the latency associated with longer-haul trips of data to cloud to be processed, but we’re also seeing very local networks supporting edge IoT/IIoT solutions, for example.
The challenges? Speed, scalability, and security. And more security. The attack surface is expanding as fast the edge is expanding as innovative new services are being rolled out. Security today needs to be embedded in connected systems, light years beyond the use of traditional gateways built 10 and 20 years ago.
Not only are enterprise users accessing networks anywhere, at any time, from a plethora of devices, connected with multiple clouds, machines are also increasingly automated and integrated with human activities including messaging.
Requiring every one of these connections to travel over slow MPLS networks to a central data center is not only slow but risky. Decentralizing improves security, not the other way around. To put it simply, if an IoT network is compromised at the edge and the threat is dealt with at the edge, a centralized network won’t be taken down.
Gartner analysts project that demand for security-as-a-service referred to as secure access service edge (SASE), will grow significantly in the next five years, estimating that by 2024, a minimum of 40% of companies will have plans to adopt SASE.
SASE reduces network complexity while providing a more dynamic path to security that matches the variety of ways users now access networks.
Placing security at the edge with the right software-defined networking solutions not only improve speed and agility but secures valuable data. Using the identity of the source seeking access enables companies to decide how and whether to grant access including collecting information on the device being used, the location of the user, the time, and the level of sensitivity of the information to be accessed.
This is all done through policy and is all done programmatically.
Security is more agile with SASE compared to legacy centralized approaches.
Gartner lists a series of benefits in the report including:
- The ability to provide security in a consistent and integrated manner via the cloud.
- A reduction in complexity and costs.
- The enabling of new business scenarios.
- An improvement in performance and reduction in latency.
- An uptick in the ease of use.
- An overall better security portfolio.
- The ability to centralize policy enforcement.
- An increase in the effectiveness of security staff.
- The chance to operate with ZTNA.
- The lowering of operational costs.
The most compelling reason to move to SASE (and Dispersive’s technologies) is to support innovation, not crush it. As Gartner says, “Digital business and edge computing have inverted access requirements, with more users, devices, applications, services, and data located outside of an enterprise than inside Complexity, latency and the need to decrypt and inspect encrypted traffic once will increase demand for consolidation of networking and security-as-a-service capabilities into a cloud-delivered secure access service edge.”
Contact me to learn more about how Dispersive has been leading in this space for years, starting with our work for MilGov, financial services, healthcare and other industries where the future lies at the edge, but only when that edge is fully secured, but not at the expense of performance.
Last weekend a number of people and businesses experienced widescale service disruption, network slowdowns, and other issues as a leading carrier grappled with significant challenges with their network.
The increasing impact of the growth of renewable energy on transmission and distribution power networks is driving disruption and the need for main grid and microgrid operators to transform their systems to enable more adaptive power flow control for the important balancing of generation and load.
Dispersive announced last week it has developed a combined offering with ClearBlade, a pioneer and fast-growing Industrial IoT software and platform company delivering sophisticated connected systems for large enterprises. We’ve been working together in our labs and behind the scenes to bundle ClearBlade’s award-winning and widely deployed IIoT solutions (which support edge, cloud and enterprise systems, big data collection, analytics and real time control systems), to make it easier for customers to benefit from zero-touch commissioning, management, and zero-trust networking.