Read about Fortinet’s acquisition of OPAQ Networks, expanding on our vision for SASE and delivering secure networking at every edge.
시큐어 액세스 서비스 엣지(SASE)
가장 유연한 SASE 서비스 제공
SASE는 보안과 네트워크의 미래입니다. 포티넷은 SD-WAN, ZTNA, CASB, NGFW 등을 비롯하여 SASE를 도입하기 위해 철저히 준비했습니다.
What is SASE?
Secure Access Service Edge (SASE) is an emerging enterprise strategy that combines network and security functions with WAN capabilities to support the dynamic, secure access needs of today’s organizations. Conceptually, SASE converges SD-WAN and network security services—including next-generation firewall (NGFW), secure web gateway (SWG), Zero-trust network access (ZTNA), and cloud access security brokers (CASB)—into a single service model.
Why is SASE necessary? Today’s organizations require immediate, uninterrupted access to network and cloud-based resources and data, including business-critical applications, no matter where their users are located. The challenge is that many of the problems resulting from digital innovation efforts—such as dynamically changing network configurations and the rapid expansion of the attack surface—mean that traditional security solutions no longer provide the level of speed, performance, security, and access control that organizations and users require. Therefore, the SASE concept is a logical evolution of needs and tech trends that have been converging in IT and security for years now.
The term SASE (pronounced “sassy”) was first described by Gartner in an August 2019 report called “The Future of Network Security in the Cloud.” Gartner notes that in the SASE market trend report, “Customer demands for simplicity, scalability, flexibility, low latency and pervasive security force convergence of the WAN edge and network security markets”.
Components of the SASE Model
SASE is all about secure access. In addition to connectivity, every SASE strategy must include a core set of essential security elements, including the following.
Industry’s most flexible SASE platform to secure users and edges
- Secure SD-WAN: Advanced WAN networking functions, such as dynamic path selection, self-healing WAN capabilities, support for demanding high-performance applications, and consistent user experience, are the core of a SASE solution.
- Zero-trust Network Access, while an essential SASE component, is more of a framework than a product as it includes several technologies working together. Within a SASE strategy, ZTNA’s primary job is to authenticate users to applications. Advanced context and role-based identity combined with multifactor authentication (MFA) are essential for securing access for users and devices, for both on and off-network.
- A NGFW (physical) or FWaaS (cloud-based) firewall: What an organization deploys depends on several factors. In addition, most organizations with a remote worker strategy will require a combination of edge security and internal segmentation to prevent guest or IoT threats from crossing over to restricted corporate network resources, such as PII, IP, HIPAA data, POS transactions, or other critical data.
- A Secure Web Gateway is used to protect users and devices from online security threats by enforcing internet security and compliance policies and filtering out malicious internet traffic. It can also enforce acceptable use policies for web access, ensure compliance with regulations, and prevent data leakage.
- A CASB service enables organizations to take control of their SaaS applications, including securing application access and eliminating Shadow IT challenges. Combining CASB with on-premises DLP further as an integrated system will also further ensure the protection of critical data.
Benefits of SASE
When properly implemented, a SASE approach allows organizations to apply secure access no matter where their users, workloads, devices, or applications are located. This becomes a critically important advantage as more users join a remote workforce, SaaS applications see rapid adoption, and data moves rapidly among data centers, branch offices, and hybrid- and multi-cloud environments.
- Flexible, consistent security: Deliver a comprehensive range of security services, from threat prevention to NGFW policies, to any edge, ensuring zero-trust network access to know who is on your network, know what is on your network, and protect assets both on and off the network
- Reduced total cost of ownership: Conquer point product sprawl once and for all by using a single platform approach and reducing or eliminating capex and opex costs
- Reduced complexity: Simplify your architecture by consolidating key networking and security functions from disparate point products into single solutions, all easily managed from a single-pane-of-glass management system
- Optimized performance: Leveraging cloud availability, your team members easily and securely connect to the Internet, applications, and corporate resources wherever they are located.
SASE and the Fortinet Advantage
For SASE to work well, all of its components need to interoperate as a single integrated system—connectivity, networking, and security elements alike.
Fortinet has been delivering core SASE requirements—plus much more—for years as part of our vision for security-driven networking. Now, along with our recent strategic acquisition of OPAQ Networks, Fortinet can deliver the most complete SASE platform there is.