ZTNA—a piece of the SASE Story
What SASE Can Mean for Organizational Security
The concept of Zero Trust is white hot right now. The Zero Trust security model is an approach to the design and implementation of IT systems that’s rooted in the “trust but verify†principle of security. It identifies the “who†as well as the “what†they are accessing. Zero Trust helps to eliminate successful breaches by removing the concept of trust from the network’s architecture — something particularly important as edge computing expands.
When conversations about Zero Trust come up, what we generally find is people are referring to Zero Trust Network Access (ZTNA) or just network access. While ZTNA is a popular and increasingly well-known concept, it’s just a piece of a larger security approach that’s quickly gaining momentum — SASE (Secure Access Service Edge).
So, what is SASE and what does it do?
Secure Access Service Edge (SASE) is a term coined by Gartner for an emerging cybersecurity concept. With SASE, a broad set of networking and security capabilities are moved into the cloud and delivered as “services†from a cloud edge location. SASE addresses access across all edges, not just the network edge. The core components of SASE are SD-WAN, secure web gateway (SWG), Zero Trust Network Access (ZTNA) and cloud firewall.
A SASE solution moves beyond network access itself, delivering automated access to applications and workloads in the cloud by extending software-defined networking and security to IaaS providers. The SASE solution utilizes dynamic policy and automation in support of user and asset access. It does this by applying contextual scoring.
SASE is a means towards enabling end to end Zero Trust by meshing a policy of least privilege access with an architecture that simplifies how a highly distributed workforce and cloud resources are secured. SASE maintains common security controls consistently across enterprise resources.
VMware Gets SASE
VMware recently announced some impressive improvements to its VMware SASE portfolio that will help businesses improve security, agility, and scalability. As part of my work with VMware at VMworld 2021, I was able to dig into these advancements a little more. VMware SASE is cloud agnostic and cloud native and provides a layered approach to security. It works by combining the power of ZTNA (to protects users, apps, and distributed workloads), software-defined wide area network (SD-WAN), and a next-generation secure web gateway (SWG).
- VMware SD-WAN – A platform to virtualize WAN connections
- VMware Secure Access – Enables secure and high-performance access for remote and mobile users
- VMware Cloud Web Security – for protecting users and infrastructure accessing SaaS and Internet applications.
- VMware Edge Network Intelligence – Which provides actionable and automated insights on network health and app delivery
?The entire solution is built on a global network of more than 150 distributed VMware SASE points of presence, allowing organizations and users to access the data and apps they need quickly and securely from just about anywhere. The platform is supported by VMware’s Artificial Intelligence for IT Operations (AIOps) for easier network monitoring.
This AIOps solution combines the power of machine learning algorithms and big data analytics to process high volumes of data. This data is aggregated across the network, edge devices, and application sources at gateways. The solution can provide granular clarity to the source of the issue. This sort of simplification and quick resolution saves both time and money. But taking things a step further, the solution is capable of predicting problems and self-healing (another exciting new addition to VMware SASE).?
What This Means for Businesses
As you think through your company’s evolving tech footprint, one of the things that stands out is that the corporate perimeter is continuing to shift and extend forward. Corporate assets and their accompanying workloads are moving beyond the cloud to the edge. Depending on the vertical, the corporate edge footprint is growing as quickly as the cloud footprint. The goal is to push intelligence, data processing, analytics, and communication to the place where the data is originating. The end game is quicker insights into that data at a lower cost. For some industries, cloud is becoming a data aggregation point.
Network connectivity to manage the edge footprint as well as the security that supports the footprint can now be software defined. This move to software defined allows for administrators to apply security profiles at the user and application level and not just at the infrastructure layer. We’re talking about an end-to-end security solution which spans edge, cloud, and data center and one that adjusts based on user permissions not device recognition.
领英推è
So how do organizations benefit from this end-to-end approach?
·????????Simplified security policies across users and applications
·????????Application specific features and policies that detect behavior anomalies, reducing analyst investigation times
·????????Adaption to the threat landscape and business needs
·????????Automated provisioning allows for reduction of manual and administrative effort
·????????More time to focus on strategic endeavors
Adopting SASE
While a wide array of businesses can benefit from adopting SASE, organizations with broad footprints, many branch offices, or robust remote working programs should definitely consider SASE sooner rather than later. In fact, for this exact reason SASE adoption spiked in 2020. According to one recent report,? 34% of business say they adopted SASE in the past year and another 30% have adoption plans within the next 12 months.
Still, the solution is new enough that many IT professionals admit to not really understanding what SASE is (69% according to that same study). Working with a reputable provider like VMware can take some of the guess work out of the transition and give you access to a robust set of capabilities.
Learn More: https://sase.vmware.com/resources/networking-and-security-are-converging-in-the-cloud-are-you-ready
?Disclaimer: VMware sponsored my attendance and participation in VMworld 2021. Contents and opinions provided in this article are strictly my own?
?Information Tech ?Website Developer ?SEO ?Software Troubleshooting ?Hardware Specialists ?HTML5 ?CSS3 ?Phyton X ?Java ?PHP ? Microsoft Office ? Data Entry ? Logistics ? Application Tester ?Website Advertising
3 å¹´Not a lot of people indeed know about SASE. But with the adaption of SASE, cybersecurity will improve. With its 'who' and 'what' information gathering, security breaches will be prevented.