SASE: An Enabler for a Secure, Reliable Employee Remote Access – Part 2

by Dominik Ogrodnik and Michał Mordawski, Solution Architects at Amartus

In our last post, we discussed the complexities of securing a remote workforce and also gave you an overview of Secure Access Service Edge (SASE) and its capabilities to enable secure and reliable access for remote employees. In this post, we present the most important benefits from using SASE for securing your organization in the work-from-anywhere future, our SASE-related experience, and key factors you should take into account while considering SASE for your business.

SASE benefits

Corporate interest in SASE is growing as more companies start to recognize the many benefits of the framework for unified security control. Here are the most important ones:

  • Cost savings – SASE is a cost-efficient alternative to backhauling traffic through the corporate data center. It brings together the economies of scale and reduced cloud costs (pay-as-you-go, no upfront costs, scalable pricing). Additionally, the technology helps reduce traffic congestion and limits the number of expensive connections from the HQ to the cloud.
  • Enhanced network performance – In the SASE model, the users can access the cloud through the closest point of presence, where security policies are enforced. This helps improve the speed and performance of network connections. Moreover, centralized monitoring of inbound and outbound connections makes it possible to quickly detect any performance lapses and immediately address them.
  • Business agility – SASE enables hyper-scalability through fast, flexible, and resilient connections. The cloud-based architecture allows businesses to test new use cases with less security risk exposure.
  • Consistent security posture – a coherent set of security policies for all network sessions, regardless of application, user or device location, delivered as a cloud service.
  • Simplified IT infrastructure – By consolidating the business security stack into a cloud-based service, SASE allows companies to reduce the number of security products and services, which positively reflects on savings and efficiency.
  • Easier management As a central cloud-based solution, SASE unifies security management and reduces policy control points. This requires less IT effort and consequently enables more streamlined management.
  • Universal access for all edges – including enterprise physical locations, private and public clouds, remote employees, mobile devices and edge computing devices.

Seeing SASE in action

SASE is yet to enter the mainstream. However, commercial deployments are rolling out, and the capabilities of Secure Access Service Edge have been demonstrated in various Proof of Concepts and showcases.

One of them was MEF PoC 106, where Amartus joined forces with Sparkle, Nefeli Networks, and Versa.  Together, the leaders in modern networking solutions demonstrated how a SASE service enables reliable and secure telework.

In the PoC scenario, resources located in any public cloud (whether AWS, Azure, or GCP) can be reached by distributed employees through SD-WAN or SASE clients without connecting to on-premises data centers for security inspection. The same set of security policies is used for all user access, regardless of the attachment point. These include the company headquarters, remote branch offices connected with a mesh of SD-WAN connections, and work-from-home employees using a SASE client.


SASE - An Enabler for a Secure, Reliable Employee Remote Access

The diagram above presents a simplified architecture of the SASE-like implementation of end-user access to resources dispersed across multiple public clouds. In this joint effort, Amartus was responsible for the integration of different components and orchestrating end-to-end SASE service. Nefeli used Lean NFV for running the network functions, Versa provided SD-WAN with security functions, and Sparkle delivered SASE-based services. With distributed architecture and uniform security policies managed in the security cloud, SASE enables access across various remote user devices and connections.

Conclusion: Is SASE the right choice for your business?

SASE is currently one of the most promising technologies for enterprise security. By simplifying and unifying security policy management, it offers numerous advantages for businesses, especially in securing and improving remote workplaces.

At the same time, it is still an emerging concept that needs 5-10 years to mature and reach the Plateau of Productivity (according to Gartner). We can observe several contending trends when it comes to its adoption. Some companies implement the SASE model to strengthen their security, while others pursue deployments to tap network resilience and performance benefits. The adoption strategy is largely determined by the organization’s field of expertise.

Many organizations might feel overwhelmed by this technology. This particularly applies to enterprise organizations. They face an additional challenge of evolving their brown-field systems to make room for emerging tech like SASE. The cooperation with network system integrators like Amartus, which are actively driving the adoption of SASE, makes it easier for corporate IT departments to move forward with this transition and upgrade to SASE.