Published July 13, 2023, 12:20 p.m. by Naomi Charles
In this video, we compare traditional vpn vs sase and sse (Security Service Edge). sse and sase are categories of technology that provide Cloud-delivered security services. We’ll review the components that make up sase and sse, and look at how these two similar services compare.
You may also like to read about:
there was a time when vpns or virtual
private networks made sense as a way for
remote users to access corporate
resources you see for a long time
applications and services the remote
users needed were located behind private
networks or data centers a vpn would act
as a head-end or connectivity point into
those resources located in the private
network however today's organizations
look quite different with more and more
sas and cloud-based services being
accessed directly from the internet as
opposed to private networks a recent
report by netskope found that the
average enterprise has around 1 000 sas
application these applications are
highly distributed and designed to be
accessed directly by the user based on
their geo-location
suddenly backhauling user traffic into a
central location no longer made sense
this extra hop and central termination
point introduced higher latency longer
round trip times and bottlenecks that
needed to be addressed all the while
reducing performance and increasing
costs due to the equipment requirements
that were needed in order to keep up
with the demand
this explosion of sas and cloud-based
services meant that a central network
and security point was no longer viable
even before covid modern organizations
were already moving toward more and more
remote workforce users and applications
are highly distributed and for the best
user experience users should be
accessing these sas applications
directly while still maintaining their
security policies and inspections from
wherever they're connecting from
secure access service edge or sassy aims
to solve this problem by providing
security and network services in
distributed pop locations you see sassy
vendors have a very large global
presence with pop locations hosted in
multiple regions
they would then partner with tier 1
backbone providers like at t or verizon
to have preferred direct access to
nearly any point on the internet that
they needed to get to
users would then connect into their
nearest pop location which then routes
them out to the sas application or
private resource depending on where
their traffic is going security was
enforced wherever the user connects in
from whether that be europe in the
morning and california in the evening in
a previous video i detailed the
components and use cases for sassy which
could be categorized into these four
core requirements secure web gateway
which connected and secured remote
employees to their sassy cloud or
internet services according to gartner
it also must include at a minimum url
filtering malicious code detection and
blocking application identification and
control and almost always will include
some type of firewall service
cloud access security brokers or casbi
this provides a granular access control
and security to sas applications like
office 365 and salesforce xero trust
network access or ztna this connects
users to private resources in a
corporate network or data center and
finally there was sd-wan this was a when
and device that connected corporate
locations like a branch site or
headquarter to a public or private land
provider and made intelligent steering
decision based off of multiple paths to
the destination
for sd-wan vendors without built-in
security like silver peak or velocloud
the integration meant that it could
offload those services to the nearest
sassy pop for inspection sassy itself is
not a technology but rather a package of
four different services that were
brought together under a single or at
most two-vendor solution to provide a
single place to control access and
policies across all four of these
services
garner predicts that by 2025 over 60
percent of enterprises will have
strategies and a timeline to migrate to
sassy and while this is a booming market
the consolidated vision and integration
of security and network into a single or
dual vendor solution has left a lot to
be desired as we just reviewed sassy is
made up of four technologies secure web
gateway casby ztna and sd-wan
and in order to accomplish a sassy
vision security providers like z-scaler
and netskope needed to team up with
sd-wan vendors like velocloud or viptela
in practical terms the integration
between security and network vendors has
not only proven to be very difficult but
it's also provided users with few
options in choosing the best of breed if
you wanted security services of z-scaler
but the networking services of viptela
you may not have all the integration
that you really needed in order to
accomplish the sassy vision and in a
post-covered world you may not even have
a need for sd-wan in the first place
this is why a completely new category
altogether was form that defines the
security services of sassy without the
networking requirements
security service edge or sse was
announced by gartner in 2021 to include
only those security components of sassy
that is secure web gateway casby and
ztna the difference between sassy and
sse is assassins c does not include the
network components of sd-wan or the
optional services like wireless lan
in other words networking has been
completely removed just like sassy
however sse also includes the optional
security components of dlp sandboxing
knack or network access control and some
others however it aims at focusing only
on the security aspects without any of
the networking requirements
this makes ssc an ideal solution for
organizations that don't need sd-wan or
want to choose a best-of-breed approach
in choosing an sd-wan and security
vendor
ultimately sse is a component of sas
people without sd-wan and depending on
your organization they both aim to solve
the problem of providing work from
anywhere security and network access
without any of the restrictions or
constraints of the central termination
point brought on by a vpn
the decision on whether to choose sassy
or sse really comes down to whether or
not you have on-premise connectivity
requirements in this post-covet world
where organizations slowly start to move
back to the office or have a hybrid
approach sassy provides a way for
offices to enforce consistent security
anywhere the users are whether they're
working from anywhere or back at the
branch office for organizations that are
100 remote or do not need sd-wan ssc may
be the right solution for you
this wraps up another video of the cso
perspective and i hope you found it
informative please don't forget to hit
like down below to give me a boost in
the youtube algorithm consider
subscribing if you want to stay on top
of our latest releases here at the cso
perspective my name is andy and i'll see
you on the next video
2CUTURL
Created in 2013, 2CUTURL has been on the forefront of entertainment and breaking news. Our editorial staff delivers high quality articles, video, documentary and live along with multi-platform content.
© 2CUTURL. All Rights Reserved.