Issue link: https://insights.oneneck.com/i/1469039
20 Secure Access Service Edge (SASE) For Dummies, Cisco Special Edition These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. a service (SaaS) based and that number is expected to increase to 60 percent within two years. The centralized security approach has become impractical because of the high cost of backhauling traffic and the resulting performance issues for branch locations. To overcome these cost and performance issues, many organiza- tions are adopting a more decentralized networking approach to optimize performance at remote locations. This enables a more efficient direct Internet access (DIA) path for these offices, but also highlights a set of new security challenges, including: » Gaps in visibility and coverage: Centralized security policies can't be effectively managed and enforced in a decentralized network. This is because most traffic from branch locations to the cloud and Internet doesn't cross a centralized policy enforcement point. This results in visibility and coverage gaps, which increase the risk of a successful breach or a compliance violation. » Volume and complexity of security tools: Security teams already struggle to keep up with cybersecurity threats. Many of them have a large number of point solutions that are difficult to integrate and manage. These point products generate thousands of alerts — making it very difficult, if not impossible, for analysts to keep up. As a result, many alerts go untouched. » Limited budgets and security resources: IT and security budgets are already constrained. Deploying multiple, costly point security solutions — such as firewalls, secure web gateways (SWGs), intrusion detection and prevention systems (IDS and IPS), and data loss prevention (DLP) — to multiple locations and remotely managing these solutions with limited security resources is both impractical and ineffective. Key Characteristics and Benefits of SASE In its August 2019 report, The Future of Network Security Is in the Cloud, Gartner defined the secure access service edge (SASE) con- cept as "an emerging offering combining comprehensive [wide area network] capabilities with comprehensive network security functions (such as SWG, [cloud access security broker], [fire- wall as a service] and [zero trust network access]) to support the dynamic secure access needs of digital enterprises."