View Only
last person joined: 2 days ago 

Ask questions and share experiences with SD-WAN and Session Smart Router (formerly 128T).
  • 1.  Trivia Tuesday: SASE

    Posted 10-17-2023 09:00

    Hey everyone,

    I keep hearing more and more about SASE. So, my question for you is what are the components of a complete SASE architecture?


    Justin Melloni

  • 2.  RE: Trivia Tuesday: SASE

    Posted 10-24-2023 13:27

    I think this one must've stumped some people. No worries, it took me a while to learn what SASE is as well. 

    The thing to remember about SASE is that it is an architecture that was developed to help in this post-COVID hybrid workforce environment. By hybrid workforce, we mean there are people who will be working in the office and there will be people working from home. There will be applications at the datacenter, the headquarters, and in the cloud. We want EVERYONE at the company to be productive no matter where they work from but also to keep the network secure. Due to this, SASE is a convergence of both the networking team and the security team.

    Ok, having said all that, what are the components of a complete SASE architecture? You will find different answers to this, but the main ones are:

    • SD-WAN - to connect branches to the SSE (this is what all the other components are called)
    • Secure Web Gateway (SWG) - making sure the users internet traffic is secure
    • Cloud Access Security Broker (CASB) - to protect traffic to/from cloud apps and services such as SaaS
    • Firewall as a Service (FWaaS) - replacing physical firewalls by putting the firewall functions up in the cloud. This is a reason you are hearing a lot about thin vs thick branches. With a thin branch, you would do most of your firewall functions in the cloud, with thick you will do it at the branch,
    • Zero Trust Network Access (ZTNA) - basically a replacement/improvement for VPN. With VPN, it's more of an all-or-none type access. With ZTNA, it's more identity based, so users only have access to the applications and services they need and no access to the things they don't. 

    Now there are a bunch of other acronyms and components people put into their view of SASE such as DLP and RBI. I'd like to hear from you about the ones that you think I missed and why you think they should be considered a main component. 

    Justin Melloni