Alterar idioma para EnglishAlterar idioma para Japonês

SASE and what it can do for information security!

September 11, 2023

To talk about information security or cybersecurity is definitely not the easiest of tasks, as developments in this area seem to be happening at a speed that is difficult to keep up with. The cat-and-mouse race between hackers and information security experts is incessant and at a breathtaking pace. Something that appears to be novel today may already be outdated, because in another corner of the world a more efficient solution may have already been discovered or a flaw in the current solution may have been identified that makes it vulnerable.

There was a time, in the early days of the digital age, when the internet didn't even exist, and data subjects were only concerned with physical security of their stored data, thus implementing cameras (CCTV), armed security, locks and even safes. Later, with the adoption and popularization of the internet, attention shifted to the digital security of data storage, with the concepts of access control and cryptography gaining relevance.

But then came the concept of the cloud, which describes a system model that enables on-demand network access to a set of configurable computing tools, including networks, computers, tablets, cell phones, software, etc. The cloud model advocates some basic characteristics for it to be successful, namely on-demand self-service, location independence, Internet access from anywhere, customizable elasticity, concentration of resources and measurement of the service.

With the development of this concept, cloud models have been divided into three distinct types:

1. Software as a service in the cloud (SaaS) – use of a network to access applications from a host.

2. Cloud Platform as a Service (PaaS) – permission for customers to install their software in the cloud.

3. Infra-structure as a Service (IaaS) — renting of processing, storage, network bandwidth and other fundamental computing resources in the cloud.

Although a cloud system can be developed by a company for its own use, the high investment involved in creating and maintaining a data center, its servers and all the security measures necessary for its existence, justifies the demand for various companies that sell or charge for cloud infrastructure services, offering the security of their systems as the icing on the cake. On the other hand, the big challenge is to maintain an acceptable processing speed, since security measures generally imply a loss of processing speed.

With the arrival of cloud systems, there was a need to improve security measures, and in 2019 the concept of SASE (Secure Access Service Edge) emerged, which is a security system defined by Gartner, a renowned American information technology research and consulting company founded in 1979 by Gideon Gartner. The system is characterized by a converged network and security-as-a-service resources, including SD-WAN, SWG, CASB, NGFW and ZTNA. In this type of structure, security and network connectivity technologies converge on a single cloud platform to enable rapid and secure digital transformation.

Therefore, to better understand the scope of this concept, we need to understand each of the acronyms mentioned above, defined in detail in the table below:

                                                                                                                                                                                                                                                                                                                                       
               

                   INFORMATION SECURITY RESOURCE                

           		               

                   MEANING OF THE RESOURCE                

           		               

                   PURPOSE                

           
               

                   SD-WAN                

           		               

                   Software-defined Wide Area Network                

           		               

                   It is a virtual WAN architecture    that allows businesses                    to leverage any combination of carrying                    services—including MPLS, LTE, and broadband Internet                    services—to securely    connect users to applications.                    Traditional WAN routers are replaced, as this    technology                    provides dynamic, policy-based application path selection by                    relying on multiple WAN connections and supporting the                    chaining of services    to additional services such as WAN                    optimization and firewalls.                

           
               

                   SWG                

           		               

                   Secure Web Gateway                

           		               

                   It is a solution that filters    unwanted software/malware                    from user-initiated Web/Internet traffic and    enforces                    compliance with corporate and regulatory policies, blocking                    risky or    unauthorized user behavior. These gateways                    should, at a minimum, include URL    filtering, malicious                    code detection and filtering, and controls for popular                    web-based applications such as instant messaging (IM) and                    Skype. Native or    integrated data leak prevention is also                    increasingly included.                

           
               

                   CASB                

           		               

                   Cloud Access Security Broker                

           		               

                   It corresponds to on-premises or    cloud-based security                    policy enforcement points, placed between cloud service                    customers and cloud service providers to combine and                    interpose corporate    security policies as cloud-based                    resources are accessed. CASBs consolidate    various types                    of security policy enforcement. Examples of security                    policies    include authentication, single sign-on,                    authorization, credential mapping,    device profiling,                    encryption, tokenization, logging, alerting, malware                    detection/prevention, etc.                

           
               

                   NGFW                

           		               

                   Next-Generation Firewall                

           		               

                   These are deep packet inspection    firewalls, adding                    defensive layers that go beyond port/protocol inspection                    and blocking to add application-level inspection, intrusion                    prevention, and    bringing intelligence from outside the                    firewall. Thus, next-generation    firewalls can recognize                    applications regardless of port, protocol, evasive                    tactics, or SSL encryption and provide real-time protection                    against a wide    range of threats, including those                    operating at the application layer.    Firewalls, up to this                    point, were limited to providing security based on                    certain ports and protocols.                

           
               

                   ZTNA                

           		               

                   Zero Trust Network Access                

           		               

                   It is a new cybersecurity model    that creates a logical                    identity- and context-based access boundary around an                    application or set of applications.     Applications are                    hidden and access is restricted through a trusted agent.                    The agent verifies the identity, context, and adherence to                    the policy of the    specified participants before allowing                    access and prohibits lateral movement    anywhere else in                    the network. This prevents access to the application by                    anyone who has not been authorized and significantly reduces                    the visibility    of someone carrying out any attack.                

           

SASE, therefore, is made up of two sets of technology, including WAN Edge Services (SD-WAN) and Security Service Edge (ZTNA, SWG, CASB and NGFW) which together allow information security professionals to enable a user, device or server to connect securely from anywhere, via any carrying method.

SASE has therefore become an indispensable technology for companies using cloud systems, in order to guarantee adequate information security without compromising the processing flow of users accessing applications and data remotely.

RECENT POSTS

LINKEDIN FEED

ícone