Palo Alto Networks delivers the industry's most comprehensive network security in the cloud with the Secure Access Service Edge (SASE) platform. Read more about what this means for you and how SASE can improve visibility into all traffic.
In the words of Palo Alto Networks founder and CTO Nir Zuk, "SASE is the convergence of different access and network security methods into one cohesive platform." SASE is unlike other approaches, demanding a level of integration and performance that’s unprecedented in the security industry. In this ongoing series, Palo Alto Networks thought leaders explore SASE, its implementation and its implications.
What is SASE?
With businesses adopting "the cloud" at an increasing rate and more critical infrastructure being moved into the cloud, so does the need for appropriate security measures and controls to scale with the growing presence. Palo Alto Networks Secure Access Service Edge (SASE – pronounced sassy) is an evolutionary security solution that helps organizations embrace cloud and mobility by providing a unified platform for network and network security services.
Why is SASE Evolutionary?
Traditional network security is highly focused on the perimeter where each location has dedicated hardware that either provides full protection or routes all traffic back to a headquarters location for inspection. Complex VPN designs are required to ensure each location is able to reach the resources they need, which are typically spread over several data centers. MPLS backhauling may be required to more securely connect locations. All these devices and services require costly maintenance and support contracts and IT resources.
With the emergence of Software as a Service (SaaS), many of those costs could be consolidated or reduced with added flexibility to meet the needs of a growing organization as a bonus. Due to improvements in productivity and collaboration for decentralized organizations, SaaS applications have gained in popularity, setting in motion a move of traditional data centers into the cloud.
This move, however, makes securing branch offices more challenging, as routing traffic through a headquarters location no longer makes sense—increasing bandwidth needs, ease of accessibility and general responsiveness of applications are optimal when users connect directly to the cloud. This brings new security challenges.
SASE Security Approach
A SASE security approach provides security for branch offices and visibility into all traffic, while enabling access to cloud and on-premise assets. By moving network and network security services to a SASE framework, organizations can benefit from enhanced user experiences with fast and reliable internet connections, accurate localization, and optimized ability to quickly and easily add offices as the company grows.
On top of being able to scale quickly and securely, companies also need to consider security of the applications being accessed. With a SASE cloud-based security strategy, organizations have full visibility and inspection of traffic across ports and protocols, so policies can be applied to all the traffic in the cloud.
Prisma Access is the leading SASE solution in the industry today, and it delivers the networking and security that organizations need in an architecture designed for all traffic, all applications, and all users. Rather than creating single-purpose technology overlays that are normally associated with point products, Prisma Access uses a common cloud-based infrastructure to deliver security services, including advanced threat prevention, web filtering, sandboxing, DNS security, credential theft prevention, DLP, and next-generation firewalling.