What is Gartner SASE?
The Secure Access Service Edge—known as SASE (pronounced “sassy”)—is a networking model first described by Gartner in 2019 that marks the necessary merger of traditional WAN management and security capabilities into a unified whole that is built, implemented and managed using cloud-native architectures.
The Gartner SASE model is a response to the limitations of conventional networking and security architectures in keeping pace with emerging edge-centric trends in mobility, cloud, SD-WAN and the Internet of Things (IoT). Conventional networking architectures are often over-reliant on physical infrastructure and suffer from tool proliferation, solution silos, manual processes and lack of automation. Their rigid hub-and-spoke arrangements route all endpoints through a central data center, which results in performance issues at the network edge.
The Gartner SASE model addresses these shortcomings by refocusing network architectures and delivering networking and security services directly to users on the network edge. With Gartner SASE, all connected users are edge users, whether they are connecting to the network from the enterprise headquarters, a branch office or a remote location.
Gartner SASE vs. CASB: What’s the difference?
A Cloud-Accessed Security Broker (CASB) is software that sits between the user (either on prem or remote) and the cloud-based applications that he or she is trying to access. CASB acts as a “gatekeeper,” monitoring data and implementing security policies for these cloud-based services.
CASB is just one of the security services that a SASE-based network could offer—others include NGFW (next-generation firewall), DLP (data loss prevention), WAF (web application firewall), SWG (secure web gateway) and many more. In addition, a SASE-based network incorporates critical networking services that a simple CASB lacks—services like SD-WAN management, DNS, IP address management, packet routing, caching, and more.
In a SASE-based network, these services are spun up individually for users and provided from the cloud, on an as-needed basis.
Why are enterprises moving to the Gartner SASE model?
Traditional networks, with their hub-and-spoke architectures, are ill-equipped to address the demands of users in a cloud-first age. Their over-reliance on physical infrastructure, tool proliferation, solution silos, manual processes and lack of automation result in frustrating performance issues at the network edge. And the proliferation of remote users, IoT devices and branch offices means that the network edge is always expanding.
Gartner SASE flips the script, focusing on users at the network edge. In Gartner SASE, all users are edge users: access policies are enforced locally, based on a user’s specific context. Services are provided to users from the cloud, as needed.
With Gartner SASE, you have no more bloated virtualized software. No more performance issues. And no more security gaps at the edge.
What are the top benefits of Gartner SASE?
Gartner SASE will give network and security teams the ability to deliver services to users consistently wherever they are located so that businesses can take full advantage of the benefits of the digital transformation.
With SASE, the burden of managing and securing a network moves from labor-intensive, server-based appliances in the data center to virtual and containerized applications in the cloud. As a result, SASE enables organizations to:
- Simplify management
- Scale elastically
- Dynamically deploy networking and security capabilities as needed
- Consume versatile network and security capabilities as cloud-based applications
- Lower costs, improve performance and make networking and security staff more efficient
What are the main aspects/components of SASE?
Gartner SASE requires technology and service providers to bring to market new platforms and architectures that enable organizations to deliver and manage network and security services with more agility and at ever-increasing scale. Primary elements of SASE include:
- Cloud-native architectures with containerized microservices—use of cloud-native design principles and containerization for superior agility, flexibility, speed and scalability
- Integrated network and security services—simplified management of diverse WAN networking and security services available through a common platform
- Cloud-managed on-demand services—combining the cloud with consumption-based usage in delivering elastically scalable networking and security services to globally distributed, edge-centric enterprises
- Centralized policy control—a unified framework for deploying and enforcing security policies to all devices and endpoints across the network
- Local survivability—maintaining local access to essential network services such as DNS at the branch level should a disruption in WAN connectivity to headquarters occur
What’s unique about the Infoblox approach to Gartner SASE?
The cloud-native BloxOne Platform is the embodiment of SASE principles. In development for four years and on the market for three, BloxOne is the only platform that provides the foundational layer that SASE requires—DNS, DCHP and IP address management (DDI). As a result, BloxOne enables key aspects vital to SASE deployments.
Read the Gartner Report on the Secure Access Service Edge