SASE

Secure Access Service Edge

Secure Access Service Edge (SASE) is a unified way to safeguard your use of web, cloud, and private applications without the hassles of point products. ESPO takes SASE even further, combining true, enterprise-class data loss prevention with secure access and advanced threat protection.

 

Now, your people can work anywhere, safely and efficiently, keeping threats out and sensitive data in.


Gartner defines SASE as “an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS and ZTNA) to support the dynamic secure access needs of digital enterprises.”


These digital enterprises, Gartner adds, exhibit trends such as:

  • Increased number of roaming users
  • Increased SaaS and IaaS
  • Increased sensitive data in the cloud
  • Increased traffic destined for cloud services, including from branch offices

The ability to securely support these new trends while keeping complexity down will be a key driver in adopting SASE solutions.


While many organizations are looking to adopt a SASE framework, only a select few Network/Security Vendors contain the appropriate technologies in their portfolios to make adopting this new architecture a reality. This is where ESPO provides value, not only can we assist with pairing your organization with the best SASE solution, but we can provide professional services to implement the technology as well.


Gartner also lists, in order of priority, the core components of a SASE solution as: SD-WAN, SWG, CASB, ZTNA and FWaaS, and DLP.  


Keep reading to view key components of the SASE framework and which Vendors we partner with that cover those components.

SD-WAN capable Next Gen Firewall

"By 2024, to enhance agility and support for cloud applications, 60% of enterprises will have implemented SD-WAN, compared to with about 30% in 2020."

-- Gartner 2020 Magic Quadrant for WAN Edge Infrastructure


Also from Gartner:

"Get involved now with SD-WAN architecture and planning meetings.  Use the opportunity to include network security services as a part of the architecture where possible:

  • Include network security providers in enterprise SD-WAN evaluations. For example, Barracuda, Cisco, Forcepoint and Fortinet are well known security vendors with competitive SD-WAN offerings."

-- "The Future of Network Security is in the Cloud"


Vendors We Support:

Contact ESPO Systems for more information.

Secure Web Gateway (SWG)

This is more than web/URL filtering.  In addition to SSL inspection for deep analysis of website content, effective modern Secure Web Gateway (SWG) solutions also include Advance Threat Protection modules such as Remote Browser Isolation (RBI) and URL and File Sandboxing (Advanced Malware Detection or AMD).


Vendors we support: 


Contact ESPO Systems for more information

Cloud Access Security Broker (CASB)

The boom of SaaS offerings has increased the need for organizational controls over what cloud applications can be accessed as well as what information can be stored in those applications and who can use them.  CASB solutions have emerged to provide organizations with appropriate security visibility and controls.


CASB solutions can utilize a SaaS applications API's to provide the needed visibility.  Where API's are either not robust enough, OR, non-existent, a Proxy connection may be required to provide the controls necessary.


Vendors we support:


Contact ESPO Systems for more information

Data Loss Prevention (DLP)

With more sensitive data being stored in more locations, it is imperative to have comprehensive and effective DLP visibility and controls across all locations including SaaS solutions and the typical exfiltration methods such as web uploads, email, USB & print channels.


Vendors we support:

  • Forcepoint (data-in-motion, data-at-rest, data-in-use.  full enterprise DLP solution)
  • Symantec (data-in-motion, data-at-rest, data-in-use.  full enterprise DLP solution)
  • Zscaler (Lite)


Contact ESPO Systems for more information