In 2019, research firm Gartner coined the term Secure Access Service Edge (SASE) to describe network security features such as SWG, CASB, FWaaS, and ZTNA, which also has wide area Network capabilities (SDWAN) to support an organization’s dynamic secure access needs. During the COVID-19 outbreak, the idea of remote users being able to safely access them no matter where they work has become particularly attractive. As a result of the pandemic, the increase in teleworkers has raised awareness more quickly than expected. As SASE becomes the preferred choice for many enterprise network administrators and chief Information Security Officers (Cisse), many are asking, “What exactly is Secure Access Service Edge (SASE)? During the COVID-19 outbreak, the idea of remote users being able to safely access them no matter where they work has become particularly attractive. Read on to learn about the SASE model and the role virtual Private Networks (VPNS) play in it.What is SASE?According to Gartner, SASE is not a single product. It’s a structure or a philosophy.SASE combines network security capabilities, such as SWG, CASB, FWaaS, and ZTNA, with WAN capabilities, or SDWAN, to support an organization’s dynamic secure access needs. These capabilities are primarily provided as services (aaS) and are based on entity identification, real-time context, and security/compliance policies.A multi-vendor approach is usually required because few vendors provide every component of the SASE platform.The SASE architecture moves security from the data center to the cloud, fusing technologies into a converged security-as-a-service. Because it is a combination of security features, some vendors offer bundled solutions to accelerate SASE implementation, enabling remote workers to access the Internet outside the enterprise network. More commonly, a multi-vendor approach is required because few vendors provide every component of the SASE platform. The various security services that create the SASE platform include:Software-defined Wide Area Networks (SD-WAN) : Software-defined networks (SDN) are applied to large-scale wide area networks (Wans) to improve agility and application performance, and simplify administration.Cloud Access Security Agent (CASB) : Software (local or cloud-based) between cloud users and cloud applications that monitors activity and enforces security policies.Next Generation Firewalls (NGFWS) and Firewalls as a Service (FWaaS) : NGFWS go beyond protecting the usual suspects (ransomware, viruses, worms, Trojans, adware) to completely block malware before it can enter your network.Zero Trust Network Access (ZTNA) : Creates a secure peripheral environment around applications through identity – and context-based access. The application is hidden, reducing the potential surface area for an attacker.Secure Web Gateway (SWG) : THE SWG platform uses digital barriers and filters between Web sites and endpoint devices to detect and prevent threats, unauthorized access, and malware. In addition to cyber attacks, this blocks access to potentially harmful sites.The advantage of SASETechTarget contributor Terry Slattery wrote, “Cloud-based distributed architecture, centralized management, and endpoint-specific security policies……” Is the main advantage of SASE. Other points from the same article that include SASE support are:Applications can live Anywhere: SASE’s distributed access enables applications to live anywhere – data centers, public or private clouds, SaaS – and places security features closer to the end user.Simplified operations: With SASE, network boundaries are endpoints, and security is applied dynamically using role-based policies. This simplifies networking and security for employees no matter where they work.Security and routing integration: SASE integrates DNS reputation, Remote Browser Isolation (RBI), ZTNA, Data Loss Prevention (DLP), malware prevention, CASB, NGFW, Intrusion detection, Intrusion Prevention, and SWG.Lower WAN costs: SASE routing operations are similar to SD-WAN and help reduce WAN costs by eliminating the need for expensive MPLS and leased circuits. These were replaced by VPNS.Distributed architecture: SASE’s distributed architecture and centralized management improve security and network traffic efficiency. These same features may also be more resilient to denial of service (DOS) attacks.Speed: Cloud congestion and data center network latency are common problems, but SASE helps speed up response times.VPN is an important part of a good SASE architecture.Some SASE service providers promote their product and service bundles as alternatives to VPNS, but it is important to note that VPNS are an important part of a good SASE architecture. When SASE vendors refer to VPN ends, they refer to local VPNS; But SASE’s biggest, and perhaps one of its biggest selling points, is that it’s cloud-native. Keep in mind that Gartner defines SASE as “a global cloud-based service with a truly converged network security stack that supports all edges, not just branch networks. . Cloud Access Security Broker (CASB) : A cloud-based Security solution like SASE is logically required to provide Security for Cloud applications. It’s easy to see why this appeals to companies that are transitioning digitally and moving to the cloud.Unlike traditional VPNS, OpenVPN’s next generation VPN (OpenVPN Cloud) creates a private network hidden in the public Internet in the Cloud. This is great support for any SASE architecture (and much less cost and complexity!OpenVPN and SASEVPNS are no longer limited to enabling remote access. SASE may be the hot new network security concept, but it’s important to remember that modern VPNS are part of SASE and provide security features like access control on their own. Another key aspect of the discussion is that the next generation of cloud-based OpenVPN is not just a replacement for SD-WAN; It also has many SASE architecture components built in – ZTNA, firewall, intrusion detection, intrusion prevention, content filtering. Want to see how OpenVPN Cloud can easily integrate with, or even replace, some of your other SASE applications? Sign up for three free connections now.