5 minute read
DELIVERING
DELIVERING PERVASIVE SECURITY
Vibin Shaju, Director – Sales Engineering UKMA at McAfee shares insights of what SASE is all about and also about McAfee’s offerings in SASE
Advertisement
What in brief is SASE about? How does it redefine network security as we have known it conventionally in the multicloud era?
SASE is a security framework for enabling secure and fast cloud adoption and helping ensure both users and devices have secure cloud access to applications, data and services anywhere, any time.
SASE converges networking and network security into a single, cloud-delivered offering to support the needs of digital business transformation, edge computing, and workforce mobility. Gartner’s SASE framework provides for the dynamic creation of a policy-based, secure-access service edge, regardless of the location of the entities requesting the capabilities, and regardless of the location of the networked capabilities they are requesting access to.
Gartner states, “Comprehensive SASE offerings are only now emerging, with adoption rates at less than 1%.” Gartner also states “By 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.”
What are the major objectives of a comprehensive SASE platform or solution? is this only cloud delivered or does it also include anything physical?
The SASE framework is designed to allow enterprise security professionals to apply identity and context to specify the exact level of performance, reliability, security, and cost desired for every network session. Organizations using the SASE framework can realize increased speed and achieve greater scale in the cloud, while addressing new security challenges inherent in these cloud environments.
SASE is generally classified as a cloud-delivered service, providing secure access to cloud-based resources, secure communications between remote users, and always-on security for devices off-premises. However, there are situations where organizations may require a combination of physical and cloud-based solutions for SASE to work effectively. This may include supporting
a physical SD-WAN solution in place that already contains a full stack of security, or the desire to provide protection at the edge when processing confidential or sensitive information rather than shuttling it out to the cloud for inspection.
What needs to be the major constituents of a SASE platform?
SASE combines network security functions (such as SWG, CASB, FWaaS and ZTNA), with WAN capabilities (i.e., SDWAN) to support the dynamic secure access needs of organizations. These capabilities are delivered primarily as a service and based upon the identity of the entity, real time context and security/compliance policies.
SASE is a new package of technologies including SD-WAN, SWG, CASB, ZTNA and FWaaS as core abilities, with the ability to identity sensitive data or malware and the ability to decrypt content at line speed, with continuous monitoring of sessions for risk and trust levels.
Elaborate on the significance it assumes in the remote working era
SASE allows for the elasticity and agility needed to meet customer demands in today’s modern workforce – which was pushed further into modernity with the seismic shift to remote working.
Without a cloud-based SASE framework in place, these organizations would need to take the time to order expensive software, configure it and update policies manually without the scale, scope and speed of the cloud – and lose valuable time and productivity, not to mention open the business to threats.
While the impact is across all distributed networks, elaborate the importance of SASE in the content of making SD WAN more secure?
SD-WANs were a major step forward in safely and cost-effectively connecting multiple remote networks. However, without the help of third-party applications, SD-WANs cannot control certain security features, such as VPN remote access and web gateways. SASE is an improvement on SD-WAN, that smoothly integrates the security tools its predecessor lacked.
SASE represents the 'cloudification' of network security and effectively eliminates the complexity created by multiple edge appliances and cloud-based solutions while facilitating a more streamlined operational approach.
Because it is a single service, SASE cuts complexity and cost. Enterprises deal with fewer vendors, the amount of hardware required in branch offices and other remote locations declines, and the number agents on end-user devices also decreases.
Elaborate on your approach to SASE?
A lot of SASE vendors have focused on convergence of networking and security, but the key business goal of SASE is to protect applications and data in the cloud by building a pervasive edge that spans all manners of accessing these applications and data.
McAfee’s MVISION Unified Cloud Edge (UCE) delivers this pervasive edge and enables organizations to apply consistent data protection and threat prevention policies across their entire estate, including users, devices, locations and applications. Under the covers, MVISION UCE is convergence of Cloud Access Security Broker (CASB), next-gen Secure Web Gateway (SWG) with Remote Browser Isolation (RBI), and data loss protection (DLP) technologies delivered via a single global cloud fabric –with consistent policy and incident management.
MVISON UCE delivers robust native support for virtually any SD-WAN solution via site-to-site and site-tocloud deployments, leveraging industry standard Dynamic IPSec and GRE protocols. To date, McAfee has certified interoperability with six of the industry's leading SD-WAN vendors, including Viptela (Cisco), VeloCloud (VMware), and Citrix, with even deeper partnerships forged with Silver Peak, Fortinet, and Versa Networks through McAfee’s Security Innovation Alliance (SIA) program, one of the industry’s largest technology partnership programs.
McAfee has announced MVISION Cloud Native Application Protection Platform (CNAPP), an integrated architecture to secure the cloud native application ecosystem. MVISION CNAPP delivers consistent data protection, threat prevention, governance, and compliance throughout the cloud-native application lifecycle, including container and OS-based workloads.
MVISION CNAPP brings application and data context to converge Cloud Security Posture Management (CSPM) for public cloud infrastructure, and Cloud Workload Protection (CWPP) to protect hosts and workloads including VMs, containers, and serverless functions. MVISION CNAPP provides five key capabilities:
1. Deep Discovery: The ability to discover all cloud resources and prioritize them based on risk. MVISION CNAPP uniquely provides deep discovery of all workloads, data and infrastructure across endpoint, networks and cloud. 2. Shift Left: The ability to protect against configuration drift and provide vulnerability assessment across virtual machines, containers and serverless environments. This helps unleash developer productivity through frictionless automation. 3. Zero Trust: The ability to build policy based on zero trust, behavioral observation to eliminate false positives and achieve scale with known good behavior enforcement. 4. MITRE ATT&CK Framework: The ability to empower the Security Operations Center (SOC) by mapping cloud native threats to the MITRE ATT&CK framework for expedient remediation. 5. Governance and Compliance: The ability to automate security controls for continuous compliance and governance of data and permissions.
