close
magnifying glass
Get Started
magnifying glass
chevron
Support Language
close
Your Network of Tomorrow
Your Network of Tomorrow
Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.
chevron Get the white paper
          Experience Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
          chevron Experience Netskope
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            Netskope debuts as a Leader in the Gartner® Magic Quadrant™ for Single-Vendor SASE
            chevron Get the report
              Securing Generative AI for Dummies
              Securing Generative AI for Dummies
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
              chevron Get the eBook
                Modern data loss prevention (DLP) for Dummies eBook
                Modern Data Loss Prevention (DLP) for Dummies
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                chevron Get the eBook
                  Modern SD-WAN for SASE Dummies Book
                  Modern SD-WAN for SASE Dummies
                  Stop playing catch up with your networking architecture
                  chevron Get the eBook
                    Understanding where the risk lies
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                    chevron Watch the demo
                            The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                            The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                            Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                            chevron Get the eBook
                              Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                              Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                              chevron Read the case study
                                Netskope GovCloud
                                Netskope achieves FedRAMP High Authorization
                                Choose Netskope GovCloud to accelerate your agency’s transformation.
                                chevron Learn about Netskope GovCloud
                                  Let's Do Great Things Together
                                  Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
                                  chevron Netskope Partners
                                    Netskope solutions
                                    Netskope Cloud Exchange
                                    Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                    chevron Learn about Cloud Exchange
                                        Netskope Technical Support
                                        Netskope Technical Support
                                        Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
                                        chevron Technical Support
                                          Netskope video
                                          Netskope Training
                                          Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.
                                          chevron Explore Netskope Training
                                            Netskope video
                                            Achieve Business Value with Netskope One SSE
                                            Netskope One Security Service Edge (SSE) enables enterprises to achieve considerable business value by consolidating business critical security services within the Netskope One platform
                                            chevron Get the study

                                              What is SASE?

                                              Secure Access Service Edge (SASE) is a network architecture model that integrates wide area networking (WAN) capabilities with comprehensive security services. SASE is a cloud-based solution. It combines secure web gateways, cloud access security brokers, firewall-as-a-service, and zero trust network access. All these components are unified into one system. This convergence enables consistent security enforcement and optimal performance, providing users with seamless and secure access to applications and data regardless of their location.

                                              Jump to a section

                                              SASE meaning: what does SASE stand for? Why is SASE important? What is SASE architecture? SASE components and capabilities include SASE benefits What are the four questions to ask when adopting a SASE network SASE vs SSE: what is the difference?
                                              8 min read

                                              SASE meaning: what does SASE stand for? link link

                                              Secure Access Service Edge (SASE), pronounced “sassy,” is a cloud-based architecture that delivers network and security services meant to protect users, applications, and data.

                                              This term was coined by Gartner in 2019 and has quickly risen through the ranks to become one of the top aspirational security concepts of the current decade so far. Given that many users and applications no longer live and operate on a corporate network, access and security measures can’t depend on conventional hardware appliances in the corporate datacenter.

                                              SASE security promises to deliver the necessary networking and security capabilities in the form of cloud-delivered services. Done properly, a SASE model eliminates perimeter-based appliances and legacy solutions. Instead of delivering the traffic to an appliance for security, users connect to the SASE cloud service to safely access and use web services, applications, and data with the consistent enforcement of security policy.

                                              Where is the “edge” in Secure Access Service Edge?

                                              The “edge” in SASE refers to the cloud provider’s global systems that exist on their hardware (data centers and devices). Users access cloud services by logging in and authenticating their identities, from any location, and are passed through this “edge” into the cloud environment.

                                              sase meaning

                                              White Paper: SASE and the Seven Forces Shaping Security Transformation
                                              Blog: A CISOs View of SASE

                                               

                                               Secure Access Service Edge (SASE), pronounced “sassy,” is a cloud-based architecture that delivers network and security services meant to protect users, applications, and data.

                                              Why is SASE important? link link

                                              Conventional security measures presumed that applications and users would be inside the network perimeter, which is no longer true. Corporate data is moving to the cloud, employees are increasingly working remote, and digital transformation initiatives require IT organizations to be nimble to capitalize on new business opportunities.

                                              As a result, the traditional network perimeter is dissolving, and new models for access controls, data protection, and threat protection are necessary. In light of these changes, organizations are finding that their existing collection of standalone point products such as firewalls, secure web gateway, data loss prevention (DLP), and cloud access security brokers (CASB), are no longer applicable in a cloud-first world.
                                              SASE Gartner predictions

                                              20% of enterprises will adopt SWG, CASB, ZTNA and branch FWaaS by 2023
                                              of enterprises will adopt SWG, CASB, ZTNA and branch FWaaS by 2023
                                              40% of enterprises will develop strategies to adopt SASE by 2024
                                              of enterprises will develop strategies to adopt SASE by 2024

                                              SOURCE: GARTNER REPORT: THE FUTURE OF NETWORK SECURITY IS IN THE CLOUD

                                               

                                               Conventional security measures presumed that applications and users would be inside the network perimeter, which is no longer true. Corporate data is moving to the cloud, employees are increasingly working remote, and digital transformation initiatives require IT organizations to be nimble to capitalize on new business opportunities.

                                              What is SASE architecture? link link

                                              Secure Access Service Edge, or SASE, unifies networking and security services in a cloud-delivered architecture to protect users, applications, and data everywhere. Given that users and applications are no longer on a corporate network, security measures can’t depend on conventional hardware appliances at the network edge.

                                              SASE diagram

                                              There are two sides of SASE architecture: Security and Networking

                                              Instead, SASE solutions promise to deliver the necessary networking and security as cloud-delivered services. Done properly, a SASE model eliminates perimeter-based appliances and legacy solutions. Instead of delivering the traffic to an appliance for security, users connect to the SASE cloud service to safely use applications and data with the consistent enforcement of security policy.

                                               Secure Access Service Edge, or SASE, unifies networking and security services in a cloud-delivered architecture to protect users, applications, and data everywhere. Given that users and applications are no longer on a corporate network, security measures can’t depend on conventional hardware appliances at the network edge.

                                              SASE components and capabilities include link link

                                              The main components and capabilities of SASE include Software-Defined WAN (SD-WAN), Cloud Access Security Broker (CASB), Security Web Gateway (SWG), Firewall-as-a-service (FWaaS) and Zero Trust Network Access (ZTNA). All of these elements work in tandem, relying on their variety of strengths to form the SASE framework.

                                              A SASE architecture is capable of identifying users and devices, applying policy-based security controls, and delivering secure access to the appropriate applications or data. SASE security makes it possible to provide secure access regardless of where users, data, applications or devices are located. With that in mind, the expanded capabilities of SASE are listed below:

                                              • Cloud-native microservices in a single platform architecture
                                              • Ability to inspect SSL/TLS encrypted traffic at cloud scale
                                              • Inline proxy capable of decoding cloud and web traffic (Next-Generation Secure Web Gateway/NG SWG)
                                              • Firewall and intrusion protection for all ports and protocols (Firewall as a Service/FWaaS)
                                              • Managed cloud service API integration for data-at-rest (Cloud Access Security Broker/CASB)
                                              • Public cloud IaaS continuous security assessment (Cloud Security Posture Management/CSPM)
                                              • Advanced data protection for data-in-motion and at-rest (Data Loss Prevention/DLP)
                                              • Advanced threat protection, including AI/ML, UEBA, sandboxing, etc. (ATP)
                                              • Threat intelligence sharing and integration with EPP/EDR (Endpoint Protection Platform/Endpoint Detection and Response), SIEM (Security Information and Event Management), and SOAR (Security Orchestration, Automation, and Response)
                                              • Software-defined perimeter with zero trust network access, replacing legacy VPNs (SDP, ZTNA)
                                              • Protection for the branch, including support for branch networking initiatives such as SD-WAN (Software-Defined Wide Area Network)
                                              • Carrier-grade, hyper-scale network infrastructure with a global POP (Point of Presence) footprint

                                               

                                              What are the major transformations behind SASE architecture?

                                               

                                               The main components and capabilites of SASE include Software-Defined WAN (SD-WAN), Cloud Access Security Broker (CASB), Security Web Gateway (SWG), Firewall-as-a-service (FWaaS) and Zero Trust Network Access (ZTNA).

                                              SASE benefits link link

                                              A SASE network architecture offers enhanced security, improved performance, simplified management, scalability, cost efficiency, compliance alignment, and future-proofing. By adopting SASE, organizations can establish a flexible, secure, and agile network infrastructure that addresses the demands of the modern digital landscape.

                                              1. Flexibility:
                                              Allows for direct-to-net or direct-to-cloud access from anywhere for easy adoption of new digital business models

                                              2. Cost savings:
                                              Eliminates CapEx for on-premises infrastructure and provides lower, predictable OpEx due to its Security-as-a-Service model

                                              3. Reduced complexity:
                                              Consolidated services into a cloud-delivered model eliminates complex stack of legacy point solutions and simplifies operational effort

                                              4. Increased performance:
                                              Enhances and accelerates access to internet resources via a global network infrastructure optimized for low-latency, high-capacity, and high-availability

                                              5. Zero trust network access:
                                              Provides secure, contextual access to private apps in public/private clouds

                                              6. Threat protection:
                                              Stops cloud and web attacks such as cloud phishing, malware, ransomware, and malicious insiders

                                              7. Data protection:
                                              Protects data everywhere it goes, inside and outside of the organization, including within public clouds as well as between company and person instances of cloud apps

                                               

                                               A SASE network architecture offers enhanced security, improved performance, simplified management, scalability, cost efficiency, compliance alignment, and future-proofing. By adopting SASE, organizations can establish a flexible, secure, and agile network infrastructure that addresses the demands of the modern digital landscape.

                                              What are the four questions to ask when adopting a SASE network link link

                                              1. How does your current web or cloud security give you full visibility and context across all web and cloud traffic?

                                              Consider consolidating your secure web gateway (SWG) and cloud access security broker (CASB). This will provide critical visibility and control for data loss protection (DLP) and advanced threat protection (ATP) defenses that are also cloud-hosted in the same platform. Along with retiring your legacy SWG appliances, migrate to zero trust network access (ZTNA) to replace your legacy VPN appliances to modernize your overall secure access posture.

                                              2. What level of cloud-scale does your current security solution provide?

                                              The majority of cloud traffic is encrypted, and a growing number of attackers are leveraging the cloud to evade traditional network controls. Using cloud-scale SSL/TLS inspection helps you stay on top of the threat landscape.

                                              3. Does your current network support high performance and consistent availability?

                                              Users expect high performance with low latency, because if the SASE is slow, unhappy users will look for ways around your system. In order to deliver great user experience, make sure that your SASE solution is engineered for high performance and located in the places that your users are.

                                              4. How many consoles and policies do you currently have to use to manage your existing security stack?

                                              Many vendors are adapting or virtualizing their software and calling it a cloud-based solution. If it isn’t designed to be a SASE, you may end up with multiple administrative consoles, complex policies that are hard to manage, and time-wasting tools for conducting investigations. Choose a solution that has a single management console, single client, and a single policy engine to streamline operations and effectiveness for network and security teams.

                                               

                                              SASE vs SSE: what is the difference? link link

                                              Now that you understand SASE, let’s touch on what SSE is and why there is so much buzz about it. Security Service Edge (SSE) is the convergence of multiple cloud-based security services as the other half of a Secure Access Service Edge (SASE) architecture. SSE benefits your business through a singular architecture that simplifies your security, reduces risks, offers inline visibility, provides granular control of data, and creates preventative measures through advanced analytics capabilities.

                                               

                                               

                                               SSE successfully modernizes your technology architecture by converging Web Proxy (SWG), ZTNA, CASB, and DLP into one, powerful, high-performing solution.

                                              SASE Week 2024
                                              On-Demand

                                              Watch SASE Week 2024 on-demand and learn how to navigate the latest advancements in SASE and Zero Trust and explore how these frameworks are adapting to address cybersecurity and infrastructure challenges.

                                              Explore sessions
                                              SASE Week 2024

                                              Become a SASE Expert

                                              Sponsored by Netskope, The SASE Accreditation is an introductory training on Secure Access Service Edge (SASE), an architectural framework for security and networking that addresses the security challenges modern organizations face as they embrace cloud applications, protect data, and unify networking and security services.

                                              Register for on-demand
                                              SASE Accreditation

                                              SASE thought leadership

                                              card shape
                                              Platform, Products, & Services

                                              Key Takeaways from the Just-Published Gartner Market Guide for Single-Vendor SASE

                                              By Chad Berndtson
                                              chevron Read the blog
                                              card shape
                                              Full Skope

                                              Transform Your Hybrid Work Model with SASE

                                              By Jason Clark
                                              chevron Read the blog
                                              card shape
                                              Secure Access Service Edge

                                              New Netskope Customer, United States Patent and Trademark Office (USPTO), Leads the Way in Security Modernization with First Ever US Federal Civilian SASE Contract

                                              By Colby Proffitt
                                              chevron Read the blog
                                              Show More
                                              plus image
                                              SASE resources

                                              SASE Architecture For Dummies

                                              In this easy to read, no marketing blather SASE Architecture For Dummies, Netskope 2nd special edition we will provide you with a practical understanding of what SASE is – and isn’t. This book will arm you with information to build a confident plan for security and network convergence.

                                              Get the report
                                              SASE Architecture For Dummies eBook

                                              Related resources

                                              Results