Need cloud computing? Get started now

What Is SASE?

Secure access service edge (SASE) is a cloud-based enterprise security framework designed to address the network and security challenges caused by digital business transformation. The move to cloud coupled with increasingly mobile workforces places users, devices, applications, and data outside of the enterprise data center and network, creating an “access pattern inversion.” Introduced by Gartner, the SASE model responds to this inversion delivering networking and network security controls at the edge — as close to users as possible.

SASE architecture

SASE delivers converged network and security services from a single, globally distributed and cloud-native platform. Scale, acceleration, and edge compute capabilities to delight customers are integrated with Zero Trust Network Access (ZTNA), web application and API protection as a service (WAAPaaS), and cloud secure web gateway (SWG) services to protect your users. Organizations can secure and enable corporate resources while securing and delivering their sites, applications, and APIs.

Diagram illustrating a SASE framework

The benefits of SASE

When implemented effectively, the SASE framework can:

  • Strengthen security. The SASE framework places security capabilities as close to the end user as possible, improving overall security posture while making it more difficult for hackers to exploit vulnerabilities and launch successful attacks.
  • Improve resilience. Because it is edge native, a SASE framework offers low-latency connectivity and security for users, devices, and services. A worldwide fabric of points of presence (PoPs) provides networking and security controls without diminishing performance.
  • Minimize cost and complexity. By integrating network and security services, SASE architecture reduces complexity for IT and security teams while increasing visibility and reducing the cost of management.
  • Support Zero Trust. SASE architecture uses a variety of threat and contextual signals to secure access to internal resources and the internet. Only authorized, trusted, and authenticated users and devices are granted access to the network.
  • Enable business scenarios. The SASE framework enables new digital business scenarios by delivering security controls at the edge, where they are most needed to protect users, devices, and resources that are located outside of the network and beyond the reach of an on-premises security stack.
  • Increase effectiveness. By providing a single platform on which to build enterprise security strategy, SASE aligns security solutions and IT teams while allowing them to work in tandem.

How to implement SASE architecture

Adopting a SASE solution can be accomplished in a six-step process.

  1. Define your edge. How you define your current boundaries — as well as where you want to move to — will determine which tools you need to implement SASE architecture.
  2. Identify critical capabilities. Determine which specific capabilities you’ll need for the network as a service (NaaS) and network security as a service (NSaaS). These may include (but are not limited to) solutions for bot management, DDoS protection, DNS security, web application firewall, Zero Trust Network Access, a CDN, serverless computing, and application acceleration.
  3. Conduct a gap analysis. After defining what needs to be protected and which tools you’ll need to integrate, conduct a gap analysis to determine where investment is necessary to realize your strategy.
  4. Define technical data. Determine the maturity and effectiveness of your networking systems and security systems by analyzing which tools have been purchased but not optimized, which are customized and locked into out-of-date versions, which are behind in updates, and where you have too few staff resources maintaining multiple, disparate systems.
  5. Plan your phases for transition. Moving to a SASE framework is a multiphase journey. It may involve moving away from individual point solutions or starting with the adoption of Zero Trust Network Access technologies. Adopting a secure web gateway and cloud access security broker are important steps, and web application and API protection as well as DNS security and DDoS protections are also foundational capabilities that should be adopted during your transition.
  6. Gain key stakeholder buy-in. When building the business case for a move to SASE, emphasize how consolidating vendors will reduce cost and complexity. Focus on the fact that having an industry analyst-supported model like a SASE offers validation, proven resources, and specialists to consult with.

Frequently Asked Questions (FAQ)

SASE, or secure access service edge, is a security framework defined by Gartner. In a SASE architecture, security and network connectivity technologies converge in a single cloud-delivered platform to enable secure and fast digital transformation.

The SASE framework incorporates multiple security technologies in a single service model. These include Zero Trust Network Access (ZTNA), software-defined wide area networking (SD-WAN), cloud access security broker (CASB), next-generation firewalls and firewall as a service (FWaaS), secure web gateways (SWG), and multi-factor authentication (MFA).

Multi-factor authentication (MFA), or two-factor authentication, improves security by requiring users to present two or more types of verifications when requesting access to applications and services. FIDO2-based MFA solutions can help to prevent breaches that result from credential stuffing, phishing, social engineering, and machine-in-the-middle attacks designed to steal login credentials. Companies that deploy MFA security can reduce the incidents of breaches by as much as 99.9% over companies that do not.

Why customers choose Akamai

Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai Connected Cloud, a massively distributed edge and cloud platform, puts apps and experiences closer to users and keeps threats farther away.

Explore all Akamai security solutions