Welcome to the Overviews of (SASE) & (CASB)

  Secure Access Service Edge (SASE) is the convergence of wide area networking, or WAN, and network security services like CASB, FWaaS and Zero Trust, into a single, cloud-delivered service model.

SASE is a new category defined by Gartner analysts Neil McDonald (Security analyst) and Joe Skorupa (networking analyst) SASE details an Architectural Transformation of enterprise networking and security that will enable IT to provide a holistic, agile, and adaptable service to the digital business. The SASE Cloud service has 4 main characteristics: Identity-Driven, Cloud native, globally distributed and supports all edges (WAN, cloud, mobile, edge computing.

NEW NETWORKING AND SECURITITY ARCHITECTURE FOR BUSINESS

• Identity-drive: The basis for SASE Networking an Security Policies
• Cloud-native: Built-for and delivered-from the cloud
• Globally Distributed: Available Near All Edges
• All Edges: Physical Locations, Clouds, Users and Edge Computing

• Cloud Access Security Broker platforms (CASB) deployed to protect organizations' critical and sensitive data. Is a visibility and control point that secures cloud applications, delivering data protection and threat protection services to prevent leakage of sensitive data, stop malware and other threats.    With Zero Trust instead of assuming everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originates from an open network. Regardless of where the request originated.  - 

CASB 

Is the digital transformation that has been the leading force in the evolution of the modern business. In particular, the adoption of cloud-based Software as a Service (SaaS) applications has been a prominent trend which is constantly expanding. Many of these (SaaS) applications are being adopted and used by employees without the enterprise IT and security departments’ knowledge and approval. They can also hold sensitive enterprise information and intellectual property without IT’s knowledge. 

These unsanctioned applications constitute and additional attack surface which can compromise the information stored within them. They are collectively referred to as “shadow IT”, as organizations’ IT and security teams do not have insight into their usage and cannot control their access and properly protect from the threats they pose.

This is where the Cloud Access Security Broker (CASB) comes into play and helps organizations cope with the perils of shadow IT. Beyond unsanctioned application, CASB helps organizations control access to sanctioned applications as well, making sure only authorized users, using authorized credentials, are granted access. 

An effective CASB solution should cover these for steps:

Visibility, Assessment, Enforcement, and Protection. 

• Visibility: Dealing with Shadow IT is gaining visibility into an organization’s usage of SaaS. 
• Assessment: Addressing Shadow IT is preforming a deeper analysis of specific application characteristics in order to better understand the potential risk it poses. 
• Enforcement: Dealing with Shadow IT is controlling access to it. 
• Protection: Dealing with Shadow IT is t provide protection form threats which can compromise the enterprise’s security