The Case for SASE

Over the past decade, there has been a continuous evolution in both technology and the manner in which companies protect their data. Until 2019 there was a steady adoption of cloud-based services, but then humanity got hit with its own malware in the form of COVID. This forced organizations to send the majority of their employee’s home causing a rapid adoption of cloud-based technology. During the same period the situation got worse with the microchip shortage as companies scrambled to find mobile computing options to replace the traditional end user PC. As a result of both these issues, companies have been searching for a method to both protect cloud centric data and allow employees the use of their own devices to continue working from home.

Data is the most important asset that any organization possesses -- whether it’s trade secrets, electronic health records or any other sensitive information. A decade ago, a company could stand up firewalls, IPS systems and proxies and do a fairly good job of keeping the bad guys out. Then along came the cloud. It brought a slew of new problems that forced security professionals to rethink the way they protect the crown jewels.

The transition from a controlled defensive position to the wide-open cloud is still ongoing for many organizations. Traditional security architectures required building tall walls around the castle with on-premises appliances, but this approach is no longer adequate. The result has been widespread loss of data visibility, compliance and protection as users work remotely.

The challenge now is to build new walls farther out – between the data and users at the endpoint. It’s a new security perimeter. Gone are the days of simply securing online sessions inside the castle behind ramparts and a mote. How do you get insight into data when a user isn’t plugged into a corporate network? A virtual private network isn’t sustainable as it requires backhauling too much traffic.

This is where Secure Access Service Edge (SASE) comes in. It’s a bundle of technologies and strategies that include the convergence of network services and network security solutions, Zero Trust principles, extensive points of presence and simplified management and monitoring. Together, this approach allows you to capture network traffic and push security policy enforcement out to the edge.

Symantec Web Security Service is the foundation of Symantec’s, by Broadcom Software, SASE solution. It integrates multiple advanced security technologies and makes them available from the cloud. WSS runs on a high-performance, fully redundant cloud-native infrastructure consisting of more than 40 POPs. This network, among the largest and best connected in the world, is edge-optimized for remote employees working from home and on mobile devices. The software-defined infrastructure heals much faster than the previous generations of cloud SWG infrastructure used by other vendors, which rely on physical network components to scale.

Also part of the SASE Architecture:

• CloudSOC allows organizations to control access to data hosted on SaaS platforms. Administrators can also detect and block access to cloud and other unauthorized (shadow IT) applications and enforce controls such as malware scanning on file downloads.
   
• Symantec Cloud Firewall Service performs deep inspection and gives organizations control of network traffic over all ports and protocols. It identifies traffic from different applications and can apply policies based on applications, user groups and factors such as the user’s location.
   
• Symantec Web Isolation defends against ransomware, malware, and phishing attacks that target browsers. Users are allowed to access uncategorized and potentially risky websites, but pages from those sites are executed and rendered in a remote, secure, disposable container. Only an interactive rendered image, of the original webpage, is delivered to the user’s browser.
   
• Symantec's Data Loss Prevention Cloud Integration enables an organization to publish policies from their existing on-premise DLP architecture to WSS, cloud based email services, and CloudSOC CASB. This integration allows an organization to continuously analyze and protect web, application, and email traffic to prevent sensitive content from leaving their control or being accessed by risky users or devices. This behavior enforces centrally managed security and compliance policies and reduces the chance of a data breach.
   
• Content and Malware Analysis allows the actions of suspicious files and malware to be observed and analyzed in an isolated sandbox in the Broadcom cloud platform. It reveals malicious behaviors and exposes zero-day threats without risk to your endpoints and systems.
   
• Symantec Secure Access Cloud offers an agentless Zero Trust Network Access solution that provides point-to-point connectivity at the application level, cloaking all resources from the end-user devices and the Internet.

Today’s security environment requires three foundational components: data visibility, monitoring, and response/remediation. With SASE we’re afforded all three.

I’ve been working in IT infrastructure and security for more than a decade. I’m honored to be a Broadcom Software Knight and I have certifications in ProxySG, Web Security Service and Web Isolation. I also hold a Broadcom SASE Framework Master certification.

To learn more on how Broadcom Software can help you modernize, optimize and protect your enterprise, contact us here.