Steve Murphy, IT expert and VP, ARG

2 Key Elements for SASE

Industry Voices Security
Steve Murphy Headshot
Title slide has a photo of presenter Steve Murphy with the title of his presentation, 2 Key Elements for SASE 

Here’s what makes SASE a SASE product.

Since Gartner coined the term more than two years ago, SASE (Secure Access Service Edge) has taken the marketplace by storm. But there are two key elements that IT expert Steve Murphy believes are requisite for a product to truly be labeled as SASE. Watch now to find out. 

Show more

You’ll learn

  • Why SASE must have a single-pass platform and what exactly that means 

  • Why all SASE providers should have a road map for getting to a single-pass solution 

  • Why real SASE solutions should not require heavy appliances to be installed at customer locations

Who is this for?

Business Leaders Security Professionals


Steve Murphy Headshot
Steve Murphy
IT expert and VP, ARG 


0:00 welcome back to my channel in this video

0:02 we're going to talk about sassy and i'll

0:04 be getting a lot of questions about what

0:06 makes sassy a sassy product now sassy

0:08 stands for secure access surface edge

0:10 and we're going to talk about the two

0:11 elements that i believe are requisite

0:13 for a product to really be labeled as

0:15 sassy hi i'm steve murphy i'm a vice

0:18 president at arg and while i work for

0:19 arg this video is my own and not

0:21 necessarily a reflection of the views or

0:22 opinions of my employer this channel is

0:24 all about helping it leaders make great

0:25 business decisions and sassy secure

0:28 access service edge has really taken the

0:31 marketplace by storm over the last let's

0:33 say two and a half years since gartner

0:34 coined the term

0:36 i've got a video describing several

0:37 several videos actually describing sassy

0:40 i'll put a link to one of them here in

0:42 this video and if you're interested in

0:44 how sassy actually works and how it's

0:45 defined you can find some more details

0:47 there this video is about questions i

0:49 get specifically around sassy and how to

0:53 differentiate from the marketing

0:54 materials that end users and consumers

0:57 of security products are seeing and

0:59 trying to determine

1:01 whether or not that product is really a

1:02 sassy product so in giving this some

1:04 thought i came down with two key

1:06 elements and gartner has already defined

1:09 these elements so it's not any special

1:10 brilliance on my part i wish it was but

1:13 there are two key elements out of the

1:15 many elements that gartner in the

1:17 industry

1:18 attributes to a sassy platform and the

1:20 first element is a single pass platform

1:24 and what do i mean by that so today in a

1:27 typical security stack as packets are

1:29 are traveling through that stack they

1:31 are getting multiple passes each element

1:34 of the security stack takes that packet

1:36 and evaluates it for its own purposes

1:38 frequently decrypting it and doing a

1:40 deep packet inspection for example

1:42 every time it passes through a different

1:44 stage of this of the security stack

1:46 a sassy solution is a single pass

1:49 platform that means that they're going

1:51 to inspect that packet and evaluate that

1:53 packet one time and they're going to

1:54 evaluate it for the entire portfolio

1:57 services that you've subscribed to

1:59 within that sassy platform so for

2:01 example when a packet is coming into

2:04 the environment coming into the sassy

2:06 environment not necessarily your network

2:07 yet but just the sassy environment

2:10 the context of that packet is going to

2:12 be established is this coming from a

2:14 machine that is running the agent for

2:16 example is the endpoint protection up to

2:18 date on this machine

2:20 is it coming from a known ip address or

2:22 an uh a new ip address is that ipad

2:26 address geographically relevant to what

2:27 we understand about that user or far

2:29 removed from what we understand about

2:31 that user's typical location it's going

2:34 to associate the user id and the

2:37 relevant permissions that that user has

2:40 to that packet

2:41 it'll decrypt and do a deep packet

2:43 inspection to make sure there's no

2:44 suspicious payload in that encrypted

2:47 packet

2:48 it will do the dns filtering it will

2:50 identify the application that is

2:52 associated with that packet and assign a

2:55 routing optimization for that particular

2:57 application and it will do the casb

2:59 scanning for sensitive information

3:02 now in a traditional environment as i

3:04 originally said with multiple passes

3:06 you might have your um firewall doing

3:09 d-packet inspection you might have your

3:11 secure web gateway doing d-packet

3:13 inspection you might have your ids ips

3:15 doing d-pack inspection

3:17 all of these individual steps

3:18 essentially doing the same thing

3:20 introduces latency complexity and the

3:22 opportunity for loss within that

3:24 environment

3:25 and it's also super expensive so in

3:28 order to be a sassy platform there needs

3:30 to be a single pass story it doesn't all

3:33 need to be single pass yet there are a

3:34 lot of

3:35 very good sassy providers out there that

3:38 have not yet consolidated their entire

3:40 application into one platform to

3:43 accomplish that single pass strategy but

3:45 you should at least understand their

3:47 roadmap for getting to a single pass

3:49 solution

3:50 that brings us to the

3:52 next element key element that you need

3:54 and a sassy solution it has to be

3:56 cloud-based

3:57 real sassy solutions should not be

4:00 requiring heavy appliances to be

4:02 installed at customer locations sassy is

4:05 about bringing security to end users

4:07 wherever they are in whatever context

4:09 they want to use resources you can't do

4:12 that if you're relying upon a heavy

4:13 appliance at particular locations that

4:16 means that the sassy solution has to be

4:18 cloud-based and this gives you

4:19 scalability the ability to add hundreds

4:22 of users at a time for example

4:24 after an acquisition

4:26 it gives you the ability to have

4:27 consistency a single control plane

4:30 across your entire organization that

4:32 really is only it possible

4:34 in a cloud-based environment

4:36 you have a management platform that is

4:38 being maintained

4:40 over time in real time that you don't

4:42 have to worry about

4:44 and you have many many pops that are

4:46 close to where your users want to access

4:48 the network this prevents you from

4:50 having to backhaul traffic a great

4:52 distance to a cloud pop to establish

4:55 that sassy connection

4:57 so those are the two key elements that i

5:00 see in a sassy solution that i would use

5:03 as qualifiers before you speak to

5:05 vendors about beginning a sassy

5:07 conversation

5:08 if you got some value out of this video

5:10 i'd appreciate a thumbs up thank you

5:12 very much in advance for doing that if

5:13 you want to continue the conversation

5:14 and maybe talk about which sassy

5:16 providers meet these criteria feel free

5:18 to reach out to me my contact

5:20 information is in the description of

5:22 this video and i'm happy to engage in

5:24 any questions or conversations that you

5:26 might have

5:27 i appreciate your time in watching this

5:29 video and i hope you have a great day

Show more