Steve Murphy, VP, ARG

SASE Explained (Secure Access Service Edge) – What's the Meaning of SASE and Why You Will Use It 

Industry Voices Security
Steve Murphy Headshot
Title slide, white background with the words SASE (SASSY) Explained written in big letters. Picture of Steve Murphy, the presenter, is on the right side of the text. 

You need SASE in your life – and in your network. Here’s why. 

Check out this short video with Steve Murphy for all the info you need to know about SASE: what it is, what it does, and how it can help improve your user experience and security posture.

Show more

You’ll learn

  • The definition of SASE and how it’s evolving in the marketplace

  • Why you need SASE and what problems it can solve for you 

  • Why SASE is the future and how you can get started 

Who is this for?

Network Professionals Security Professionals


Steve Murphy Headshot
Steve Murphy


0:00 sassy's all the buzz in i.t and cyber

0:02 security right now

0:04 what is it and why should you care let's

0:06 find out

0:07 hi i'm steve murphy i'm a vice president

0:10 at arg and while i work for arg this

0:12 video is my own and doesn't necessarily

0:14 reflect the views of my employer let's

0:16 talk about how we're going to spend the

0:17 next couple of minutes first thing we're

0:19 going to do is define sassy

0:21 how is it evolving in the marketplace

0:24 today what do people consider a sassy

0:26 framework

0:28 why you need sassy what problems does it

0:30 solve

0:32 why sassy is going to be the future

0:34 framework for it security

0:37 and then lastly how do you get started

0:39 how can we set you up for success and

0:42 considering whether or not a sassy model

0:44 is right for you

0:45 so let's jump into it gartner defined

0:48 the term secure access service edge in

0:51 august of 2019. secure access service

0:54 edge abbreviated sase pronounced sassy

0:58 now little did they know that six months

1:00 later most of corporate america would

1:02 send their employees home due to the

1:04 covet 19 pandemic but sassy was

1:07 positioned to really enable

1:09 organizations to take advantage of that

1:12 and will be a driving force in how they

1:14 consider security moving forward sassy

1:17 is a direct challenge to how we're doing

1:20 security today and it's important as we

1:23 continue to evolve in utilization of

1:26 cloud services and

1:28 work from anywhere type of mentality

1:32 now sassy advocates that we deliver

1:34 security and other

1:36 important access services to end users

1:38 where they live

1:40 rather than bringing them back to a

1:42 security stack in a corporate data

1:44 center

1:45 this is essentially a meet users where

1:47 they are mentality and promises a lot of

1:49 benefits along the way let's talk let's

1:51 take a look at those

1:53 so sassy has

1:54 many benefits in its

1:56 initial concept stage

1:58 but they have to be pretty strong in

2:00 order to convince us to change what

2:01 we're doing today so what are those key

2:03 benefits we're going to improve the end

2:06 user experience

2:08 they're going to get greater security by

2:11 following a sassy framework and that

2:13 security is going to be increased

2:15 partially because we're going to have

2:16 better compliance

2:18 end users won't work around security

2:21 infrastructure that's put in place

2:22 because security infrastructure will no

2:25 longer impede their ability to work

2:27 efficiently we're going to get a

2:29 simplification of security tools and

2:31 they're going to be more integrated with

2:34 the

2:34 other tools the service chaining will be

2:37 more seamless and eliminate gaps that do

2:39 occur

2:40 as we stack individual point solutions

2:43 from individual vendors

2:45 and we're going to get a

2:47 improved orchestration plane or

2:50 orchestration tool single visibility

2:53 through a portal of all the services

2:55 that are included in the sassy model

2:58 and ultimately we're going to lower

2:59 costs so we're going to get a lot of

3:01 benefits and a lower cost structure and

3:04 i think we can all agree that if sassy

3:05 can deliver it will make a lot of sense

3:08 with these key benefits so let's take a

3:10 look at what sassy does

3:12 so at a very high level forty thousand

3:14 feet

3:15 sassy combines network access services

3:18 with security services and creates a

3:21 unified plane to allow end users to work

3:25 from any location on any device with the

3:28 same security posture as they would have

3:31 if they were working in a corporate

3:33 office

3:34 so the comma the combination of these

3:36 elements is what drives the secure

3:39 access service edge or sassy

3:41 so how do these two elements come

3:42 together well sassy has a couple

3:45 different components in each of the

3:46 categories that will ultimately be

3:48 unified

3:49 under the network as a service category

3:51 it includes carrier services software

3:53 defined wide area networking or sd-wan

3:56 content distribution networks

3:59 bandwidth aggregation providers and edge

4:01 equipment on the security side there are

4:04 a lot more components such as firewall

4:06 as a service secure web gateways casbi

4:09 or cloud access security brokers zero

4:11 trust networking or secure remote access

4:14 or vpns

4:15 web application protection dns services

4:18 remote browser isolation and even

4:20 sandboxing so we have a lot more

4:22 security components than we do on the

4:24 network side so that's why i think uh

4:27 sassy is really more of a security

4:29 conversation

4:30 than a networking conversation

4:33 let's talk about why we have to make a

4:34 change in the first place why do we need

4:36 sassy well the way we work has changed

4:39 dramatically just over the last five

4:41 years

4:42 we have a traditional corporate

4:44 environment what might with which might

4:47 include

4:48 a corporate office remote offices and

4:50 remote workers

4:52 today most of those users access the

4:56 corporate resources over one or two

4:57 networks either an mpls network or a

5:00 public internet network

5:02 if we're going over the public internet

5:04 we're typically using a vpn or virtual

5:06 private network to secure our work

5:09 environment

5:10 but the workspace has changed

5:12 dramatically as i said over the last

5:13 five years today

5:15 those workers whether they're in the

5:17 branch or at home are doing a large part

5:19 of their work in cloud services

5:22 not in the corporate data center

5:24 in fact 80

5:26 of the workflows

5:28 will be in the cloud by 2021. that's a

5:31 remarkable transformation than just from

5:34 a few years ago so how we access the

5:36 network and how we utilize the network

5:38 also has to change

5:40 today most of our users are going

5:42 through the corporate security stack and

5:45 then they reach back out to the public

5:47 internet and hit those cloud services

5:49 it's a very inefficient hair pinning of

5:52 traffic through the corporate data

5:54 center not only does it introduce

5:56 latency and the possibility of packet

5:58 loss but it's very expensive today in

6:01 that

6:02 corporate environment

6:04 we have an edge that might look like

6:06 this mpls coming into a router internet

6:09 coming into a router being switched out

6:11 to hit a vpn concentrator and ultimately

6:14 being checked by the firewall before it

6:16 actually gets to go through and access

6:19 corporate resources

6:20 now most of these components are

6:22 chargeable by either the amount of

6:24 bandwidth that they're plugged into or

6:26 the amount of consumption that they

6:28 experience when you hairpin traffic

6:31 coming in from the public internet or

6:33 from a private network and then sending

6:35 it back out to the internet simply to

6:37 apply security rules

6:39 you're paying for that traffic twice

6:41 sassy however

6:43 changes this construct

6:45 we've got our traditional

6:47 work environments here we're going to

6:49 leverage the public internet to get to

6:50 all of those we're going to have sassy

6:53 services

6:55 provided at the edge of the cloud

6:57 that will secure and allow

7:00 communications

7:02 directly to the resources that your end

7:05 user is trying to access

7:07 you don't have to hairpin through that

7:09 corporate office security stack any

7:11 longer because all of your security

7:13 services are delivered at the edge of

7:15 the cloud in fact sassy is one of the

7:18 great examples of edge computing that

7:20 we've been promised for such a long time

7:23 clearly there are some network

7:24 efficiencies but let's talk about what

7:25 other efficiencies we get in a sassy

7:27 environment first of all bandwidth

7:28 optimization you're no longer restricted

7:31 to that private mpls network from a

7:34 single provider you can select bandwidth

7:36 from any provider that's available to

7:38 your end user community and that allows

7:41 you to optimize cost it allows you to

7:43 provision services very uh very quickly

7:46 relative to an mpls installation

7:48 and you can use aggregators we recommend

7:50 people use aggregators for this that

7:53 allows them to again

7:55 keep that network objectivity without

7:57 losing the efficiency of working with a

8:00 single vendor

8:02 we also start to avoid that hair pinning

8:06 element that saves on licensing saves on

8:09 equipment costs we're going to

8:10 consolidate that edge

8:13 we're going to simplify it and we're

8:15 going to reduce latency in the process

8:18 then we're going to

8:19 increase end user flexibility again as i

8:22 mentioned they can use any device from

8:24 any location off of any network without

8:26 compromising security

8:28 and then lastly we're going to be able

8:30 to turn up services at new locations

8:33 very very quickly both from a network

8:36 connectivity side being able to order

8:37 let's say broadband services that are

8:39 installed typically within 10 days and

8:41 we're also going to improve how we turn

8:43 up these services at both the branch and

8:46 for the employee

8:48 not only do we have network benefits but

8:50 we also have management benefits now

8:51 today most organizations have multiple

8:54 security solutions layered one on top of

8:56 another they're individually managed and

8:58 they lack integration unless you have

9:00 something like a sim which is bringing

9:02 all the information together

9:03 artificially providing some level of

9:05 integration at least

9:07 correlation of services

9:10 sassy promises the ability to have a

9:13 single posture with a single governance

9:15 platform

9:16 management through a single pane of

9:18 glass and orchestration across multiple

9:21 point solutions

9:22 that allow not only for uniformity but

9:26 also integration eliminating a lot of

9:28 those gaps that can be created by

9:30 individual point solutions

9:32 and then lastly we're again we're

9:34 promising a lower cost profile if you

9:36 can buy all of these things integrated

9:39 they're less costly to manage and as a

9:41 subscription cost we can get some

9:44 cross-product discounting that's

9:45 typically available

9:48 sassy sounds great but it is very early

9:52 and it is very immature not many vendors

9:55 have a

9:56 robust sassy story right now and you

9:58 already have a bunch of solutions that

10:00 you've installed that you have useful

10:02 life left on so we're not advocating

10:04 that you immediately run off and

10:05 transform your business into a sassy

10:08 service model but it is a

10:10 a journey that we want to encourage you

10:12 to consider entering upon

10:15 gartner's vision may not be your roadmap

10:17 you have to determine what your own

10:18 roadmap is

10:20 but as sassy evolves it's important for

10:22 you to consider the benefits that you

10:24 may get over time

10:27 we recommend that organizations start a

10:29 sassy strategy by moving into service

10:33 provider solutions that do have those

10:35 sassy components

10:36 and selectively over time moving more

10:40 and more of those services into that

10:42 sassy strategy so for example if this

10:44 year you're considering upgrading your

10:45 endpoint security solution now endpoint

10:47 security isn't part of the sassy story

10:49 according to gartner i personally think

10:51 it should be but let's just use that as

10:53 an example

10:54 by moving into a sassy strategy one

10:57 solution at a time you can ensure that

10:58 it's the right fit for your organization

11:01 and you can make reasonable and measured

11:03 judgments as to whether or not your

11:05 sassy strategy

11:06 will support the individual solution

11:08 that you're considering so what are your

11:10 next steps well i'd appreciate it if you

11:13 take a moment just to like this video if

11:16 you got some value out of it and to

11:18 subscribe if you want to find your way

11:19 back to this channel in the future

11:21 and then if you want to have a

11:22 conversation around sassy or any other

11:25 security topics or any other network as

11:27 a service topics i'm going to put my

11:29 contact information in the video

11:31 description feel free to reach out to me

11:33 i'd be happy to have a quick

11:34 conversation and talk to you about what

11:35 some of your options might be

11:37 and with that i appreciate your time and

11:39 watching this video i hope you have a

11:40 great day and i'll see you next time

11:42 thanks so much

Show more