• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Contact Sales
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Why Us
    • Why Cisco Umbrella
      • Why Try Umbrella
      • Why DNS Security
      • Why Umbrella SASE
      • Our Customers
      • Customer Stories
      • Why Cisco Secure
    • Fast Reliable Cloud
      • Global Cloud Architecture
      • Cloud Network Status
      • Global Cloud Network Activity
    • Unmatched Intelligence
      • A New Approach to Cybersecurity
      • Interactive Intelligence
      • Cyber Attack Prevention
      • Umbrella and Cisco Talos Threat Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco Umbrella and SecureX
  • Products
    • Cisco Umbrella Products
      • Cisco Umbrella Cloud Security Service
      • Recursive DNS Services
      • Cisco Umbrella SIG
      • Umbrella Investigate
      • What’s New
    • Product Packages
      • Cisco Umbrella Package Comparison
      • – DNS Security Essentials Package
      • – DNS Security Advantage Package
      • – SIG Essentials Package
      • – SIG Advantage Package
      • Umbrella Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Cloud Data Loss Prevention (DLP)
      • Cloud-Delivered Firewall
      • Cloud Malware Protection
      • Remote Browser Isolation (RBI)
    • Man on a laptop with headphones on. He is attending a Cisco Umbrella Live Demo
  • Solutions
    • SASE & SSE Solutions
      • Cisco Umbrella SASE
      • Secure Access Service Edge (SASE)
      • What is SASE
      • What is Security Service Edge (SSE)
    • Functionality Solutions
      • Web Content Filtering
      • Secure Direct Internet Access
      • Shadow IT Discovery & App Blocking
      • Fast Incident Response
      • Unified Threat Management
      • Protect Mobile Users
      • Securing Remote and Roaming Users
    • Network Solutions
      • Guest Wi-Fi Security
      • SD-WAN Security
      • Off-Network Endpoint Security
    • Industry Solutions
      • Government and Public Sector Cybersecurity
      • Financial Services Security
      • Cybersecurity for Manufacturing
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
  • Resources
    • Content Library
      • Top Resources
      • Cybersecurity Webinars
      • Events
      • Research Reports
      • Case Studies
      • Videos
      • Datasheets
      • eBooks
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • For Customers
      • Support
      • Customer Success Webinars
      • Cisco Umbrella Studio
    • Get the 2022 Cloud Scurity Comparison Guide
  • Trends & Threats
    • Market Trends
      • Hybrid Workforce
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
    • Security Threats
      • How to Stop Phishing Attacks
      • Malware Detection and Protection
      • Ransomware is on the Rise
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
      • Global Cyber Threat Intelligence
      • Cyber Threat Categories and Definitions
    •  
    • Woman connecting confidently to any device anywhere
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Person looking down at laptop. They are connecting and working securely
  • Blog
    • News & Product Posts
      • Latest Posts
      • Products & Services
      • Customer Focus
      • Feature Spotlight
    • Cybersecurity Posts
      • Security
      • Threats
      • Cybersecurity Threat Spotlight
      • Research
    •  
    • Register for a webinar - with illustration of connecting securely to the cloud
  • Contact Us
  • Umbrella Login
  • Cloudlock Login
  • Free Trial
Security

How to address cybersecurity challenges in the cloud era with SASE

By Lorraine Bellon
Posted on October 13, 2020
Updated on June 27, 2022

Share

FacebookTweetLinkedIn

It’s no secret – networking and security have left the building. Even before the major shift to remote working in the first half of 2020, workplaces had already made the transition to a decentralized network architecture, where computing resources are located outside the data center and most enterprise traffic is destined for public cloud services. There are more remote and roaming users than ever before, and as work moves outside the office, so does the need for secure access to enterprise applications and data. To be successful in the cloud era, IT teams need to identify a new approach to control and secure users, apps, devices, and data — anywhere and everywhere they go in the world, and no matter what apps they choose to use.

According to Enterprise Strategy Group research, 32 percent of organizations report that most of their apps are now software as a service (SaaS) based. That number is expected to increase to 60 percent within two years.1 In the past, most organizations would backhaul traffic through MPLS WAN links from remote offices back to the data center to apply security policies before sending the traffic to the public internet.

Today, that centralized approach has become impractical because of the high cost of backhauling traffic over MPLS and the resulting performance issues for both branch locations and roaming users. To overcome these cost and performance issues, some businesses are adopting a more decentralized approach to optimize performance for these users with direct internet access (DIA) paths. But this approach highlights a set of new security challenges.

Gaps in visibility and coverage

Centralized security policies can’t be effectively managed and enforced in a decentralized network. This is because most traffic from branch locations to the cloud and internet doesn’t cross a centralized policy enforcement point. This results in visibility and coverage gaps, which increase the risk of a successful breach or compliance violation.

Volume and complexity of security tools

Security teams already struggle to keep up with cybersecurity threats. Many of them have lots of point solutions that are difficult to integrate and manage. These point products generate thousands of alerts — making it very difficult, if not impossible, for analysts to keep up. As a result, many alerts go untouched.

Limited budgets and security resources

IT and security budgets are already constrained. Deploying multiple, costly point security solutions — such as firewalls, secure web gateways (SWGs), intrusion detection and prevention systems (IDS and IPS), and data loss prevention (DLP) — to multiple locations and remotely managing these solutions with limited security resources is both impractical and ineffective.

Introducing secure access service edge (SASE)

In its August 2019 report, The Future of Network Security Is in the Cloud, Gartner defined the secure access service edge (SASE) concept as “an emerging offering combining comprehensive [wide area network] capabilities with comprehensive network security functions (such as SWG, [cloud access security broker], [firewall as a service] and [zero trust network access]) to support the dynamic secure access needs of digital enterprises.”2

The SASE concept consolidates numerous networking and security capabilities and functions — traditionally delivered in multiple, siloed point solutions — in a single, fully-integrated cloud-native platform. This approach delivers some key benefits that are critical for organizations that need to address the modern networking and security challenges of an increasingly cloud-first, distributed, mobile, and global workforce.

Example illustration of Secure Access Service Edge (SASE)


Here are four key characteristics of digitally transformed organizations that are laying the groundwork for this new concept:

Identity-centric

Gartner suggests that “digital business transformation inverts network and security service design patterns, shifting the focal point to the identity of the user and/or device — not the data center.”3

Cloud-native

Gartner describes modern digital enterprises as having “[m]ore sensitive data located outside of the enterprise data center in cloud services than inside” and “[m]ore user traffic destined for public cloud services than to the enterprise data center.”4

Edge computing

To support the SASE concept, Gartner describes a “worldwide fabric/mesh of network and network security capabilities that can be applied when and where needed to connect entities to the networked capabilities they need access to.”5

Globally distributed

Gartner describes the need for an “intelligent switchboard” where “identities are connected to networked capabilities via the SASE vendor’s worldwide fabric of secure access capabilities.”6

Start your SASE journey

Remember: SASE isn’t a product, a company, or a solution. It’s a broad concept that invites you to think differently about how networking and security work together in the cloud era. Two major SASE concepts are consolidation and simplification, so it makes sense to chart a course that includes both networking and security elements from a single vendor.

Secure access service edge - SASE for dummies ebook cover Cisco Umbrella Blog

Are you feeling overwhelmed? Start here to learn more about the SASE concept and how it works, and you can request your free copy of our new ebook, Secure Access Service Edge (SASE) for Dummies. In this ebook, you’ll learn about the benefits of software-defined wide area networking (SD-WAN) and how it can lower your networking service costs and improve performance. You’ll also learn about the best way to secure new traffic flows with cloud-delivered security.

What are you waiting for? If you missed our earlier posts about how networking and security have evolved, you can catch up on your reading with the links below.

  • Top 10 networking and security trends and challenges
  • How networking and cloud security solutions have evolved to connect and protect users everywhere

1 Enterprise Strategy Group, The Rise of Direct Internet Access, 2018
2 Gartner, The Future of Network Security is in the Cloud, 2019
3 Gartner, The Future of Network Security is in the Cloud, 2019
4 Gartner, The Future of Network Security is in the Cloud, 2019
5 Gartner, The Future of Network Security is in the Cloud, 2019
6 Gartner, The Future of Network Security is in the Cloud, 2019

Previous Post:

Previous Article

Next Post:

Next Article

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Global Cloud Architecture
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Umbrella
  • Cisco Umbrella Blog

Learn more

  • Webinars
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2023 Cisco Umbrella