Why does Solutel recommend implementing the SASE model in cloud security?
Why does Solutel recommend implementing the SASE model in cloud security?We all know that the pandemic has forced millions of people to work from home. Thanks to broadband Internet access in homes, corporate VPNs and collaboration tools, we have been able to continue many of our businesses. Users have been able to perform their work effectively from home. This situation has not been easy for many IT departments. IT has had to deploy and support users to enable remote work and the level of difficulty has depended on the network and service architecture model that organizations had defined at that time. This is where the SASE concept in cloud security benefits companies.
SASE ConceptFirst we define "Secure Access Service Edge" ( SASE ). It is a concept described by Gartner in a 2019 report that promises to be the pillars of cybersecurity. It is basically a combination of security services delivered through the cloud. SASE is about taking the security perimeter built around our company to the cloud. What do we get with this? Bring security to everything and everyone. Give security to all users, give security to all applications and that can be managed from anywhere. With this approach, it allows companies to apply secure access policies no matter where their users, applications or devices are located. The SASE architecture is a cloud-native platform, providing the enterprise with security processing that was previously done on corporate premises. With this architecture each location runs an SD-WAN appliance that carries traffic to the SASE cloud. This traffic is then sent to a local point of presence (POP), where it is analyzed and processed until it is so secure that it can be forwarded to its final destination. The SASE architecture thus blocks potential malware attacks and lateral attacks, making life more difficult for cybercriminals seeking to insert malicious code into corporate networks. The benefits of this model are many, chief among them is end-to-end security. From the server to the end user, the entire infrastructure is protected against threats that are becoming increasingly plural and diversified. This also facilitates the identification and correction of eventual specific gaps in the infrastructure, something that cannot be done in a service without this degree of flexibility.
CISCO SASE ProductsUmbrella's Secure Internet Gateway (SIG) where all security services are integrated into a single cloud-native software stack. These services include: 1) Cisco SD-WAN for routing and other network functions that Umbrella uses. As previously indicated, the POPs in this case are the nodes at the edge of the network where the SASE services are processed. Cisco has scaled the POPs configured for Umbrella to more effectively manage traffic to the SIG and to firewalls. 2) Domain Name System (DNS) Security: Umbrella's DNS security element provides businesses with all the visibility they need into cloud applications and how their employees use them. 3) A Full Proxy Secure Web Gateway (SWG): Scans and neutralizes malware in all files that are uploaded and downloaded to and from the cloud. 4) A firewall that runs in the cloud: Allows visibility of the traffic that passes through both the corporate network and the Internet through all ports and protocols at layer 3 and layer 4. 5) DUO and Zero Trust Access: Zero Trust is a security approach that considers all traffic and all traffic sources as suspicious by default. Cisco Umbrella is integrated with Duo Security's Zero Trust technology.
How does CISCO's SASE security model help businesses?
- By reducing costs and complexity, using a single platform reduces IT costs and resources and minimizes the number of security products.
- Providing centralized orchestration and optimization of applications in real time. Increasing the effectiveness of security personnel and the network.
- Helping to ensure seamless access for users.
- Enabling more secure mobile and remote access.
- Restricting access based on user identity, device, and application.
- Improving security by applying a consistent policy.
Other advantages offered by the SASE model:
- Flexibility: You can offer security services such as threat prevention, web filtering, DNS security, credential theft prevention, data loss prevention, next-generation firewall policies, and more.
- Higher performance: Easily connect anywhere your resources are.
- Zero Trust – Full session protection, regardless of whether a user is inside or outside the corporate network.
- Threat Prevention: Comprehensive content inspection built in.
- Data protection: prevent unauthorized access and abuse of sensitive data.
Share this post
In today's hyper-connected world, data is everywhere and all organizations rely on it to manage their business and make critical decisions every day. Factor in the acceleration and adoption of generative AI, expanding threat surfaces and multiple cloud environments, and you create a level of complexity unlike anything organizations have faced....
With unique visibility across the network and endpoints, Cisco XDR Extended Detection and Response simplifies security operations and prioritizes and corrects incidents more efficiently. San Francisco (RSA Conference), April 25, 2023. - Cisco has presented during the RSA event its new Extended Detection and Response (XDR) solution and advanced features for...
The 3100 Series firewalls are designed to make hybrid work and zero trust practical. They support more remote users and increase VPN performance. Clustering and the flexibility of high port density allow the firewall to grow with you, ensuring a solid return on investment. The Cisco Secure Firewall 3100 Series is...
The objective of many companies in terms of cybersecurity is to improve their response capacity and to be prepared for current threats in various areas of Spanish society, including measures and actions for protection, training and awareness of companies. In relation to this, INCIBE y Cisco have signed a collaboration agreement...