Avatar

Technology advances are meant to improve our lives, from better protection to faster connections to simplifying and streamlining processes for better efficiency. But with every new advancement and innovative framework there seems to come a new acronym to keep track of in the already crowded space of cybersecurity tech terms. C2. CSIR. SASE. And now, Security Service Edge, or SSE.

What is SSE?

Cloud adoption, distributed workforces, and threats have been on the rise for years, and the impact of COVID-19 has heightened the urgency to adopt new ways to simplify and scale security. Simply put, secure service edge (SSE) technologies help organizations support workers anywhere and anytime, using a cloud-centric approach for the enforcement of security policy so that their data and devices are protected.

SSE was listed as one of Gartner’s “4 Must-Have Technologies That Made the Gartner Hype Cycle for Cloud Security, 2021.” With their prediction that public cloud deployments will outnumber private data center workloads by the end of this year came their suggestion regarding how organizations can enable secure access to the web, cloud-based security services, and access to cloud-native applications.

SSE, then, includes offerings that can reduce complexity and improve user experience by consolidating multiple disparate security capabilities and delivering them from the cloud. This includes secure web gateways (SWGs), cloud access security brokers (CASBs), zero-trust network access (ZTNA), remote browser isolation (RBI), and firewall as a service (FWaaS), all from a single vendor.

What is the relationship between SSE and SASE?

The “secure edge” conversation was kicked off, officially, in 2019 by Gartner. They noted that modern network and security design was “shifting the focal point to the identity of the user and/or device — not the data center. Security and risk management leaders need a converged cloud-delivered secure access service edge to address this shift.” And this converged model of networking and security they dubbed Secure Access Service Edge, or SASE.

SASE converges formerly disparate security functions into one cloud-delivered platform and integrates SD-WAN networking capabilities. The promise of a SASE architecture is joined networking and security functionality in an as-a-service model. SSE, then, can be viewed as the “security side” of SASE – a subset of the entire SASE structure that focuses on cloud-delivered security capability.

By now, most in the networking and security space have heard about the benefits and promises of a full SASE approach.

  • Networking and security: SASE converges formerly disparate security functions into one cloud-delivered platform, but also integrates networking capabilities. The future vision of all SASE architecture is to deliver the joined networking and security functionality in an as-a-service model.
  • Secure corporate connectivity: SSE shares SWG, CASB, NGFW, and zero trust network access (ZTNA) security capabilities with the SASE model, but SASE includes cloud-delivered networking with SD-WAN, to connect data centers, branches, campuses, and colocation facilities and improve network speed, security, and efficiency.
  • Enables modern digital business transformation: SASE helps organizations more readily transition to work from anywhere models and implement more consistent security while maintaining a high level of end-user performance.

So, if SASE is the future vision for networking and security, why did Gartner add a separate, but similar, technology category into the cybersecurity landscape in 2021 when they had already defined SASE in 2019?

Perhaps  because of the adoption curve. Because a SASE architecture combines both networking and security functionality, a full SASE approach requires a coordinated and cohesive approach across both network security and networking teams. Plus, there’s often regulatory requirements in play that drive continued on-premises deployment. For most businesses, SASE is a journey that takes time and resources to fully implement.

Cisco and SSE

Cisco Secure, already securing 100% of the Fortune 100, is an experienced and trusted partner, with a complete and flexible SASE and SSE solution to meet customers wherever they are along their journey.  While connectivity and security are two sides of the same coin, for organizations not yet ready for widespread adoption of SD-WAN, an SSE -first approach may make the most sense in the near-term.

Cisco’s unique vantage point of being a proven leader across security and networking enables us to execute on a vision that is bigger than the sum of its parts. This means that we can address specific SSE gaps with cohesive cloud-managed and aaS solutions, with more integrated capabilities. This also includes observability, a key element to deliver a fully-realized SASE experience. With ThousandEyes, Cisco gives complete visibility from the user to the application over any network and cloud so you can quickly identify, remediate, or escalate issues. Plus, unlike most SSE vendors, Cisco has a range of SD-WAN capabilities for both “Lean IT” and large enterprise that plan to integrate cloud-delivered networking over time.

Cisco Umbrella, the heart of Cisco’s SASE has a global cloud architecture that supports:

To find out more about SASE and Cisco’s SASE vision, check out our ebook SASE for Dummies.


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn



Authors

Yuval Yatskan

Senior Director of Solutions and Product Marketing

Cisco Secure Marketing