Explore The Key Components of SASE

Secure Access Service Edge (SASE) is a cloud-native solution that integrates several networking and security functions into a single offering. SASE simplifies management, improves efficiency, and enables organizations to optimize network performance and security.

SASEソリューションの詳細はこちら SASEデータシートをダウンロード

The Core Components of SASE

SASE combines various IT functions into a single solution. Some of the key capabilities of SASE include:

User Access and Security Services

SASE’s integrated ZTNA offers secure remote access to corporate resources. It’s built around the zero trust security model, which requires strong authentication and explicit verification of all access requests.

When a user attempts to access a corporate application or other IT resource, the SASE solution evaluates the request based on access controls and the privileges assigned to the user. Only if the requestor is authorized to use the resource will their traffic be routed to its intended destination.

This architecture provides organizations with greater visibility into their network usage and extremely granular control over access to corporate apps.

Network Security Services

Some corporate network security features that SASE typically offers include:

  • Firewall as a Service (FWaaS): FWaaS offers firewall capabilities as a cloud-native, service-based offering. With FWaaS, organizations flexibly and scalably secure on-prem and cloud-based assets.
  • 侵入防止システム (IPS): An IPS can be deployed at the network or host level and can identify and block attempted intrusions. Network IPS provides protection against distributed denial-of-service (DDoS), credential stuffing, and other network-level attacks.
  • Threat Intelligence and Advanced Threat Protection: SASE solutions can be configured to ingest threat intelligence feeds. These fuel advanced threat prevention capabilities and enable them to block novel and evolving cybersecurity threats.
  • DNS Security: DNS queries provide hints regarding the websites that remote users or malware are attempting to contact. By blocking or revising responses for malicious domains, SASE solutions can prevent visits to malicious or inappropriate sites.
  • Network Traffic Filtering and Monitoring: CASB enables inspection and filtering of web traffic. This inspection can be used to identify and block malicious content and to enforce corporate security and acceptable use policies.

Cloud Connectivity and Security

SASE solutions are hosted in the cloud environments and incorporate the following features:

  • Cloud Access Security Brokers (CASB): CASB acts as an intermediary and enforcement point for traffic to SaaS applications and other cloud assets. CASB can be used to implement cloud access controls and enforce corporate security policies.
  • Cloud-Delivered Security Stack: SASE is a cloud-native solution that integrates various security functions. This cloud-based deployment model means that SASE’s protection can easily be extended to cloud-based apps without negatively impacting performance and the user experience.

Intelligent Routing and Traffic Optimization

SASE includes SD-WAN and other traffic optimization features to provide the following:

  • Intelligent Routing: SD-WAN monitors the current health of network links and routes traffic over the best available medium, optimizing network performance and user experience.
  • Granular Visibility and Control: All network traffic passes through a SASE appliance, which has deep application visibility and control. This provides you with insight into WAN traffic and the ability to implement very granular controls.
  • サービス品質 (QoS): SASE has traffic visibility and can understand and identify various types of application traffic. Organizations can implement QoS policies and prioritization to ensure the performance of important and latency-sensitive traffic.
  • Dynamic Policy Enforcement: SASE solutions have in-depth visibility into application traffic and the usage of the corporate WAN. This enables you to intelligently update security policies based on context, including user and device identity, location, and more.

Comprehensive Visibility and Management

SASE completely integrates a range of networking and security capabilities within a single solution. This enables analysts to use a single dashboard for various tasks, such as:

  • Security Policy Management: Security policies for various functions are all managed within a single dashboard. This simplifies the process of defining, monitoring, and updating policies across the corporate WAN.
  • Digital Experience Monitoring: All WAN traffic passes through SASE appliances, offering them comprehensive visibility into network usage. Organizations can leverage this visibility to collect user insights to support IT and security operations.
  • Continuous Monitoring: Security and networking integration enable continuous monitoring within the SASE platform, which supports corporate cyber defenses and regulatory compliance efforts.

SASE Deployment with Harmony SASE

Check Point Harmony SASE offers integrated, cloud-based security with industry-leading threat prevention capabilities.

To learn more about deploying SASE in your organization with Harmony SASE, check out this reference guide.

×
  フィードバック
このWebサイトは、機能性と分析およびマーケティングの目的でCookieを使用しています。Webサイトを引き続きご利用いただくことで、Cookieの使用に同意したことになります。詳細については、Cookieに関する通知をお読みください。
OK