Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Diving into Secure Access Service Edge
Diving into Secure Access Service Edge

Diving into Secure Access Service Edge: A technical leadership guide to achieving success with SASE at market speed

Arrow left icon
Profile Icon Jeremiah Ginn Profile Icon Jeremiah
Arrow right icon
€18.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.7 (3 Ratings)
Paperback Nov 2022 192 pages 1st Edition
eBook
€17.99 €26.99
Paperback
€33.99
Subscription
Free Trial
Renews at €18.99p/m
Arrow left icon
Profile Icon Jeremiah Ginn Profile Icon Jeremiah
Arrow right icon
€18.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.7 (3 Ratings)
Paperback Nov 2022 192 pages 1st Edition
eBook
€17.99 €26.99
Paperback
€33.99
Subscription
Free Trial
Renews at €18.99p/m
eBook
€17.99 €26.99
Paperback
€33.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

Diving into Secure Access Service Edge

SASE Introduction

Recently coined by Gartner, Secure Access Service Edge (SASE) has been dominating Information Technology projects for both cost savings and needed pervasive security. This book provides a comprehensive foundational level understanding of what SASE is, how to leverage SASE for success, how to learn through each evolution, where to find more information, and what the future of integrated secure access solutions looks like.

We will begin this by introducing the concept of SASE for those who are still trying to clarify what SASE is or what it is not. In this chapter, we will cover how the market is defining SASE, what the actual market is for SASE, why we need to embrace SASE, and how to present SASE to your organization in a comprehensive manner.

In this chapter, we're going to cover the following main topics:

  • Define SASE—what SASE is and what SASE is not
  • Market SASE—a market evaluation of SASE
  • Value SASE—value proposition, SASE services
  • Embrace SASE—embracing the idea of a SASE framework
  • Present SASE—presenting the idea of SASE and clearing the hype cycle

Define SASE

SASE is pronounced sassy. Andrew Lerner at Gartner coined the phrase in a blog post on December 23, 2019. That post can be found at https://blogs.gartner.com/andrew-lerner/2019/12/23/say-hello-sase-secure-access-service-edge/. He explains that Software-Defined Wide Area Network (SD-WAN) needed a security package. SD-WAN effectively replaces router-based WAN solutions in a next-generation software based package.

The SD-WAN solution varies from vendor to vendor but incorporates secure data forwarding with policies that leverage application specifications to guarantee the best handling of traffic for each application. This improves the User Experience (UX) as well as the network's resilience.

We now refer to SASE as a framework. SASE leverages multiple security services into a framework approach. Not all services offered as SASE solutions are required to be compliant, but adherence to a comprehensive security framework approach is expected. Currently, there is no SASE certification; instead, most of the SASE hype comes from intense competition through effective marketing.

The idea of SASE was not far from what security consultants were already doing by integrating multiple security solutions into a stack that ensured a comprehensive, layered, secure access solution. This approach is something I was already doing for my customers in ensuring Next-Generation Firewall (NGFW), Intrusion Detection System (IDS), Intrusion Prevention System (IPS), and other necessary security solutions were a part of every SD-WAN installation. By calling it a SASE framework, the approach to a comprehensive solution somehow felt more focused than what the industry recognized as just a best security practice.

Commonly, SASE services include SD-WAN, Zero-Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), NGFW, Secure Web Gateway (SWG), unified management, and orchestration. Just what constitutes a real SASE solution varies greatly by source. Several organizations, such as the Metro Ethernet Forum (MEF), are trying to establish neutral industry standards for SASE. These standards will pave the way for a universal understanding, the ability to integrate multiple manufacturers into a solution, and a method for teaching SASE.

Most network communications and security vendors have been working to create a full SASE framework under their brand. Their marketing presents the idea that a full SASE solution from a single vendor is the way to ensure security. Current customer feedback from the Fortune 500 class of NCE link" businesses is that two to three Original Equipment Manufacturer (OEM) vendors will need to be integrated to allow for best-of-breed solutions. This provides an opportunity for a Managed Service Provider (MSP) to give orchestration across multiple platforms to achieve optimal security.

To summarize, SASE is a new, next-generation secure communications services framework that combines many different services to close previous gaps in security. In the next section, we will define the market as it pertains to SASE services and solutions.

Market SASE

In the market today, a few different manufacturers offer self-proclaimed SASE products. The potential list of services across their portfolios that may be a part of a complete SASE service could be in the dozens, depending on their market approach. Calling a service SASE does not make it so, and as there is no SASE certification for solutions at the time of writing this book, no vendor or MSP is exclusively accurate in their marketing of what is or is not SASE. The standards for SASE have not been published at this time.

Gartner started a fire with that simple blog post in 2019. Overnight, every SD-WAN solution in the market offered a path to SASE. The SASE idea itself multiplied the SD-WAN market's potential revenue of over $11 billion United States Dollars (USD) by 2028. The global secure access service edge (SASE) market size is expected to reach $11.29 billion USD by 2028, registering a CAGR of 36.4%, a ResearchAndMarkets report reveals. The source of this quotation can be found at the following link: https://www.helpnetsecurity.com/2021/08/17/sase-market-2028/.

The reality is that an $11 billion-dollar market is only the core SASE product offering for the market. Hardware, software licensing, hosting, maintenance, and support make up the core products, whereas managed services and professional services can multiply the market impact by up to 25 times the core product revenue.

Market Challenge

The market challenge for realizing revenue potential will be primarily impacted negatively by a lack of skilled labor for design, build, and deploy services. This skills gap and the operational expenses preference of most Chief Information Officer/Chief Financial Officer (CIO/CFO) strategies will drive more than 70% of the market to contract SASE as a managed services offering. In the market, there is a trend of up to 78% of SD-WAN contracts leveraging managed services as opposed to utilizing in-house engineering teams. The primary reason for this change is not tied to SASE as CIO and CFO focus has been to rely on technical services as Operating Expense (OPEX) as opposed to Capital Expense (CAPEX). OPEX has been the goal for what is considered by an organization as non-business value cost. Generally, the CIO direction of the largest organizations is to convert operational support staff costs in order to leverage the cost savings on Software Development combined with IT Operations (DevOps) staff costs, which can offer a business Return On Investment (ROI). Support teams are a cost center, whereas the DevOps team can provide the potential to be a profit center to the company.

The complexity of SASE services is driving the need for technology engineering careers to move to a continual learning path. The time has passed where an engineer could rest on traditional education or certification paths. Traditional academic education can provide perspective, historical knowledge, foundational knowledge, and soft skills required for functioning in an organizational environment, whereas industry and manufacturing certifications provide core technical knowledge for functional understanding in a vertical role within an organization. Both educational methods are beneficial for building a foundational understanding of a skill set and both are effective filters when recruiting for a specific role. Unfortunately, neither can move at a market pace, which is today at an average of three DevOps or Software Development combined with Security and IT Operations (DevSecOps) sprint cycles from being out of date and ineffective.

Software development follows a continual improvement path, and so must its practitioners. The goal of the DevOps mentality is to leverage iterative development in a modular fashion as opposed to legacy, ground-up development and Go-To-Market (GTM) practices. DevOps practitioners continually develop, improve, and release. Scrum sprint cycles vary by organization, but an average of 2 weeks can be used as a model to understand the phases of development. New network and security software releases are no longer tied to hardware releases as they can function as a Virtual Machine (VM), Virtual Network (VNet) function, cloud-native function, application, or service independent of a platform. The entire GTM process could be as little as one Scrum sprint cycle or 2 weeks. Network and security practitioners operate on a New -1 ( N-1) basis, N-1+validated, or wait for a triggering event to validate a new software release. The market average for consumption of new software releases is moving to an average of three sub-versions of code, which could average 6 weeks between the last production upgrade of software and the next production upgrade.

The market has been slow to admit that network or security engineering is no longer a discrete skill set from software development. In fact, SASE services will receive major software updates every 2 to 6 weeks, depending on the development cycle or security issues with each independent SASE service within the overall solution. Minor updates may occur in real time. Education for engineering teams must align with software release cycles.

In summary, the market's perception of SASE varies according to the beholder's skill set. As a result of rapid product development, the market for SASE is likely to grow exponentially, creating the issue of rapid evolution that needs to be managed. The next section clarifies the value proposition of a SASE framework for secure communication solutions.

Value SASE

Effective security is inherently valuable, but how do we accurately estimate that value? How do we quantify the value of a solution for an unknown risk impact? Former President of the US, Ronald Reagan, was quoted as saying: "Information is the oxygen of the modern time. It seeps through the walls topped by barbed wire; it wafts across the electrified borders." If information is oxygen, what is the accurate value of oxygen to human life? Effective security pays for itself in reducing risk, liability, and loss of unknown quantities by protecting that oxygen or—in this case—non-public information.

To evaluate SASE in a value proposition or ROI, the investment should be first quantified. Steven Ross, Executive Principal of Risk Masters Inc., points to the Return on Security Investment (ROSI), which is a calculable assessment as a way of identifying the monetary value of the security investment. This may be important to the CFO or investors as a model for understanding financially the inherent value of secure IT investments. More information can be found at the following link: https://www.isaca.org/resources/isaca-journal/past-issues/2011/what-is-the-value-of-security#1.

Without effective security solutions, an organization will cease to achieve a primary ROI for time and capital invested. A recommended value proposition for security is the ability to conduct, without obstruction, the primary business of the organization on whose behalf the secure solution is employed. SASE provides cost-effective security and builds value by reducing inefficiencies in previously developed generations of secure communications. Cost reductions can be achieved by reducing labor, time, capital, focus, outages, performance issues, and educational requirements for staff members trying to build their own perfect technology. Simply speaking, the investment required to develop secure technology solutions in-house with homegrown or best-of-breed market solutions has been providing a negative ROI, which has driven the market to leverage an MSP that specializes in a specific technology. This method also allows for the transfer of liability to the MSP, which provides some relief for executives not choosing to develop their own secure communications solution in-house.

Leveraging SASE with SD-WAN prepares networking and security solutions for a future of automated and secure IT provisioning with real-time operations remediation. To eliminate the inefficiencies that every network has experienced, the solution starts with abstracted components and the disaggregation of data and control-plane activity (separating components). By leveraging a deconstructive process, smaller changes may be made, reducing the risk of any one change causing a major impact to secure network communications. The smaller the change, the quicker the change can provide business value. The target process is analogous to a garden-pruning process that makes small changes until the overall desired effect is achieved. Unlike physical garden pruning, small changes in SASE can be reversed quickly if a negative outcome is realized. Overall, this methodology allows IT organizations to move much quickly than we could even 5 years ago, which allows us to do more with less at the pace of the market.

Orchestration allows for solutions to be templated. The orchestrator allows templates to be overlain upon any of the logical components in the overall solution or service. The creation of a template-based design offers rapid deployment across the abstracted solution. An additional benefit of orchestration is that template continuity may be enforced by the orchestrator and any variance in behavior be reported to security operations systems for tracking and mitigation. This process allows the achievement of compliance with approved network or security designs and immediately identifies violations for action.

SASE provides value in efficiencies, scale, automation, enforcement, and orchestration over similar secure communications technologies in production today. The overall value reduces the design, build, deploy, and operate labor required to keep an organization communicating securely.

Overall, the value of a SASE solution lies in its ability to reduce productivity losses caused by security risks or threats. SASE integrates independent security solutions for a holistic approach that can be automated, reducing the amount of human labor required while taming a mission that was once near impossible.

In the following section, I hope that you will learn to embrace SASE for the inherent benefits it provides to your organization.

Embrace SASE

SD-WAN adoption was extremely slow from inception and into 2021. The main reason for the slow adoption was due to a lack of education prior to intense market demand, based on inflated cost-savings estimates over Multiprotocol Label Switching (MPLS) and other legacy network types. Gartner defined the Gartner Hype Cycle as a method for evaluating when to leverage a New-to-Market (NTM) technology. In their five phases, they identify levels of understanding a shiny new market idea prior to consumption. The benefit of this approach is that it gives the perspective necessary to make an educated decision. More information is available at the following link: https://www.gartner.com/en/research/methodologies/gartner-hype-cycle.

Educated decisions require available educational material, which doesn't materialize in the market until the Trough of Disillusionment. Phase three is roughly where the lessons learned are documented and an effective curriculum is developed, allowing training to start. At the time of writing this book, the Hype Cycle for SASE is still effectively in phase one, where there is much more excitement than factual data.

The promise of SASE is tied to the value; faster, easier, more secure, more automation, and rapid deployment. Better, faster, and cheaper is the market's battle cry. A well-designed SASE can deliver on all these when paired with the right resources. The correct mindset is that security is done in layers, and the best security leverages as many layers as is productionally sound. The best security does not come from a product but through best-practice frameworks implemented correctly. The qualified resource can come from networking, security, or software backgrounds, but is the continually self-educating resource that is concerned about being right for the sake of those served, as opposed to being right for the sake of righteousness. There is no silver bullet for solving the resource/ market/skills gap; however, the right resources will self-educate perpetually, allowing themselves to be wrong in knowledge so that they can remediate their gap and their solution will be right in production.

In conclusion, SASE helps organizations reduce their ongoing labor investments in security operations after initial design and implementation. While embracing SASE will take a significant investment of time, it will provide significant returns.

The next section will provide you with an outline for a comprehensive presentation on SASE that can be tailored to your target audience.

Present SASE

Presenting SASE to executive, administrative, or technical audiences requires a framework for discussion, of which a sample is provided in the following list of items, with a key understanding of each topic that may be further detailed or placed into a slide format with speaker notes:

  1. Introduction:
    • SASE is pronounced sassy.
    • Gartner defined the term to describe what was happening in the market.
    • SASE services may include SD-WAN, ZTNA, CASB, NGFW, SWG, as well as other services.
  2. From Framework to Managed Service:
    • The SASE framework provides for the integration of solutions from multiple vendors.
    • The market is buying SASE services on a consumption basis.
    • Most organizations will leverage two to three SASE vendors and one MSP.
  3. SASE Managed Service:
    • This effective managed service offering allows for OPEX instead of CAPEX.
    • Managed services are being consumed for SASE due to rapid software development ahead of effective education for engineering or operations staff.
    • The right managed service offering provides orchestration, open Application Programming Interface (API) integration, Artificial Intelligence for IT Operations (AIOps), and multivendor seamless integration.
  4. SASE Service Stakeholders:
    • For secure, compliant, resilient, and high-performing solutions, a framework for feedback and participation in business-impacting decisions is required.
    • Stakeholders may be defined leveraging Project Management Institute-Project Management Professional (PMI-PMP) best practice.
    • Governance is required.
  5. Actors and the Managed Service:
    • SASE defines subject actors, target actors, and the role MSPs play.
    • A subscriber contracts a service for the actor's benefit.
    • The managed service must provide layers of security that account for real-time access to zero trust.
  6. Identity, Context, Situation:
    • Identity, as in who or what is authorized by the service.
    • Situation builds upon the context for the access role and further defines access.
  7. SASE Sessions:
    • Sessions are the heart of SASE and may be considered as a wrapper for network sessions.
    • Sessions incorporate application-specific policies.
    • Sessions leverage the zero-trust framework as well as SD-WAN.
  8. SASE Security:
    • Security is not a product but builds effective layers upon a secure foundation.
    • DevSecOps and DevOps necessitate production software code updates as often as every 2 weeks.
    • SASE will require integration across vendors for best-of-breed capabilities.
  9. SASE Policies:
    • Legacy firewall or router policies force specific behaviors that are not sensitive to external changes in the factors by which that policy was written.
    • Automation and orchestration allow policies to be changed based on real-time conditions.
    • Effective SASE policy considers all available data in the decision process.
  10. SASE Connectivity:
    • Most commonly, SASE connectivity will come from SD-WAN.
    • SD-WAN allows SASE to leverage quality, performance, and application-awareness tools.
    • Remote access solutions, Fifth-Generation Cellular (5G) services, satellite services, Ethernet circuits, and legacy WANs may be incorporated into SASE.
  11. SASE Services Use Csases:
    • The primary SASE use case is SD-WAN plus security.
    • SASE may be leveraged for both cloud infrastructure and applications.
    • SASE can be used to create on-demand, secure communications across any network type.
  12. Looking Forward:
    • The future is SASE, as it is possibly the last step in the pure cloud transformation journey that all organizations must take.
    • AIOps with SASE allows for consistent, reliable, secure, and on-demand application access.
    • SASE education must follow the continual learning, continual improvement path for staff.

Presenting SASE requires a balance between the past, present, and future, as well as between many independent technology focus areas. This outline provided a framework for bringing the entire audience into a SASE mindset, regardless of skill set. 

Summary

In this chapter, we've provided an overview of SASE with a definition of it, as well as the original concept that was coined by Gartner. We evaluated the market for SASE services. SASE's value was discussed, as well as the importance of embracing SASE to obtain returns on security investments. Toward the end of the chapter, we offered an outline by which SASE can be presented as a whole concept to an audience.

In the next chapter, we will be covering SASE as it relates to the Human element. We will cover the Issue, Problem, Behaviors, Solution, and Pattern of Humans in the SASE world. The SASE Human chapter will help leaders form thought leadership as it relates to their staff and SASE programs for their organization.

Left arrow icon Right arrow icon

Key benefits

  • Merge networking and security services into a single architecture to simplify network infrastructure
  • Explore how zero trust network access (ZTNA) restricts access to provide native application segmentation
  • Focus on a native, multitenant cloud architecture that scales dynamically with demand

Description

The SASE concept was coined by Gartner after seeing a pattern emerge in cloud and SD-WAN projects where full security integration was needed. The market behavior lately has sparked something like a "space race" for all technology manufacturers and cloud service providers to offer a "SASE" solution. The current training available in the market is minimal and manufacturer-oriented, with new services being released every few weeks. Professional architects and engineers trying to implement SASE need to take a manufacturer-neutral approach. This guide provides a foundation for understanding SASE, but it also has a lasting impact because it not only addresses the problems that existed at the time of publication, but also provides a continual learning approach to successfully lead in a market that evolves every few weeks. Technology teams need a tool that provides a model to keep up with new information as it becomes available and stay ahead of market hype. With this book, you’ll learn about crucial models for SASE success in designing, building, deploying, and supporting operations to ensure the most positive user experience (UX). In addition to SASE, you’ll gain insight into SD-WAN design, DevOps, zero trust, and next-generation technical education methods.

Who is this book for?

This book is for technology and security leaders and specifically for any CTO, CSO, CISO, or CIO looking for an executive approach to SASE for their organization. Anyone implementing SD-WAN, SASE, and SASE services for cloud, network, and security infrastructure will also find this book helpful.

What you will learn

  • Develop a comprehensive understanding of SASE from a market and technical perspective
  • Understand SASE services and components included in SASE solutions
  • Move logically from prescriptive design to policy-based design and orchestration
  • Understand standard SASE use cases and how to integrate future components
  • Convert from a legacy network design model to a secure DevOps model for future projects
  • Use a functional design overlay to eliminate inter-service competition for the control plane of the SASE service

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Nov 11, 2022
Length: 192 pages
Edition : 1st
Language : English
ISBN-13 : 9781803242170

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Nov 11, 2022
Length: 192 pages
Edition : 1st
Language : English
ISBN-13 : 9781803242170

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 101.97
Hybrid Cloud Security Patterns
€35.99
Diving into Secure Access Service Edge
€33.99
Ansible for Real-Life Automation
€31.99
Total 101.97 Stars icon

Table of Contents

26 Chapters
Part 1 – SASE Market Perspective Chevron down icon Chevron up icon
Chapter 1: SASE Introduction Chevron down icon Chevron up icon
Chapter 2: SASE Human Chevron down icon Chevron up icon
Chapter 3: SASE Managed Chevron down icon Chevron up icon
Chapter 4: SASE Orchestration Chevron down icon Chevron up icon
Chapter 5: SASE SD-WAN Chevron down icon Chevron up icon
Part 2 – SASE Technical Perspective Chevron down icon Chevron up icon
Chapter 6: SASE Detail Chevron down icon Chevron up icon
Chapter 7: SASE Session Chevron down icon Chevron up icon
Chapter 8: SASE Policy Chevron down icon Chevron up icon
Chapter 9: SASE Identity Chevron down icon Chevron up icon
Chapter 10: SASE Security Chevron down icon Chevron up icon
Chapter 11: SASE Services Chevron down icon Chevron up icon
Chapter 12: SASE Management Chevron down icon Chevron up icon
Part 3 – SASE Success Perspective Chevron down icon Chevron up icon
Chapter 13: SASE Stakeholders Chevron down icon Chevron up icon
Chapter 14: SASE Case Chevron down icon Chevron up icon
Chapter 15: SASE Design Chevron down icon Chevron up icon
Chapter 16: SASE Trust Chevron down icon Chevron up icon
Part 4 – SASE Bonus Perspective Chevron down icon Chevron up icon
Chapter 17: SASE Learn Chevron down icon Chevron up icon
Chapter 18: SASE DevOps Chevron down icon Chevron up icon
Chapter 19: SASE Forward Chevron down icon Chevron up icon
Chapter 20: SASE Bonus Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.7
(3 Ratings)
5 star 66.7%
4 star 33.3%
3 star 0%
2 star 0%
1 star 0%
Greg Bryan Apr 19, 2023
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Ginn manages to overcome a serious challenge, which is clearly and concisely defining what we should mean when we say SASE.As the book explains, "SASE is a new, next generation secure communications services framework that combines many different services to close previous gaps in security."SASE is not a product itself, but rather a framework made up of several products and concepts. Fortunately, Ginn is very clear in defining and explaining these separate elements.Anyone with a background in telecom or networks will come away from this book understanding what industry players mean (or should mean) when they are using these terms. He does this throughout the book—not just in the opening chapters—so that readers can jump around to relevant sections without getting lost in a sea of jargon.Ginn even breaks down definitions by relevance to the audience. For example, he shows how one might explain SASE differently to executives than to network or security IT professionals.One feature I think readers will find particularly useful is the clear listing and explanation of the various key elements or products associated with SASE—such as Cloud Access Security Brokerage, Secure Web Gateway, Firewall-as-a-Service, and the Zero Trust Framework.IT professionals cannot wrap their heads around a SASE framework until they understand what products it entails, and what individual roles those products play in a broader network security strategy.Ginn also provides a useful explanation of how SD-WAN—not generally thought of as a security product itself—is integral to most SASE deployments and outlines the logical differences between Security Service Edge services and full SASE.Ginn has distilled a complex and often confusing topic into human language that will leave any reader (at least somewhat familiar with corporate cybersecurity and networks) well-informed on the need for and process of adopting a SASE framework.The book uses thoughtful analogies and examples to clearly illustrate network security concepts. It can be read straight through, or digested in relevant chapters or sections.I would recommend that anyone in the WAN or cybersecurity business—end-user or vendor—check out this useful and thought-provoking read.Disclosure: I was provided with a review copy of this book.
Amazon Verified review Amazon
Sanjay Prajapati Nov 14, 2023
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Jeremiah has authored a masterpiece on Secure Access Secure Edge (SASE). Drawing upon my experience as a product manager and solutions architect specializing in SASE solutions, I can confidently affirm that Jeremiah is a leading thought leader in SASE design and deployment. In his book, he eloquently defines how SASE fortifies network communications from the edge to the cloud, seamlessly integrating it into the OSI model.This comprehensive guide is invaluable for both network engineers and product managers. Personally, it significantly contributed to my success in technical job interviews and provided crucial support in guiding customers on their SASE journey in single-vendor and multi-vendor SASE solutions. I highly recommend this book to anyone navigating the complexities of SASE solutions.
Amazon Verified review Amazon
Bryan Wolski Mar 31, 2023
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
The book title is pretty fitting, "Diving into Secure Access Service Edge." The author, Jeremiah Ginn, uses his decades-long experience in the IT and carrier space to help explain the technical aspects of SASE. This technical guide is aimed at IT professionals and leaders who want to understand and implement SASE. He dives right in, and it initially feels like SASE is very cumbersome and possibly hard to understand.I was initially turned off by the complexity of the SASE picture that Jeremiah was painting. He offers real-world examples throughout the book, which made it "click" for me. Jeremiah's career experience, interaction with MEF, and understanding of the carrier space skew the message to the more complex environments. Think about the complexities of rearchitecting the networking (LAN and WAN), security, DevOps, and other pieces of a Fortune 500 company. It is a serious undertaking. Jeremiah has done a good job of peeling back the onion on the planning and execution that has to happen for all these disparate systems to function in a cohesive manner.Because of the complex manner of using Best-of-Breed, point solutions in a shared context, Jeremiah suggests that only some companies have the skill set to fulfill multi-vendor SASE on their own. He references the need for and gives examples of how companies should employ Managed Service Providers to implement and manage these solutions.I like that Jeremiah takes a methodical approach to the things a company must consider when looking at a multi-vendor SASE solution. This makes sense for a writer with a carrier who also references the MEF organization and their work on SASE. These organizations are focused on making the multi-vendor solution work together and creating a standardized framework for them.If I am honest with myself, I was disappointed that the book stopped short. There needed to be more information about the emerging Single Vendor SASE solutions. Gartner, TechTarget, and others recognize the complexity of designing and implementing multi-vendor SASE and have suggested that many companies will prefer the single-vendor approach in the near future. This market has matured enough that vendors report hundreds of millions of dollars in recurring revenue, and industry analysts have released quadrants and reports. The last I checked, these reports have between 9 and 11 vendors.If you are considering a multi-vendor SASE approach, Jeremiah's book will help you brainstorm ideas and think about concepts you have not considered. It is pretty thorough in that regard. Gartner coined the term SASE in 2019, and it is clear we can't reap the changing business outcomes of the future without changing the inputs of the equation. Put another way, you can't keep the same inputs and expect different outputs.If you are a problem solver, don't mind complexity, want to understand multi-vendor SASE, and get some bonus stuff along the way, this book may be for you.If you want a "SASE For Ignoramuses" guide, this is a bit more technical and in-depth than what you are looking for, although Jeremiah's language is pretty straightforward.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.