Credit: iStock By: Nav Chander, Head of Service Provider SD-WAN/SASE Product Marketing. This is part 3 of a 3-part blog series on SD-WAN, Secure Service Edge (SSE), and multi-cloud networking (MCN), where we will highlight how these 3 technology areas are analogous to 3 different musical instruments that can be played separately but combined, are better together. The first two blogs focused on MCN and SD-WAN, and this blog focuses on SSE technology. Feel free to check out Part 1 and Part 2. So, let’s go ahead and discuss our third instrument the saxophone, an instrument which will symbolize SSE, an important foundation of a SASE architecture defined by Gartner and that supports secure connectivity and high performance for business applications. SSE is the part of SASE that encompasses the technologies that govern secure access to and user control of capabilities and resources within the SASE environment. Gartner has defined SSE is a set of cloud-based security capabilities for building a modern enterprise with Zero Trust principles that combine to protect and secure end users and applications. So, let’s examine the three SSE technologies core to any SSE deployment. Those include zero trust network access (ZTNA), secure web gateway (SWG), cloud access security brokers (CASB). The make-up of the SSE can vary by the extent of technologies used, though ZTNA, SWG, and CASB are widely viewed as the table stakes for any SSE. ZTNA is a cloud-based method for connecting remote or hybrid workers through the cloud directly to the applications and resources they need based on proof of identity, and with contextual access policies applied to each user identity. Users can only access what they are approved to access. SWG moves the capabilities of physical appliances into the cloud and pushes them to devices. It filters and blocks URLs as needed, provides SSL inspection, and blocks data exfiltration from malware and ransomware. CASB: CASBs are cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Secure access is a key element of an SSE architecture. Access privileges are enforced by policies based on user identities. Other pieces of information that inform policies include the location the user or group’s traffic is coming from, the time of day, the risk/trust assessment of the user’s device, and the sensitivity of the application or data being accessed. The macro driver for SASE and SSE is the cloud-based approach to securing a WAN. Instead of having the network centered around the organization’s central private data center, SSE and SASE puts the cloud at the center of the network. With the emergence of hybrid work environments, users connect from anywhere and from any device, accessing business applications and sensitive data directly in the cloud. As the traditional security perimeter continues to dissolve, security functions must also move to the cloud. SSE enables organizations to apply consistent security from the cloud and secure access to applications spread across multiple clouds, data centers, and software-as-a-service applications. So how does SSE relate to our saxophone instrument? Well, saxophones were designed in the late 1800s to combine the best qualities of brass instruments, such as the trumpet or trombone, with traditional woodwind instruments, such as the clarinet or oboe. This is like SSE which has evolved from combining existing security technologies ZTNA, CASB and SWG. and just like our saxophone, which produce a unique and modern sound quality evolving from traditional instruments, it makes it easier to have a wide range of musical tones. Similarly, an advanced, cloud-native, cloud-based HPE Aruba Networking SSE platform is modernizing the existing security technologies to make it easier to manage the increasing complexity of cloud and IoT based applications and devices. There are also 4 different types of saxophones (soprano, alto, tenor, baritone) in pitch order from highest to lowest. This analogy is like SSE where there are different approaches to SSE. A modern and robust SSE platform, such as the HPE Aruba Networking SSE, incorporates the following capabilities to ensure a secure, agile, and streamlined network and security infrastructure. SSE platform requirements include: Cloud-native architecture: Inherently cloud-native, designed to leverage the scalability, elasticity, and agility of cloud environments. Global edges: A distributed architecture, which entails having on ramps close to the users across various geographical locations. Zero Trust security model: Adhere to a Zero Trust security model, wherein trust is never assumed based only on location. Granular segmentation: Support for fine-grained segmentation, enabling the segmentation of network traffic into smaller, isolated segments. Application-aware security: The ability to provide granular security policies based on application-level insights is crucial. User-centric Policies: Enable the creation of policies that are user-centric, accommodating the dynamic nature of modern work environments. Comprehensive Analytics and Visibility: Support real-time insights into traffic patterns, user behavior, and threat detection, facilitating proactive responses. Integrated Threat Intelligence: Integrate threat intelligence feeds and advanced threat detection mechanisms to identify and thwart emerging security threats in real-time. When it comes to saxophones, there are premium brands such as Yamaha or Selmer that professional musicians choose because of they have excellent tone quality, intonation, response, durability and the most expensive and are made using the best materials. They also contain the most craftsmanship and are equipped with extra features not included on other less expensive models. Similarly, like the professional saxophones, HPE Aruba Networking SSE is an advanced SSE platform that provides a secure network foundation for Zero Trust and SASE. It includes a first-class ZTNA paired with a next-generation SWG, cloud native CASB all managed from a single pane of glass management platform. Carefully selecting your saxophone is like choosing an SSE platform. Consider what a unified SASE platform with an advanced SSE platform and an advanced SD-WAN platform can do for securing your business applications and devices across all networks. A unified SASE is similar to a music ensemble comprised of our piano, high-end guitar and professional saxophone synchronized to produce excellent music quality. Before you purchase a saxophone, you would try it out to see how it sounds, so why not take a test drive of HPE Aruba Networking SSE? Related content brandpost Sponsored by HPE Aruba Networking Introducing Wi-Fi 7 access points that deliver more Achieve enhanced secure connectivity, maximized performance, increased IoT and location capabilities, and even more data processing at the edge with the new 700 Series Wi-Fi 7 access points. By Tanya O'Hara Apr 24, 2024 6 mins Wi-Fi brandpost Sponsored by HPE Aruba Networking Harnessing the power of the AI/5G inflection point Enterprises and telco operators are preparing their networks for profound innovations to come. By David Stark, Vice President and General Manager, Telco Solutions, HPE Aruba Networking Apr 16, 2024 7 mins Artificial Intelligence brandpost Sponsored by HPE Aruba Networking Leader in GigaOm Radar SASE report for single-vendor SASE By Nav Chander, Senior Product Marketing Manager, SASE & SD-WAN Apr 15, 2024 5 mins SASE brandpost Sponsored by HPE Aruba Networking Empower your network to work smarter, not harder Unleash the power of a security-first, AI-powered network to accelerate line of business outcomes and elevate end-user and IT experiences. By Dave Chen, Head of Campus Switching Product Marketing Apr 03, 2024 3 mins Networking PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe