SSE. What is it and why should I care?
The Security Service Edge (SSE) is Gartner’s specification of policy decision and enforcement as components of the Secure Access Service Edge (SASE) framework. SSE promises consolidated, simplified, cloud-delivered security and connectivity.
Architectural simplicity is always a benefit for an enterprise, especially when that simplicity minimizes technical debt and accelerates the business. But in many organizations, security is viewed as an inconvenience, an obstacle that creates bottlenecks, a gatekeeper limiting agility, or a hindrance to business success. SSE counters those stereotypes. Within an SSE environment, security offers protection and control delivered as an enabler of business progress.
Some background: Introduced in 2019, the SASE framework aims to guide enterprises through their digitalization journey, a journey driven primarily by the adoption of cloud and mobility. SASE converges network access and security, and serves both from the (highly-distributed) cloud edge (see Figure 1). In that way, SASE ensures that security is no longer centralized, and that secure connections can be made to and from anywhere.
Cybersecurity firms quickly jumped on the SASE bandwagon. Some marketers rather cynically appropriated the term for branding gain, implying the “Access” in SASE made them SASE-compliant (or competitors non-compliant): “I have a network function, therefore I am SASE; you’re not building network routes, so you’re not SASE.”.
SSE refers to the suite of SASE services used to protect enterprise traffic. SSE ensures that the correct user (or workload) receives access, securely and under enterprise IT control, to the correct applications and services. Those services might be workloads in an IaaS or PaaS, SaaS applications, or Internet services like LinkedIn or YouTube.
To deliver on these lofty objectives, an SSE solution provider must provide a global, highly-available, scalable, network-agnostic solution that offers consistent policy, zero trust access, and a fast digital experience.
The SASE ideal is to merge connectivity and protection, but in an enterprise setting, that pairing will only work if it is transparent to end user employees. Connectivity is direct, whether it’s user-to-application, application-toapplication, workload-to-workload, whatever-to-whatever. Users should never think, “Oh, I have to connect to the network before I can work.” Instead, their focus should be “I’m going to get my work done now.”
This integrated ideal simply can’t be achieved in enterprise environments dependent on legacy network and security infrastructure. In that old architectural model, security was centralized, and data traffic—regardless of location (e.g., remote or branch), regardless of source (e.g., user, app, or workload), and regardless of destination (e.g., the Internet, cloud, data center) – had to first be connected and routed via the corporate network to (and through) the physical location of the hardware appliance-based security controls.
To read full download the whitepaper:
The 7 Pitfalls To Avoid When Selecting An SSE Solution
