Today I Learnt (TIL): SASE [sæsɪ]- so what is it, how does it compare to a VPN, and should I use Tor?
- For a business, it means routing all your traffic through your corporate network.
- Good: you can filter the traffic and know who is doing what. It makes an easy additional access control.
- Bad: all that additional traffic can clog your corporate network. For the users, as all their traffic goes through the corporate network, their connection will be slower. As more and more services move to the cloud, the VPN will add delays to the connection.
- For personal users, they often rely on private VPNs like ExpressVPN, which just got bought. This might affect the privacy of the users of this VPN. After all, your ISP cannot see your traffic. But the VPN provider can see it!
So for personal users, it is important to use a secure VPN. But this is not easy to find, and will change over time! Depending on the use-case another option can be Tor, but this is difficult to set up and sometimes slow. Plus it is funded by the NSA, so most probably they get your data anyway.
SASE for Business
What is SASE? It stands for Secure access service edge:
- Secure Access – similar to a VPN, SASE secures the network traffic. It protects against interception of your internet connection by a malicious third party
- Service Edge – unlike with a VPN, not all the traffic is redirected through your corporate network
The goal is to protect and redirect the traffic depending on the destination. If it’s for a cloud service, it should go directly there. If it’s for the corporate network, it will be redirected through a secure connection (probably a VPN). An important element in SASE is the digital identity that goes along with it. This digital identity is used to add an additional authentication when connecting to the different services.
SASE is supposed to replace a number of services in the enterprise cloud with a new set of services. But there is nothing revolutionary going on, rather an evolution of existing services. Some good explanations include the one from Cloudflare and Wikipedia.
Should I use SASE?
If you’re an individual looking for a good protection for your internet connection, you will not need or be able to afford SASE. Choose a good VPN provider, set up your own VPN, or switch to Tor.
For a business with multiple locations who wants to improve connectivity for their remote teams, SASE might be an option. It delivers higher speeds than a VPN. It also handles location-to-location network setup and protection. And it is the new kid on the block. So what could go wrong?