Blog

Effective SSE = ZTNA + CASB + SWG + NG DPI

What is SSE and how does Next Gen DPI make it more effective?

 

SD-WAN

SD-WAN was a starting point for cloud-based networking and security. It stands for Software Defined Wide Area Networking and is since 2015 gradually replacing Virtual Private Networks (VPNs) based on Multiprotocol Label Switching (MPLS) for enterprise connectivity. A typical SD-WAN solution includes traffic optimization, security and reporting functions.

SASE = SD-WAN + ZTNA + CASB + SWG

In 2019, Gartner analysts coined the term SASE, or Secure Access Service Edge, to describe the cloud-centric security capabilities that facilitates safe access to websites, software-as-a-service (SaaS) applications and private applications.

SASE (pronounced sassy) is the combination of SD-WAN and 3 key cloud security functions:

  • Zero Trust Network Access (ZTNA) to access remote private apps
  • Cloud Access Security Broker (CASB) to access SaaS and cloud apps
  • Secure Web Gateway (SWG) to access to the Internet

Note that some SASE vendors also include in Data Loss Prevent (DLP), Next Generation Cloud Firewall (NG CFW), Web Application Firewall (WAF), and/or Intrusion Detection/Prevention (IDS/IPS).

SSE = SASE – SD-WAN = ZTNA + CASB + SWG

In many cases, SD-WAN connectivity, the “A” (Access) in SASE, is not needed, which gives us “Secure Service Edge” or SSE, as a combination of ZTNA, CASB and SWG.

The SSE Model

 

NG DPI = Real-time traffic visibility

Whatever the acronym, cloud-based security solutions all need detailed, real-time traffic visibility to classify traffic for network operations, policy control, and detection of malicious activity.

This visibility is provided by embedded Next Gen Deep Packet Inspection (NG DPI). NG DPI goes beyond traditional DPI, adding specifically developed techniques to meet three important challenges:

  1. The rise of encrypted traffic, which impacts the essential visibility required to properly manage and secure networks,
  2. The emergence of advanced, complex cyberattacks perpetrated by sophisticated criminal actors and nation-states, and
  3. The shift to cloud-based solutions, with significantly higher performance and scalability requirements.

NG DPI meets these challenges with these distinguishing capabilities:

  • Encrypted Traffic Classification (ETC)
  • Detection of anomalous & evasive traffic
  • Advanced first packet processing
  • Extended protocol & application signatures
  • Cloud-scale performance

NG DPI is particularly important for effective SSE. To find out more about embedding NG DPI into SSE solutions, I encourage you to download our technical white paper: How SSE Leaders Use Next Generation DPI for Market Success.

Share this post

Related insights

AI in Cybersecurity: Survey Highlights and the Key Role of Network Traffic Intelligence

AI in Cybersecurity: Survey Highlights and the Key Role of Network Traffic Intelligence

Read more

Tags: AI , Cybersecurity , Intrusion Detection , Qosmos ixEngine , Security , Threat Detection , Traffic Intelligence

Join AI experts from Arista Networks, Enea AB and Zscaler for Webinar: Get Ready for the AI Revolution! Fears, Hopes and Plans for AI in Cybersecurity.

On-Demand Webinar: Get Ready for the AI Revolution! Fears, Hopes and Plans for AI in Cybersecurity

Read more

Tags: AI , Cloud Security , Cybersecurity , Deep Packet Inspection , Intrusion Detection , Security , Threat Detection

Four Pragmatic Ways AI is Already Improving Zero Trust Network Access

Four Pragmatic Ways AI is Already Improving Zero Trust Network Access

Read more

Tags: AI , Cloud Security , Cybersecurity , Deep Packet Inspection , Traffic Intelligence , ZTNA

Parents Want Network Safeguards For Their Kids Online

Read more

Tags: 5G , Deep Packet Inspection , DPI Filter

Artificial Intelligence (AI) in Cybersecurity

Read more

Tags: AI , Cybersecurity , Deep Packet Inspection , Intrusion Detection , Security , Threat Detection