Blog

Effective SSE = ZTNA + CASB + SWG + NG DPI

What is SSE and how does Next Gen DPI make it more effective?

 

SD-WAN

SD-WAN was a starting point for cloud-based networking and security. It stands for Software Defined Wide Area Networking and is since 2015 gradually replacing Virtual Private Networks (VPNs) based on Multiprotocol Label Switching (MPLS) for enterprise connectivity. A typical SD-WAN solution includes traffic optimization, security and reporting functions.

SASE = SD-WAN + ZTNA + CASB + SWG

In 2019, Gartner analysts coined the term SASE, or Secure Access Service Edge, to describe the cloud-centric security capabilities that facilitates safe access to websites, software-as-a-service (SaaS) applications and private applications.

SASE (pronounced sassy) is the combination of SD-WAN and 3 key cloud security functions:

  • Zero Trust Network Access (ZTNA) to access remote private apps
  • Cloud Access Security Broker (CASB) to access SaaS and cloud apps
  • Secure Web Gateway (SWG) to access to the Internet

Note that some SASE vendors also include in Data Loss Prevent (DLP), Next Generation Cloud Firewall (NG CFW), Web Application Firewall (WAF), and/or Intrusion Detection/Prevention (IDS/IPS).

SSE = SASE – SD-WAN = ZTNA + CASB + SWG

In many cases, SD-WAN connectivity, the “A” (Access) in SASE, is not needed, which gives us “Secure Service Edge” or SSE, as a combination of ZTNA, CASB and SWG.

The SSE Model

 

NG DPI = Real-time traffic visibility

Whatever the acronym, cloud-based security solutions all need detailed, real-time traffic visibility to classify traffic for network operations, policy control, and detection of malicious activity.

This visibility is provided by embedded Next Gen Deep Packet Inspection (NG DPI). NG DPI goes beyond traditional DPI, adding specifically developed techniques to meet three important challenges:

  1. The rise of encrypted traffic, which impacts the essential visibility required to properly manage and secure networks,
  2. The emergence of advanced, complex cyberattacks perpetrated by sophisticated criminal actors and nation-states, and
  3. The shift to cloud-based solutions, with significantly higher performance and scalability requirements.

NG DPI meets these challenges with these distinguishing capabilities:

  • Encrypted Traffic Classification (ETC)
  • Detection of anomalous & evasive traffic
  • Advanced first packet processing
  • Extended protocol & application signatures
  • Cloud-scale performance

NG DPI is particularly important for effective SSE. To find out more about embedding NG DPI into SSE solutions, I encourage you to download our technical white paper: How SSE Leaders Use Next Generation DPI for Market Success.