While Secure Access Service Edge (SASE) has been doing the rounds in the network security conversational rounds for a long time, Security Service Edge (SSE) is ‘relatively’ newer. The security industry has been taking steps toward adopting secure access service edge (SASE), but SSE, which is derived from SASE, is the new kid on the block.
|When did Gartner coin this term?||2019||2021|
SASE is delivered as a service and enables access to systems based on the identity of a device or entity, combined with real-time context and security and compliance policies.
SASE delivers multiple converged network and security capabilities, such as SD-WAN and zero trust network access (ZTNA). It also supports branch offices, remote workers and on-premises general internet security.
|SSE secures access to the web, cloud services and private applications. Capabilities include access control, threat protection, data security, security monitoring and acceptable use control, all enforced by network and API-based integration.|
SSE is the security component of SASE that combines the security services while SASE encompasses network technologies like SD-WAN, WAN optimization, and Quality of Service. SSE typically includes the following components:
Zero Trust Network Access (ZTNA)
Cloud Access Security Brokers (CASB)
Secure Web Gateways (SW)
Firewall as a Service (FWaaS)
Data Loss Prevention (DLP)
Intrusion Prevention System (IPS)
Next-Gen Anti-Malware (NGAM)
Managed Detection & Response (MDR)
The key distinction is that SSE works as a separate segment that removes software-defined wide-area networks (SD-WAN) from the SASE framework. This allows cloud-based security products like secure web gateways (SWG), cloud access security broker (CASB), and zero trust network access (ZTNA) to take center stage in SSE. In SSE, security capabilities are given priority over network connectivity and architecture.
It’s important to know that SASE is a comprehensive framework that brings security and networking connectivity together through a cloud-centric base. SASE’s underlying cloud design enables businesses to save resources and scale performance with minimal hardware needs and it’s been a game-changer for companies dealing with remote work during the pandemic.
For instance, if your business has already invested in SD-WAN, SSE could be a more meaningful choice in the short term. On the other hand, if your company’s current setup doesn’t require SD-WAN, security might be a more pressing need, making SSE a better option. Even if you have a single regional branch or a simple branch, SSE could still be useful.
All in all, SSE may benefit a wide range of companies that need robust protection. So, security professionals can consider SSE first and can always upgrade to SASE to make the journey toward implementing SASE much smoother.