Everything’s coming together for Sophos SASE
Credit to Author: Doug Aamoth| Date: Mon, 27 Jun 2022 11:00:53 +0000
Increasingly, secure access service edge (SASE) looks like the future of cybersecurity. As point solutions start to converge and share their data, applying security policies in a smart, unified way can save time, simplify workloads, and shore up configuration gaps.
Here at Sophos, this has been clear to us for some time. We’ve been working behind the scenes for a number of years to align our products around a common vision and approach.
As a result, our SASE capabilities will be seamless when they arrive. They’ll be unique from anything else you might see in the market, and you’ll be able to leverage them using the Sophos technologies you already know and love.
What is SASE?
According to Gartner, SASE combines network security functions with wide area networking (WAN) capabilities so organizations can deliver access dynamically, in a secure way.
It’s “a new package of technologies… with the ability to identify sensitive data or malware and the ability to decrypt content at line speed, with continuous monitoring of sessions for risk and trust levels.”
Because SASE integrates network functions like software defined wide area networking (SD-WAN) with both on-premises and cloud-based security into a single system, you can seamlessly implement policies across your entire estate. That saves you time and money on setup and management while delivering a consistent, secure experience.
Importantly, SASE is intelligent about how and where it applies your policies. It will assess whether your devices and applications need private access, or whether to enforce zero trust network access (ZTNA) in the cloud. This gives you the security you need, where and when you need it—increasing performance and reducing bandwidth costs and latency.
What SASE looks like today
Here’s the clever part. The functions that will become the core of Sophos’s SASE capability are largely already built into the tools you use today.
In Sophos Central, we have a central management point that acts as a unified data plane, ensuring consistency and compatibility, with shared building blocks. We don’t need to make our products work together; they’re already made that way.
And we use containerization to build our products, so extra features and upgrades, such as SASE capabilities, can be configured in an extra module and slotted in seamlessly, without downtime.
That may seem like a small thing. But when you are ready to move to SASE, it’ll make all the difference. You won’t need to learn another new technology; just connect the tools you know. And—as you’ve come to expect from Sophos—it’ll just work.
The Sophos difference
When you use Sophos SASE, you’ll feel the difference in three important ways:
Products built with convergence in mind
With Sophos, everything is designed within the same platform, from the same building blocks, delivering a unified, consistent experience across your whole security ecosystem.
We’re not trying to take a bunch of disconnected security solutions and bolt them together—so each part of the system works slightly differently, and every update risks a problem elsewhere.
Instead, every aspect will feel the same, making the experience easy, consistent, and intuitive everywhere—for your IT team and your users—which is the point of SASE in the first place.
Centralized data lake for effective threat response
Our SASE solution will draw on our existing expertise in storing and analyzing firewall log data in a centralized data lake. That’s a powerful resource for SecOps professionals—whether yours or ours.
New threats emerge every day, so by keeping your log data for 30 days, you can backtrack to see if any newly discovered forms of attack have affected your organization.
Again, this is already built into our tools. The number of Sophos Firewalls connected to our data lake has more than doubled in the last 12 months, while our Central Firewall Reporting gives almost limitless processing potential.
And because Sophos offers 24/7 threat hunting and remediation services, you know there’s always a team of full-time security experts just a call away, looking at exactly the same data you are.
Smooth, painless activation
We build our network protection solutions using containerized microservices—so they’re easy to adapt and upgrade. When we change one aspect or policy, it’s applied seamlessly across your whole ecosystem.
In the short term, that means you don’t need to replace your solutions to take advantage of SASE. And in the future, you can scale quickly in the cloud, and easily tune your system to match your organization’s evolving needs.
Whether you’re ready to make the move soon or need more time, you can be safe in the knowledge that our products are adaptable—and ready when you are.
Sophos is your partner for the future
Security solutions are converging, and fast. But, as with all new technology, it can take time to feel comfortable making the switch. So it’s good to know the Sophos solutions you use today don’t have a limited shelf life. They are future-proof and ready for SASE when you are.
Learn more about our SASE strategy and suite of products, available today and coming soon. If you’re eager to get going, watch for our upcoming early access programs, coming soon for new products like our Cloud Native Firewall, ZTNA-as-a-Service, and Cloud Web Gateway.