From laptop to cloud, SASE is the answer to your security woes

Meet José, a sales manager who’s always on the road. His calendar is a blur of client engagements and catching up on work in between meetings.  

For years, this was easy enough. Fire up the laptop, use the guest Wi-Fi at the client’s office (or in the airport lounge or hotel), connect to the corporate virtual private network (VPN), and all the files, dashboards and tools were there.

But then the company exploded in size. More employees were working from coffee shops and home offices all around the world. The VPN started groaning under the pressure. Pages took forever to load, and dropped connections became the norm.

Even worse, the old security setup — built around a single corporate firewall — couldn’t keep up with threats that no longer came only from “outside” the office.

The solution? Secure access service edge (SASE).

What is SASE?

SASE is a relatively new concept, coined by Gartner in 2019, and has been evolving ever since.

It unites network and security management into a single, cloud-delivered service model. SASE facilitates secure, identity-aware access to the applications used by José and his sales team, no matter where they — and their devices — are located.

With SASE, security inspection and policy enforcement are applied at the edge and cloud, where employees access their applications, rather than the data center. This makes it an ideal solution for distributed workforces and hybrid environments.

SASE also improves threat detection and response through AI and automation.

A zero trust security approach further boosts means all users and devices are verified before they’re able to access company systems. With zero trust, no human or device is trusted. Is this really José logging in, or someone impersonating him? Is this José’s company laptop or one he’s using in a kiosk at an airport, which might be risky?

Over and above improving your organization’s security posture, SASE makes for a better user experience, which is good for productivity. The days of slow, interruption-prone VPN sessions are over!

• ALSO READ → Proactive measures, secure outcomes: Make your organization cyber resilient

How does SASE work?

At its core, SASE integrates two technology streams: software-defined wide area networking (SD-WAN) and security service edge (SSE).

SSE comprises several security controls that used to run on appliances in data centers but have now moved to the cloud. These include:

1. A secure web gateway (SWG) acts as a proxy to inspect and secure web traffic and stop problematic sites in their tracks.
2. A cloud access security broker (CASB) controls who can access which applications, websites and data (for example, BitTorrent is a big no, and not everyone can view sensitive client data on Salesforce).
3. Firewall as a service provides virtualized firewall capabilities in the cloud, making it easier to manage security for distributed networks and users.
4. Zero trust network access (ZTNA) implements zero trust principles to verify every connection on every level. Zero trust assumes a breach may be happening at any time and monitors the network constantly for the telltale signs.

Why is everyone talking about SASE?

The benefits are numerous:

Simplified management

SASE consolidates networking and security into one platform, with one dashboard. This means your IT teams can spend less time juggling tools and more time focusing on strategic projects that move the business forward.

Stronger security

By applying zero trust principles and security controls at the edge and in the cloud, SASE stops threats everywhere. It’s like having a vigilant security guard at every digital doorway, checking IDs and keeping the bad actors out.

A better user experience

SASE enables faster and more secure access to applications. Employees can work easily from anywhere, without the frustration of slow logins or dropped connections.

Scales easily

The cloud-native architecture of SASE allows for endless scalability, making it perfect for organizations with rapidly growing or distributed workforces. Whether you add 10 people or 10,000, SASE adapts instantly without expensive hardware upgrades.

Managed SASE: Let the experts handle it

While SASE offers great benefits, not every organization has the expertise and resources to implement and manage it. An experienced service provider can fill these gaps.

When you partner with NTT DATA and Palo Alto Networks, you get the benefits of SASE without the headache of managing it yourself.

We use the Palo Alto Networks Prisma SASE® platform to bring together cloud-native security and networking across distributed environments. This comprehensive managed service aligns with our “Secure to Edge” vision, which is about securing every part of your network topology, from laptop to cloud.

You benefit from the deep expertise of two world-class leaders in managed SASE who offer powerful distributed security enforcement and management, resulting in happier IT teams and users.

The role of AI and automation

One of the most exciting aspects of managed SASE is the integration of AI and automation.

AI-powered threat detection — made possible by NTT DATA’s SPEKTRA network platform and Managed Extended Detection and Response, which is integrated with Cortex XSIAM® from Palo Alto Networks — automatically detects and responds to threats fast and accurately, while predictive analytics correlate events across your network for faster insights.

GenAI is also becoming increasingly important. It can create “augmented analysts” that help human security operations center (SOC) analysts quickly identify and respond to threats. In this way, you resolve incidents faster and reduce the workload on the analysts in your security team.

Agentic AI takes automation a step further by enabling autonomous, goal-driven security actions within the SASE environment. Instead of simply flagging or suggesting responses, agentic AI can proactively investigate anomalies, initiate containment measures and even reconfigure network policies in real time, all in accordance with your governance and compliance rules.

• ALSO READ → A CISO’s guide to mastering the risks and potential of AI

The real-world impact of managed SASE

A global biopharmaceutical company faced the same growing pains as José’s. They needed to protect a globally distributed team and move to a cloud-first strategy.

NTT DATA delivered a comprehensive managed SASE solution, based on Palo Alto Networks Prisma® Access and integrated with our Managed Network Services, that covered everything from their local area networks and firewalls to SD-WAN.

Our solution also included support, governance and lifecycle management, with AI-driven operations managed through SPEKTRA and Strata Cloud Manager from Palo Alto Networks.

The outcome: Improved security and compliance, simplified management, greater operational efficiency and a better user experience at all their sites around the globe.

More than just the next big thing

As organizations continue to adopt SASE and managed SASE solutions, we can expect to see further innovations in this space. Some anticipated developments include:

• ZTNA 2.0 enhancements: Deeper identity-based controls for more granular access management
• Smarter AI: Further integration of AI in threat detection and SOC automation
• Integration with emerging technologies: SASE solutions are likely to integrate with technologies like 5G and edge computing to provide even more robust and flexible security frameworks

SASE, and especially managed SASE, isn’t just the “next big thing” in networking. It’s a whole new way to think about security in a world where your workforce can be anywhere.

For companies like José’s, it means speed, safety and simplicity — without the VPN drama. And with leaders like NTT DATA and Palo Alto Networks in the mix, you’re not just keeping up with threats — you’re staying ahead of them.