Blog

Effective SSE = ZTNA + CASB + SWG + NG DPI

What is SSE and how does Next Gen DPI make it more effective?

 

SD-WAN

SD-WAN was a starting point for cloud-based networking and security. It stands for Software Defined Wide Area Networking and is since 2015 gradually replacing Virtual Private Networks (VPNs) based on Multiprotocol Label Switching (MPLS) for enterprise connectivity. A typical SD-WAN solution includes traffic optimization, security and reporting functions.

SASE = SD-WAN + ZTNA + CASB + SWG

In 2019, Gartner analysts coined the term SASE, or Secure Access Service Edge, to describe the cloud-centric security capabilities that facilitates safe access to websites, software-as-a-service (SaaS) applications and private applications.

SASE (pronounced sassy) is the combination of SD-WAN and 3 key cloud security functions:

  • Zero Trust Network Access (ZTNA) to access remote private apps
  • Cloud Access Security Broker (CASB) to access SaaS and cloud apps
  • Secure Web Gateway (SWG) to access to the Internet

Note that some SASE vendors also include in Data Loss Prevent (DLP), Next Generation Cloud Firewall (NG CFW), Web Application Firewall (WAF), and/or Intrusion Detection/Prevention (IDS/IPS).

SSE = SASE – SD-WAN = ZTNA + CASB + SWG

In many cases, SD-WAN connectivity, the “A” (Access) in SASE, is not needed, which gives us “Secure Service Edge” or SSE, as a combination of ZTNA, CASB and SWG.

The SSE Model

 

NG DPI = Real-time traffic visibility

Whatever the acronym, cloud-based security solutions all need detailed, real-time traffic visibility to classify traffic for network operations, policy control, and detection of malicious activity.

This visibility is provided by embedded Next Gen Deep Packet Inspection (NG DPI). NG DPI goes beyond traditional DPI, adding specifically developed techniques to meet three important challenges:

  1. The rise of encrypted traffic, which impacts the essential visibility required to properly manage and secure networks,
  2. The emergence of advanced, complex cyberattacks perpetrated by sophisticated criminal actors and nation-states, and
  3. The shift to cloud-based solutions, with significantly higher performance and scalability requirements.

NG DPI meets these challenges with these distinguishing capabilities:

  • Encrypted Traffic Classification (ETC)
  • Detection of anomalous & evasive traffic
  • Advanced first packet processing
  • Extended protocol & application signatures
  • Cloud-scale performance

NG DPI is particularly important for effective SSE. To find out more about embedding NG DPI into SSE solutions, I encourage you to download our technical white paper: How SSE Leaders Use Next Generation DPI for Market Success.

Share this post

Related insights

TLS 1.3 ECH - Encryption - How to Preserve Critical Traffic Visibility for Enterprise and Network Security while Safeguarding Privacy

TLS 1.3 ECH – How to Preserve Critical Traffic Visibility for Enterprise and Network Security while Safeguarding Privacy

Read more

Tags: Cybersecurity, Deep Packet Inspection, Encryption, SASE, SD-WAN, Threat Detection, ZTNA

Enea Qosmos ixEngine for ZTNA: The DPI-Based Data Foundation Trusted by ZTNA Leaders

Enea Qosmos ixEngine for ZTNA

Read more

Tags: Cloud Security, Cybersecurity, Deep Packet Inspection, Qosmos ixEngine, Traffic Intelligence, ZTNA

Enea Qosmos Technology for Visibility into Encrypted & Evasive Traffic

Enea Qosmos Technology for Visibility into Encrypted & Evasive Traffic

Read more

Tags: Cybersecurity, Deep Packet Inspection, Encryption, Qosmos ixEngine, Traffic Intelligence

Product Review: Enea Qosmos Threat Detection SDK

Product Review: Enea Qosmos Threat Detection SDK

Read more

Tags: Cloud Security, Cybersecurity, Intrusion Detection, Suricata, Threat Detection

How to Improve ZTNA with Next Generation Deep Packet Inspection

How to Improve ZTNA with Next Generation Deep Packet Inspection

Read more

Tags: Cloud Security, Cybersecurity, Deep Packet Inspection, Qosmos ixEngine, SSE, Traffic Intelligence, ZTNA