Contact Us
Contact Us

Cloud Transformation

Network Transformation

IT Modernisation

Security Enhancement

Services

Cloud Transformation

Hybrid Cloud

Private Cloud

Public Cloud

Edge Cloud

Cloud Modernisation

Cloud Managed Services

Managed Cloud Security

Services

Network Transformation

SASE

SD-WAN

Network Services

Services

IT Modernisation

SAP Solutions

RISE with SAP

S-4HANA

Application Modernisation

Cloud Managed Services

Data Modernisation

Services

Security Enhancement

Managed Security Services

Managed Security Awareness Services

SOC as a Service

Managed Cloud Security

Managed Digital Risk Protection

Managed IoT and OT Security

GRC Cybersecurity

Supply Chain Risk Management

Blogs

Cloud Transformation

Network Transformation

IT Modernisation

Security Enhancement

More

Press Releases

White Paper

Reports
View all Insights

Featured Customer Stories

Cloud Transformation

Enabling enterprise digitalisation

Read More

Network Transformation

Enterprise network built for innovation

Read More

Posts

Understanding SASE and ZTNA

Understanding SASE and ZTNA

Sherman Peh

Sherman Peh

September 26, 2023 • 5 min read

In the rapidly evolving digital landscape, choosing the right network security model can be a daunting task. Two models that are increasingly gaining attention are Secure Access Service Edge (SASE) and Zero Trust Network Access (ZTNA). If you’re a Network Security Administrator trying to decide between the two, this blog post is for you. Here, we will explore SASE and ZTNA in depth, highlighting their differences and showcasing how they operate in real-world scenarios.

Defining SASE and ZTNA

SASE (Secure Access Service Edge): SASE is a cybersecurity concept introduced by Gartner. It combines wide area networking (WAN) capabilities and network security services into a single, cloud-based service model. It provides secure access regardless of location, making it a perfect fit for distributed workforces.

ZTNA (Zero Trust Network Access): ZTNA, another concept promoted by Gartner, is a security framework that assumes no trust for any entity, regardless of whether they are inside or outside the network perimeter. It requires every user and device to verify their identity before gaining access, thus enhancing security.

Key Differences Between SASE and ZTNA

Though SASE and ZTNA both aim to bolster network security, they are fundamentally different in their approach and scope.

  1. Approach to Trust: ZTNA operates on a “never trust, always verify” model, regardless of the user’s location or network. On the other hand, SASE applies security policies based on the identity of the user and the context of their access request.
  2. Service Delivery: SASE delivers networking and security as a unified service from the cloud, while ZTNA primarily focuses on providing secure access to applications, regardless of where they reside.
  3. Scope: SASE’s scope is broad, incorporating various security capabilities, including Secure Web Gateways, Firewall as a Service, and Data Loss Prevention. Conversely, ZTNA’s scope is narrower, focusing primarily on providing secure access to applications.

SASE in Action

Let’s consider a use case where a global company has several branches and remote workers. The traditional network architecture, which focuses on a secure perimeter, is not practical here as it may lead to backhauling, poor performance, and complex management.

This is where SASE comes into play. With SASE, security and network capabilities are delivered as a service from the cloud. Remote workers and branches can directly connect to the nearest SASE point of presence. This results in improved performance, reduced complexity, and enhanced security as the access is secure and based on the user’s identity and context.

ZTNA in Action

Suppose a company needs to provide its remote workers secure access to its internal applications hosted in a data centre or the cloud. Using traditional VPNs could expose the entire network to potential threats once access is granted.

ZTNA can address this issue. It verifies every user and device before granting access and provides users with access only to the specific applications they need, rather than the entire network. This minimises the attack surface and enhances security, making it a more secure alternative to traditional VPNs.

Choosing the right network security model for your organisation can be a complex decision, requiring a thorough understanding of various models and your organisation’s unique needs. While SASE offers comprehensive security services for dispersed workforces, ZTNA provides an application-centric, zero-trust approach. Often, the most effective solution involves integrating both these strategies.

Lumen offers a robust suite of solutions that can incorporate SASE and ZTNA as part of a comprehensive network transformation strategy. Our experts can work with you to understand your specific requirements and help implement a solution that maximises security, efficiency and adaptability. Whether you’re looking for a SASE solution, a ZTNA solution, or a combination of both, trust Lumen to deliver. Contact us today to begin your network transformation journey.

This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. Lumen does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. This document represents Lumen’s products and offerings as of the date of issue. Services not available everywhere. Business customers only. Lumen may change or cancel products and services or substitute similar products and services at its sole discretion without notice. All third-party company and product or service names referenced in this article are for identification purposes only and do not imply endorsement or affiliation with Lumen. ©2024 Lumen Technologies. All Rights Reserved.

Sherman Peh

Sherman Peh

Lead Marketing Communications (APAC), Lumen Technologies