Glossary term
SASE
Also: Secure Access Service Edge
Gartner architecture category combining network (SD-WAN) and security functions (SWG, CASB, ZTNA, FWaaS, RBI) on a single cloud platform. SSE is the variant without SD-WAN.
Components: software-defined WAN (SD-WAN), secure web gateway (SWG), CASB, Zero Trust Network Access (ZTNA), Firewall as a Service (FWaaS), Remote Browser Isolation (RBI), DLP.
Integrated SASE leaders: Cisco (Umbrella + Meraki), Palo Alto Prisma Access, Zscaler (SSE leader), Netskope, Cato Networks, Fortinet, Forcepoint, Cloudflare.
Selection criteria: PoP coverage in the EU, EU data residency and logging sovereignty, latency in DACH, ZTNA maturity, DLP engine, BSI C5 and ISO 27001 evidence.
Related terms
SSE
Subset of SASE without SD-WAN. Bundles SWG, CASB, ZTNA and (increasingly) DLP/RBI in a cloud platfor…
CASB
Security layer between users and SaaS providing visibility (shadow IT discovery), data protection (D…
Zero Trust
A security model built on the principle that no user, device or network location is trusted by defau…
SBOM
Machine-readable inventory of all components in a software incl. versions, licences and dependencies…
Schrems II
CJEU ruling of 16 July 2020 that invalidated the EU-US Privacy Shield and only allowed Standard Cont…
SIEM (Security Information and Event Management)
A platform that centralises security logs, enables long-term retention, runs correlation rules and s…
SOC 2 Type 2
Audit report by a US public accountant under AICPA SSAE 18 standard, confirming the operating effect…
Sovereign cloud
A cloud deployment model that guarantees operational, legal and technical control of data and worklo…