Network security deployment architectures undergo regular evolution, driven by various enterprise requirements. Some of the Industry recent trends are outlined below: Minimizing the cost & maintenance burden associated with disparate and multiple network security systems. Implementing a[...]

Shared Processes for Packet-level Security Technologies Networking and security technologies at the packet level, such as stateful inspection firewalls, IPSEC, and load balancing, impose lower computational demands in terms of the number of CPU cycles required for[...]

Within the realm of Secure Access Service Edge (SASE), the integration of Intrusion Detection and Prevention Systems (IDPS) is almost universal. Its role extends beyond merely thwarting known exploits, it serves as a vigilant sentinel for IOC[...]

The Secure Access Service Edge (SASE) service, along with its associated architecture, comprises a powerful amalgamation of multiple security components. These include a stateful inspection firewall, Intrusion Detection and Prevention System (IDPS), DNS security, DoS/DDoS protection, Secure[...]

Quoting Wikipedia, “observability” originates from control theory, which measures how well a system’s state can be determined from its outputs. Similarly, in software, observability refers to how well we can understand a system’s state from the obtained[...]

Authentication & Authorization comes in various colors The Zero Trust Network Access (ZTNA) component of SASE is designed to provide secure inbound access to enterprise private applications. In line with the core principle of identity-based access control[...]

The Secure Web Gateway (SWG) plays a crucial role in the SASE/SSE solution, which aims to secure internet-bound connections. Its primary objective is to safeguard users from online threats and enforce acceptable access policies within an organization.[...]

Many articles in the industry and my blog on Deciphering SASE are very clear on the major constituents of SASE. In the case of SASE Security, the predominant components discussed are Secure Web Gateway (SWG), Cloud Access[...]

In my previous blog on identity-aware SASE I discussed zero trust, the role of SASE, and the importance of identity in access controls. Another blog on SASE Proxy explained how SASE solutions obtain users’ identities after authenticating[...]

Why Proxies in SASE? Gone are the days when the packet level security was considered sufficient. Due to the sophistication of attacks, it is becoming imperative to do deep content inspection for various kinds of protections. Identity[...]

What is threat hunting? Threat hunting is a proactive defense approach to detect threats that evade existing security solutions. Why threat hunting? Firewall, IDS/IPS, SWG, ZTNA, CASB functions help in protecting enterprise assets from known threats. Security[...]

Why Identity awareness in SASE? My previous blog on Deciphering SASE talked about identity awareness in various security components of SASE. This post describes the various methods for realizing identity-aware SASE. Access controls in traditional perimeter-centric security[...]