Answering the Top Questions About SASE Asked by IT Professionals
You probably know what WAN stands for, but what about all of the other acronyms and abbreviations in the networking world? Here’s a list of the key acronyms to help you keep up with the latest in WAN transformation.
Secure Access Service Edge (SASE) converges network and security functionalities into a single cloud-based solution. SASE merges the network optimization capabilities of SD-WAN with a full security stack, including Next Generation Firewall (NGFW), Secure Web Gateway (SWG), Zero Trust Network Access (ZTNA), and more. According to Gartner that coined the term, SASE is “the future of network security.”
Software-Defined Wide Area Network (SD-WAN) is a virtual WAN architecture offering optimized traffic routing over multiple different media (broadband, MPLS, 5G/LTE, etc.). By choosing the best available path, SD-WAN provides better performance and reliability than broadband Internet. Keep in mind however, that unless SD-WAN is deployed as part of SASE, it can’t support global connectivity, network optimization, WAN and Internet security, cloud acceleration, and remote users.
Multiprotocol Label Switching (MPLS) routes traffic over telecommunications networks using short path labels instead of longer network addresses. MPLS improves the performance and reliability of traffic flows, yet remains an expensive, rigid solution with limited capacity.Top 7 Use Cases for SASE | Download eBook
A Point of Presence (PoP) is an access point to a network, such as a SASE or SD-WAN appliance. Traffic can enter and exit these networks via a PoP. According to Gartner, many emerging edge applications require “a cloud-delivery-based approach, favoring providers with many points of presence (POPs).”
Source: Market Trends: How to Win as WAN Edge and Security Converge Into the Secure Access Service Edge, 29 July 2019, Joe Skorupa, Neil MacDonald
Virtual Private Network (VPN) solutions provide an encrypted link between a network and a remote user or network. Traffic sent over the VPN acts as if the remote device is directly connected to the network with full access to corporate resources. Enterprises that have traditionally relied on VPN are realizing that it’s poorly suited for the shift to the cloud and work-from-anywhere reality, as it lacks granular security, global scalability and performance optimization capabilities.
Unified Communications (UC) is the integration of corporate communications services, such as voice, messaging, videoconferencing, etc. UC creates a consistent user interface and experience across multiple communications media but requires a high-performance, reliable, and geographically distributed network.
Unified Communications as a Service (UCaaS) is a cloud-based delivery model for UC. With SASE, UCaaS traffic is optimally routed to the UCaaS provider instance, and UC/UCaaS components connected to a SASE Cloud are protected against network attacks without requiring additional security solutions.
Quality of Experience (QoE) measures how network performance impacts the end user. QoE takes into account the fact that some performance issues may have a negligible impact on application performance while others render an application unusable. For example, SASE provides a higher QoE than VPN for cloud-based applications by eliminating the need to backhaul traffic through the enterprise network.
Policy-based Routing (PbR) routes network flows based on policies defined by a network administrator. It can provide priority to certain types of traffic or allow it to use more expensive routes, such as MPLS circuits. SD-WAN and SASE solutions offer PbR functionality.
5th generation mobile networks are the most recent generation of cellular networks. They offer higher speeds and support higher densities of devices than previous generations. SD-WAN and SASE solutions often connect to 5G networks to provide increased resiliency.
Artificial intelligence for IT operations (AIOps) uses machine learning and big data to improve IT operations. AIOps enables automated data processing, decision-making, and response for IT operations. A SASE architecture enables businesses to realize the full potential of AIOps, allowing IT to focus on valuable business objectives such as user experience, revenue, and growth.
Voice over IP (VoIP) enables voice communications over broadband Internet. Telephony data is encoded in network packets and sent over the Internet to its destination rather than traditional phone networks. Like UC solutions, VoIP requires high-performance, reliable, and geographically distributed networks.
Content Delivery Network (CDN) is a geographically distributed network of servers that serve cached copies of web content. CDNs improve a website’s performance by moving the service closer to end users and decreasing the load on the origin server.
Network as a Service (NaaS) is a delivery model for cloud-based networking services. With NaaS, a company can deploy and manage its own networks using infrastructure maintained by its service provider. SASE is an example of a NaaS offering because SASE PoPs provide all required network services in a cloud-based appliance.
Internet Service Providers (ISP) provide their customers with access to the Internet. In addition to Internet access, ISPs may also offer other services, such as email, web hosting, and domain registration.
Universal Customer Premises Equipment (uCPE) is a general-purpose off-the-shelf server, including compute, storage, and networking. uCPEs provide network and security services using network function virtualization.
Network Function Virtualization (NFV) provides network functions using virtualized services rather than dedicated appliances. This enables these functions to be provided using uCPEs or cloud platforms rather than expensive, dedicated infrastructure.
Virtual Network Functions (VNF) are virtualized network services that replace dedicated hardware appliances. VNFs can be linked together using service chaining to create more complex functionality. The use of VNFs and service chaining is common among providers of SASE alternatives that lack the required service convergence of SASE.
Software-Defined Networks (SDN) decouple the control plane from the forwarding plane. The network is defined and managed in software, making it more flexible and adaptable. SD-WAN and SASE are examples of SDN applied to the corporate WAN.
Local Area Networks (LAN) link computers together within an organization. A LAN is connected to the Internet via one or more ISPs.
The Border Gateway Protocol (BGP) is a protocol for exchanging routing information between different
autonomous systems (ASes) on the Internet. Each AS advertises which IP addresses it can route traffic to, helping traffic move from its source AS to the AS closest to its destination.
The Open Shortest Path First (OSPF) protocol is designed to route traffic within an AS. It uses Dijkstra’s algorithm to find the shortest route to its destination, minimizing the distance that the traffic needs to travel and hopefully the latency as well.
The Domain Name Service (DNS ) is the “address book” of the Internet. DNS servers translate domain names (like catonetworks.com) to the IP addresses used by computers to route traffic.
While these are some of the most common and important acronyms in networking, this is far from a complete list. To learn more about how modern networks work, read more on the Cato Networks blog.