SASE (pronounced “sassy”) is not a single product. Instead, it’s a framework that combines networking and security services into a unified architecture designed for modern, cloud-first environments.

Rather than relying on multiple separate tools and devices, SASE brings together capabilities such as:

• SD-WAN for intelligent network traffic routing
• Zero Trust Network Access (ZTNA) to replace traditional VPNs
• Secure Web Gateway (SWG) to monitor and filter internet traffic
• Cloud Access Security Broker (CASB) to protect cloud applications
• Firewall-as-a-Service (FWaaS) for cloud-based network protection

Together, these components allow organizations to secure users, devices, and applications no matter where they are located.

As Sarah explains in the episode, SASE is best thought of as a holistic approach to network security, rather than a point solution.

For many years, network security followed a simple approach:

Put a firewall at the edge of the network and route everything through it.

But modern IT environments are much more distributed.

Today’s organizations often have:

• Remote and hybrid employees
• Multiple branch offices
• Cloud-based applications like Microsoft 365 or Salesforce
• Infrastructure spread across platforms like AWS or Azure

That means users and data are no longer confined to a single network perimeter.

SASE addresses this challenge by bringing security closer to the user instead of forcing users to route traffic back through a central location.

One of the most important components of SASE is Zero Trust Network Access (ZTNA).

Traditional VPNs typically grant users broad access to a network once they log in. ZTNA takes a different approach by limiting access only to the specific resources a user actually needs.

For example:

• An engineer may only access engineering tools
• Finance staff may only access financial systems
• Sales teams may only access CRM platforms

This dramatically reduces risk if credentials are compromised.

ZTNA can also detect unusual login behavior, such as a user suddenly connecting from a new location or device.

Remote and hybrid work have changed the way organizations think about network infrastructure.

In many companies today, employees work from:

• Home offices
• Customer locations
• Airports and hotels
• Public Wi-Fi networks

SASE solutions allow users to connect to secure cloud gateways located around the world, ensuring traffic is protected while also minimizing latency.

Instead of routing traffic back through a central office VPN, users connect to the nearest secure access point, improving both security and performance.

Another major advantage of SASE is centralized visibility and management.

In traditional environments, IT teams often need to manage multiple separate systems, such as:

• Firewalls
• WAN connections
• Security monitoring tools
• Remote access solutions

SASE platforms bring these capabilities together into a single management interface, allowing administrators to monitor traffic, enforce policies, and respond to threats more efficiently.

For smaller IT teams especially, this consolidation can make a significant difference.

While SASE is gaining momentum across the industry, it’s not a one-size-fits-all solution.

In the episode, Sarah outlines a helpful rule of thumb:

• Organizations with mostly on-premises infrastructure and office-based staff may still function well with traditional edge-based security.
• Companies with cloud applications, remote employees, or distributed offices typically benefit the most from SASE architectures.

For global companies or organizations with highly mobile teams, a POP-based (Point of Presence) SASE model can provide additional performance benefits by routing traffic across private global backbones.

One theme that comes up repeatedly in the conversation is that every environment is different.

Choosing the right SASE approach requires understanding factors such as:

• Where applications are hosted
• How employees access systems
• Security and compliance requirements
• Network performance needs

That’s why these conversations typically begin with an environment review and architecture discussion, rather than jumping straight to a specific product.