Secure Access Service Edge (SASE) converges the functions networking and security in an elegant way that enables employees, customers and partners to access all the applications and services they require without compromise.

Pentesec believe there are three driving forces behind the need for network transformation in the enterprise: hybrid working, cloud and digital transformation and branch transformation.

Our solution of choice has been designed from the ground up to reduce the costs and complexities of securely connecting users and devices to any service required – anywhere. With a cloud native architecture, we ensure you receive on-demand and elastic scalability of networking and security services across a global, high-performance network.

What is a SASE solution?

A SASE solution must converge SD-WAN and security into a single, integrated offering that delivers consistent protection with a high-performance experience for all users, without compromising security effectiveness or network functionality.

Our preferred SASE solution provides the foundation for consistent cloud-delivered security for all users and locations by delivering:

The two layers that make a Secure Access Service Edge are the “Security-as-a-Service” layer and the “Network-as-a-Service” layer.

Security-as-a-Service

A true SASE solution consolidates security capabilities in a single service edge. These capabilities include Firewall-as-a-Service (FWaaS), Cloud Secure Web Gateway (SWG), Zero-Trust Network Access (ZTNA) and a Next-Generation Cloud Security Access Broker (CASB).

Firewall-as-a-Service (FWaaS)

Our solution offers Firewall-as-a-Service and provides the full functionality of a Next-Generation Firewall (NGFW) by providing inbound and outbound protection, native user authentication and access control, alongside L3-7 single pass inspection to help secure branch offices against threats.

Cloud Secure Web Gateway (SWG)

A core component of any SASE solution is the Secure Web Gateway. This functionality protects remote users from threats when they access web and non-web applications, no matter where they reside. Our solution is natively integrated with the Next-Gen CASB and supports all the web protections it offers including Threat Prevention, URL Filtering, DNS Security, Data Loss Prevention and more.

Zero-Trust Network Access

Zero Trust Network Access authenticates and connects users to applications based on Role-Based Access Control and provides a “single pane of glass” to create and enforce policies. With support available for both agent-based and agent-less connection methods, our solution performs single-pass traffic inspection for malware, data loss and malicious behaviour after users connect.

Next-Generation Cloud Security Access Broker (CASB)

Our solution of choice provides the industry/s only Next-Generation CASB that automatically keeps up with the SaaS expansion with proactive visibility, real-time data protection and industry-leading security.

Network-as-a-Service

Secure Access Service Edge solutions provide consistent and secure access to all applications whether in the cloud, the data centre or online. The capabilities include Networking for Mobile Users, Networking for Remote Networks and Digital Experience Monitoring.

Networking for Mobile Users

Our solution supports user-based always on, pre-logon always-on and on-demand connections. The solution provides provision for split tunnelling based on the access route and the type of application, including it’s associated risk and bandwidth utilisation.

Networking for Remote Networks

You’re able to connect branch offices to our solution over a standard IPsec VPN tunnel using common IPsec compatible devices such as your existing router or Software-Defined Wide Area Network (SD-WAN) appliance. Benefit from faster performance and better redundancy across multiple links by using BGP or ECMP from the branch.

Digital Experience Monitoring

We offer a bolt-on option called Autonomous Digital Experience Management which provides native end-to-end visibility for SASE. You gain segment-wise insights across the entire service delivery path, with real and synthetic traffic analysis that enables automation-led remediation of issues within the digital experience as they arise.

Centralised Management

Our solution puts you in the driving seat with a centralised policy management console that saves time and reduces the complexity associated with managing network security.  We can also help you streamline configuration management with seamless onboarding, continuous posture assessment and reporting through a unified, cloud-delivered experience.