Redazione RHC : 4 September 2025 07:34
A unified and secure approach to support digital transformation, enable hybrid working, and reduce operational complexity.
By Federico Saraò, Specialized System Engineer SASE, Fortinet Italy
The nature of a company’s digital operations has changed dramatically over the last decade. The traditional office terminal work model has been completely revolutionized to make way for a dynamic model where business activities are increasingly distributed throughout both inside and outside the workplace, and therefore need to be able to be performed promptly from any type of terminal.
To ensure this operational flexibility, it is absolutely necessary for companies to migrate to a new architectural model that allows easy and continuous, yet always secure, access to their infrastructure.
Flexibility, however, cannot ignore three fundamental aspects:
The SASE (Secure Access Service Edge) framework was born precisely as a response to these needs, defining an evolutionary security model that in recent years has evolved from its origins, which saw it primarily as a tool enabling remote work.
SASE is much more than an innovative solution for managing remote access. It is also a model capable of natively integrating multiple networking and security solutions and functionalities on a single cloud platform, simplifying operations, streamlining visibility and monitoring, applying cross-sector security policies, and enabling secure digital transformation on a large scale.
The new architectural models used by companies to better manage the delocalization of users and resources have certainly ensured the optimization performance and user experience, but at the same time, they have drastically increased the potential attack surface of networks, making it highly heterogeneous given the diverse nature of the services involved.
The adoption of a SASE solution by a company cannot ignore a primary assumption: infrastructure security.
It therefore becomes essential to find a new implementation model that can, in a unified manner, manage and protect all infrastructure components, simultaneously providing heterogeneous security services, all aimed at protecting the infrastructure end-to-end.
Among these services, the main ones that characterize a Unified SASE model are: NGFWaaS (Next-Gen Firewall as a Service), SWG (Secure Web Gateway), SDWAN, CASB (Cloud Access Security Broker), DLP (Data Loss Prevention), RBI (Remote Browser Isolation), Endpoint Security, Sandboxing, DEM (Digital Experience Monitoring), all within a single platform.
In addition to these services, however, the concept of Universal Zero-Trust-Network Access (ZTNA) plays a fundamental role within the SASE framework. This concept enables the implementation of a global security policy capable of providing a consistent security experience for all users and resources on a corporate network.
Through Universal ZTNA the goal is to ensure maximum protection for access to company resources and services by verifying the status and compliance of each user and device before each session; This is a continuous and accurate verification of identity and context, in real time, capable of immediately identifying any changes in the state of the network and devices, allowing for appropriate response, protecting the infrastructure and ensuring a predictable and reliable connection experience for users.
The combination of the Universal ZTNA concept, together with the other services offered within the UnifiedSASE framework, represents the true revolution in the security paradigm that companies need to best protect their networks.
It is important that the solution can be scaled based on the needs of users and their devices, providing the service both through a unified agent (also usable on mobile devices) and in agentless mode, ensuring Flexible deployment options. Equally crucial is the ability to have a large network of global POPs that can ensure security policies are applied based on the geographic proximity of users and corporate locations, meeting compliance and performance requirements.
Finally, it is essential that the solution features simplified management interfaces and AI-based support tools to reduce operational costs and identify threats promptly to prevent attacks and reduce business risks. This can be achieved through SOC-as-a-Service and Forensic Analysis services integrated into the platform to support security teams in their analysis activities.
Adopting a Unified SASE framework means enabling an architectural model capable of meeting the scalability, security, and performance needs of modern infrastructures, providing companies not only with greater security, but also with greater agility and competitiveness.
SASE is not just a technological evolution, but a strategic accelerator for enabling digital business in a secure and resilient manner: the decisive step to confidently face tomorrow’s digital challenges.
Redazione