You may have heard of Secure Access Service Edge, or SASE – but CoIP Access Platform uses a SASE overlay. What is a SASE overlay, and makes the CoIP SASE Overlay different?
Covered in this article:
The CoIP SASE Overlay is a cybersecurity mesh that connects and protects users, endpoints, applications, and devices across distributed environments, without having to connect the environments together.
The CoIP SASE Overlay
The legacy approach to dealing with hybrid and remote applications is to connect networks together, so that applications using the network can reach each other. The goal of this approach is to expand the network – remote sites and clouds are assigned chunks of the corporate IP address space, connecting to the corporate network hub with VPNs. In other words, infrastructure build is the legacy answer to hybrid and remote. As users and applications become increasingly dynamic, the infrastructure build model becomes difficult to scale – not to mention that they increase the size of the attack surface, precisely when cybersecurity attacks are at an all-time high.
The CoIP SASE Overlay provides application-oriented connectivity; the overlay flips the paradigm, allowing a complex network security problem to instead be treated as an access control problem. This completely avoids the challenge and delays introduced by the need to build infrastructure.
A good analogy for the CoIP SASE Overlay is instant messaging. Users can send messages such as text, multimedia, and even files to each other, without building a peer-to-peer connection or having to be on the same network. The CoIP SASE Overlay works much like this, relaying messages from one application to another – it's just that the messages happen to be TCP/IP application traffic. The overlay has been highly optimized for low latency and multi-gigabit flow throughput.
Applications do not need to be modified to use the overlay, and typically aren't even aware of its existence. The overlay is instantiated as a virtual interface, right in the operating system, making authenticated remote endpoints appear to be peers.
User, endpoint, application, and device identity are validated before connections are setup, and continuously verified in accordance with the principles of Zero Trust. Connections are authorized by policy, and can be locked to specific source and destination applications.
The CoIP SASE Overlay effectively decouples security from networking, and associates it instead with the application layer. In other words, the security enforcement is virtually pushed to the application edge. This has several key operational and security benefits:
SASE overlays have been used to address a wide range of complex use cases, including: