Security and Performance Testing for SASE and Zero Trust

Secure Access Service Edge (SASE) emerged in 2019 as a visionary security framework where security functions are hosted in the cloud to address the security challenges resulting from the rapid transition to a remote/hybrid workforce necessitated in response to Covid-19 which created a host of new use cases, dramatically expanding the fast-evolving threat surface.

SASE converges networking and security domains into a distributed cloud environment, where it connects and secures any IT resource—physical, virtual, and mobile—with unified management and policy. It offers compelling advantages for emerging virtualized, cloud-native infrastructure, distributed applications, dissolving network perimeters, edge-based networks, and remote work, it increases the complexity of testing, creating new risks. By migrating security functions to the cloud, SASE introduces new challenges in security and performance testing. These challenges include:

Overcoming the unknowns: Characterizing individual service provider (SP) and cloud service provider (CSP) traffic shaping, data policies and inter regional latencies as traffic traverses third-party networks and its impact on distributed network performance

Edge cloud availability and performance: Ensuring adequate bandwidth and latencies are maintained and security controls and polices are scaling across remote locations and cloud premises (in public and private clouds)

Finding the optimum balance between performance, security, and quality of experience (QoE): Overcoming configuration complexities in SASE deployments (underlay MPLS, overlay IPsec/SSL) and taking a measured approach to validating the performance and QoE cost associated with security policies

By migrating security functions to the cloud, SASE introduces new challenges in security and performance testing. This paper provides a brief overview of those challenges, along with requirements for effective SASE and Zero Trust validation, use cases, quantifiable business results and related testing strategies. It shows how organizations ensure that their security policies are behaving as expected in their SASE environment, and that their offerings perform as expected in any network, from any cloud, under any set of circumstances.