What is security service edge (SSE)?
A brief guide to SSE, the security-focused framework at the heart of every SASE deployment
The tech world, you might argue, has too many TLA’s – What does that stand for? Three letter abbreviations. They consistently proliferate and, when you’re in the know, can be exceedingly helpful. They also do a wonderful job of confusing transcription software and new employees, alike.
One acronym currently used in cyber security is SSE, which stands for security service edge. To double down on the acronyms, SSE is a component of SASE, or secure access service edge. Edge means that these forms of architecture are operating in the cloud versus a more traditional data centre-centric approach.
Clear as mud? No problem, we’ve got you covered. Plus, if you’d like our explainer on SASE by itself, you can find it here. After all, you can never know enough acronyms, if only to make your business meetings easier.
What is SSE in the context of SASE?
Imagine you have a box labeled 'SASE'. Inside are a bunch of services, including network optimization tools, software optimization, and routing options. Beside these is a smaller box labeled SSE, containing tools that purely focus on security via the cloud. As a result, SASE is interested in security and networking, while SSE is focused on just the security portion of those duties. If you’re a business who needs to integrate networking and security under one proverbial roof, then SASE may be a better fit. However, some situations might mean you’re only looking for the SSE tools.
SASE came first, described by Gartner in 2019. SSE arrived later, first appearing in a 2021 report.
What does SSE contain?
In general, SSE includes tools such as zero trust network access (ZTNA), cloud access security broker (CASB), secure web gateway (SWG), firewall as a service (FWaas), remote browser isolation (RBI), and data loss protection (DLP).
SSE is solely designed to protect your company’s data and network and is not focused on network optimization. The consensus is that as cyber security develops, having a framework like SSE allows you to reduce the number of weak points in your company’s IT security because they are being used in a way that ensures they play off of each other, rather than against each other.
Cloud Pro Newsletter
Stay up to date with the latest news and analysis from the world of cloud computing with our twice-weekly newsletter
In comparison, the networking portion of SASE includes software defined wide-area networks (SD-WAN) alongside other components like network as a service and software as a service acceleration. The idea, in general, is that the two portions work in synchronization to provide an improved, two for one, approach.
Another goal of SSE is to provide a more secure, and easier to operate option compared to fragmented solutions that don’t take advantage of technological innovation in the cyber security space. Or, in Gartner’s own words:
"Security service edge provides a primarily cloud-delivered solution to control access from end users and edge devices to applications (private or delivered via SaaS) as well as websites (and to a lesser extent general internet traffic). It enables a hybrid workforce more efficiently than traditional on-premises solutions. Capabilities integrated across multiple traffic types and destinations allow a more seamless experience for both users and admins while maintaining a consistent security stance."
This consolidation of services is also intended to reduce costs and increase usability. Gartner has published the companies they believe provide the best SSE options. Those include Netskope, Palo Alto Networks, and Zscaler.
Benefits of SSE
As an approach to sustaining the health of your network, SSE’s main selling point is that all of the services intertwined with it provide a broader spectrum solution than choosing individual tools piece by piece.
Proponents of this approach also point to benefits when it comes to user experience — namely decreases in latency and the ability to do away with clunky VPN options. In the current workplace environment — where employees are more likely to be working remotely and/or using their personal devices — SSE allows for an easier process when it comes to scaling and implementing your network security.
The downsides of SSE
As SSE is a framework, it is a broad concept that is not always easy to integrate into your company’s workflows. Some tools that you use on a daily basis might not want to play nice with this new approach. You may struggle to implement it as you muddle through already existing security policies, and your IT staffers may be less familiar with SSE — given its relatively recent emergence on the cyber security landscape. This is similar to many IT innovations, cyber security-related and otherwise.
John Loeppky is a British-Canadian disabled freelance writer based in Regina, Saskatchewan. He has more than a decade of experience as a professional writer with a focus on societal and cultural impact, particularly when it comes to inclusion in its various forms.
In addition to his work for ITPro, he regularly works with outlets such as CBC, Healthline, VeryWell, Defector, and a host of others. He also serves as a member of the National Center on Disability and Journalism's advisory board. John's goal in life is to have an entertaining obituary to read.