SASE 加零信任等于對應用程序的安全訪問.pdf

《SASE 加零信任等于對應用程序的安全訪問.pdf》由會員分享，可在線閱讀，更多相關《SASE 加零信任等于對應用程序的安全訪問.pdf（26頁珍藏版）》請在三個皮匠報告上搜索。

1、 2023 Gartner,Inc.and/or its affiliates.All rights reserved.Gartner is a registered trademark of Gartner,Inc.and its affiliates.This presentation,including all supporting materials,is proprietary to Gartner,Inc.and/or its affiliates and is for the sole internal use of the intended recipients.Because

2、 this presentation may contain information that is confidential,proprietary or otherwise legally protected,it may not be further copied,distributed or publicly displayed without the express written permission of Gartner,Inc.or its affiliates.Feng Gao高級研究總監SASE SASE 加零信任等于對應用程序的安全訪問1 2023 Gartner,Inc

3、.and/or its affiliates.All rights reserved.RESTRICTED到 2025 年，超過 60%的組織會圍繞零信任實施安全，但超過一半的組織會失敗。2 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED到 2025 年，至少 60%的企業將擁有明確的SASE采用戰略和時間表，包括用戶、分支機構和邊緣訪問，高于 2020 年的 10%。3 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRIC

4、TED什么是 SASE?SASE?什么是零信任?將他們合在一起議題4 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED以數據中心為中心的模式不再有效DMZMicrosoft 365Salesforce企業微信釘釘分支機構承包商數據中心合作伙伴MPLS運營商5 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED今天,用戶和應用無處不在ERP數據中心邊緣計算分支機構分支機構邊緣計算IoTIoT遠程用戶客戶客戶遠程用戶遠程用

5、戶AzureMicrosoft 365ZscalerSalesforceGoogleAWSSAP6 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED安全訪問服務邊緣 SASESASE（詳細視圖）7 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED安全訪問服務邊緣 SASESASE（詳細視圖）Source:Gartner8 2023 Gartner,Inc.and/or its affiliates.All right

6、s reserved.RESTRICTEDSASE 架構Source:Gartner9 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED議題什么是 SASE?SASE?什么是零信任?將他們合在一起10 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED“我們使用實物資產和位置的所有權和控制權作為信任的隱性代理?！边@是一個有缺陷的安全范例10 2020 Gartner,Inc.and/or its affiliates.

7、All rights reserved.Gartner is a registered trademark of Gartner,Inc.and its affiliates.11 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED一種將基于隱性信任的訪問替換為基于不斷更新的身份和上下文的訪問的體系結構。零信任架構12 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED一種安全架構，可根據計算的風險提供對資源的訪問。能被

8、記住的定義13 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED零信任能力UserDeviceApplicationData監控自動化用戶終端數據認證角色多因素企業管理的非用戶的健康的本地云權限基線異常分析SOAR流程認證的Network網絡執行隔離SDN標簽敏感性重要性DLP商業產品自研用戶入/離職加密所有應用14 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED議題什么是 SASE?SASE?什么是零信任?將他們

9、合在一起15 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED零信任是一種用于將實體連接到資源的架構。SASE SASE 可以確定您可以購買的一組產品，以開始部署零信任架構。16 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED零信任是做什么SASE SASE 是怎樣做17 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTEDPEP

10、=Policy Enforcement PointPDP=Policy Decision PointNIST NIST 零信任架構控制平面數據層面策略引擎策略管理員策略執行點PEP實體策略決策點PDP不可信可信系統企業資源18 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED零信任和 SASE用戶PEPPDP訪問策略DataCentre私有網絡流量SaaS19 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED威脅情報

11、訪問策略分析零信任和 SASESASE辦公室身份系統IT資產管理遠程DataCentre私有網絡流量SaaS20 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED回顧21 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTEDSource:GartnerSASE=SASE=SDWANSDWANSWGSWGCASBCASBZTNAZTNASASE 云基礎架構廣域網邊緣服務 SD-WAN 廣域網優化 服務質量(QoS)路由 S

12、aaS 加速 內容分發網絡(CDN)其他安全服務邊界(SSE)安全網絡網關(SWG)云訪問服務代理(CASB)零信任網絡訪問(ZTNA)/VPN 防火墻即服務(FWaaS)遠程瀏覽器隔離加密/解密 其他22 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED您可以建立零信任22 2023 Gartner,Inc.and/or its affiliates.All rights reserved.Gartner is a registered trademark of Gartner,Inc.and its

13、affiliates.23 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED技術用于構建SASE架構(邊緣態勢)零信任24 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTED建議(建設技巧)SASE 可以成為建設零信任很好的起點。SASE 將用戶連接到應用程序，因此必須了解應用程序。SASE 只能根據已知策略執行，因此零信任的基礎是能確定誰應該訪問什么。最好從小做起！25 2023 Gartner,Inc.and/or its affiliates.All rights reserved.RESTRICTEDGartner Gartner 研究報告推薦如何構建零信任架構Thomas Lintemuth(G00766061)2022 年 SASE 融合戰略路線圖2022Neil MacDonald,Andrew Lerner and John Watts(G00770805)快速回答：如何向技術執行官解釋零信任Charlie Winckless and Neil MacDonald(G00758250)