Why Secure Access Service Edge (SASE)?
Managed SASE gives organizations a simpler, more secure way to modernize their networks by delivering stronger protection, consistent performance, and faster adoption of new capabilities without requiring in‑house expertise. Avoid the cost and complexity of managing security and connectivity on your own by having SaskTel deploy, operate, and continually optimize the SASE environment.
- Fully Managed Deployment
End-to-end setup of SASE including remote and branch (where requested) - 24/7 Monitoring and Management
Continuous oversight of security events and network performance - Policy Management and Optimization
Ongoing tuning of security policies to adapt to evolving threats and business needs - Reporting and Visibility
Regular reporting on threats, usage, and system health - Integration with SaskTel Services
Alignment with existing managed network and security offerings
Remote SASE
Remote SASE provides secure connectivity and protection for user endpoints such as laptops and desktops, ensuring remote and mobile workers can safely access business applications from any location.
It uses an endpoint agent combined with cloud‑delivered security services to enforce consistent policies and deliver threat protection directly on each device through identity‑based controls and cloud‑delivered security.
- A lightweight Fortinet endpoint agent (FortiClient) is installed on user devices
- The agent securely connects the device to the FortiSASE cloud platform
- All traffic is inspected and enforced through centralized security policies
- Access to applications is controlled using Zero Trust Network Access (ZTNA) principles
- Secure Remote
Access (ZTNA)
Provides identity-based access to applications without relying on traditional VPNs - Endpoint
Protection Integration
Extends security controls directly to the device, ensuring endpoints meet compliance requirements before accessing resources - Secure Web Gateway
Enforcement
Filters and protects internet-bound traffic from malware, phishing, and malicious content - Always-On
Protection
Ensures devices are protected whether on or off the corporate network - Device Posture
Checking
Validates endpoint security status (patching, antivirus, compliance) before granting access
- Protects users working from anywhere (home, travel, public networks)
- Eliminates reliance on traditional VPN solutions
- Provides consistent security policies across all users and devices
- Reduces risk from compromised or unmanaged endpoints
- Improves visibility into user activity and device health
- Seamlessly integrates with Fortinet security ecosystem
Branch SASE
Branch SASE delivers secure, cloud‑based networking and security services to physical office locations, ensuring consistent protection for all users, devices, and applications.
It extends security to the network edge by integrating firewalls with cloud services to provide optimized, secure connectivity for in‑office users. Must also have Remote SASE.
- A Firewall appliance is deployed at the branch or office location
- The Firewall connects to the cloud platform
- All user and application traffic is:
- Inspected locally (NGFW capabilities)
- Or forwarded for cloud-based inspection and enforcement
- Security policies are centrally managed and consistently applied across all sites
- Secure Branch
Connectivity (SD-WAN)
- Not SaskTel’s SD-WAN Service, but a version of SD-WAN that is built into the Service
- Intelligent routing of traffic across multiple connections
- Optimizes performance for cloud and SaaS applications
- Firewall Protection (FortiGate NGFW)
- Advanced threat inspection at the branch level
- Protects users and devices within the office network
- Cloud-Delivered Security Enforcement
- Extends SASE security services to all branch traffic
- Ensures consistent policy regardless of location
- Secure Internet Breakout
- Allows traffic to go directly to the internet securely
- Reduces backhauling and improves user experience
- Zero Trust Access Integration
- Applies identity-based access controls for users inside the branch
- Aligns office users with the same Zero Trust model as remote users
- Centralized Management
- Single pane of glass for policy, monitoring, and reporting
- Simplifies administration across multiple sites
- Provides consistent security across all office locations
- Improves application performance with optimized routing (SD-WAN)
- Reduces reliance on legacy MPLS and centralized data centers
- Simplifies branch infrastructure and vendor management
- Enables secure direct access to cloud and SaaS applications
- Aligns branch environments with Zero Trust security principles
- Scales easily as new locations are added
Related services
Cyber Security Bundles
End Point Protection
