SASE vs. SASE+Plus

Secure Access + Secure Applications

What is SASE+Plus

Secure Access Service Edge – SASE (pronounced SASSY) is the virtual embedding of security functionalities into the network for access technologies. Access technologies include access devices such as computers, mobile devices and IoT / OT technologies, as well as access networks like branch offices, headquarters and even remote home networks.

SASE secures a variety of access technologies, no matter their type or location, by steering all communications to a SASE provider to secure both the communications and the access technology.

SASE offers many advantages over traditional approaches to security. It consolidates and simplifies security for access devices, centralizes management and can eliminate security products used for access security such as edge firewalls and SD-WAN devices.


Traditional reference architecture
to protect hybrid architecture.


SASE replaces the infrastructure needed for access security and access connectivity with a simple security utility.

However, SASE does not protect the backend systems and applications that access technologies connect to. The various backend clouds, SaaS and data centers need to be interconnected and secured. This still requires a host of security technologies such as Cloud Access Security Brokers (CASB) as well as hardware and virtual Next Generation Firewalls (NGFW) at minimum.

Acreto Secure Application and Data Interconnect (SADI) provides security and inter-connectivity for all backend clouds, SaaS and data center systems that need to be accessed. SADI eliminates the need for traditional security hardware and manual interconnection for your applications and servers.


SASE+Plus provides all the security and connectivity resources you need to connect and secure your access and backend with a single simple security utility.

Ecosystem Security

ecosystem security

An Ecosystem is a dedicated security container for a specific application and all of its associated users, devices, services and third-parties that need to interoperate with that application.

Your organization can use multiple Ecosystems to secure different applications. For example, a bank could use a separate Ecosystem for each of the following:

  • Teller & Platform systems
  • Web Site & Mobile Banking
  • ATM network
  • Video Surveillance
  • Keycard Access
  • HVAC & Physical Plant
  • Guest Wifi
  • Banking Ledger Application
SASE ecosystem security

Because Ecosystems are network agnostic, participating applications, technologies, users and third-parties can be located anywhere and even operate while mobile. Acreto SASE+Plus Ecosystems support any type of network including LTE, 5G, Wifi, Ethernet, Satellite, Packet Radio and more. This makes it particularly well-suited for highly distributed and mobile applications.

Per Application Dedicated Infrastructure

The problem with some SASE technologies is that you have to lower security standards to use them. Why? One of the advantages of using separate security products was the segmentation they provided. With some SASE technologies, everything is in a shared pool. Not only are all of your previously segmented technologies in a shared pool, but so is every technology from every other customer of the provider.

Each Ecosystem is a completely independent and dedicated security infrastructure – not per customer, but per application! Ecosystems are completely isolated from any other Ecosystem.

ecosystem security

Dedicated Ecosystem infrastructure components include:

  • One or more enforcement engines
  • Data flows and data paths
  • Data set and policies
  • Database
  • Vault


SASE ecosystem

Ecosystem protections go well beyond the combined use of Micro-segmentation and Zero-trust. Acreto’s Patented Nano-Segmentation technology secures platforms end-to-end by individually isolating and protecting each device, cloud, SaaS, network and IoT/OT. This shields each Ecosystem participant from the Internet as well as all other Ecosystem participants.

100% Virtual End-to-End

SASE ecosystem

Ecosystems deliver 100% virtual end-to-end security. Beyond just secure application access, you can secure your entire end-to-end infrastructure without hardware, licenses, logistics and experts. Best of all, you can do all of this from anywhere – your desk or even your phone.

Self-Cleaning Policies

SASE ecosystem

Creating an Ecosystem only takes a few seconds without the need for any special skills, resources or planning.

Each Ecosystem is controlled by a dedicated policy set. When you disable the Ecosystem, the policies are automatically disabled. Deleting the Ecosystem automatically deletes all associated configuration data, including the policies. You never have to worry about orphan policies that remain exposure points years into the future.

Interested in seeing Acreto SASE+Plus in action? Let’s start with some basic information.

    Interested in seeing Acreto SASE+Plus in action? Let’s start with some basic information.

      Interested in seeing Acreto SASE+Plus in action? Let’s start with some basic information.

        Interested in seeing Acreto SASE+Plus in action? Let’s start with some basic information.