Casb on Security in 45 | Cisco Security Podcast

SASE vs SSE vs ZTNA: Understanding the Key Differences

Mon, 30 Mar 2026 00:00:00 +0000

If you have spent any time evaluating modern security architectures, you have probably run into a wall of overlapping acronyms: SASE, SSE, ZTNA, SWG, CASB, DLP. Each vendor defines them slightly differently, analyst firms keep refining the categories, and the marketing noise makes it genuinely difficult to understand what you actually need to buy, build, or migrate toward.

The confusion is not accidental. These frameworks evolved over several years as Gartner and other analysts tried to keep pace with how organizations were shifting from on-premises data centers to cloud-first, hybrid workforces. The result is a set of nested concepts that are easy to conflate but critical to distinguish when you are making architecture and procurement decisions.

Endpoint Detection and Response: Zero Trust Security With Cisco

Wed, 02 Oct 2024 00:00:00 +0000

 Endpoint security has evolved from a simple antivirus checkbox into a critical battleground in modern cybersecurity defense. With attacks becoming increasingly sophisticated—from fileless malware to zero-day exploits—organizations can no longer rely on traditional perimeter defenses alone. The shift toward [zero trust](/pillars/zero-trust/) security principles means every endpoint must be verified, monitored, and controlled, regardless of whether it's in the office, at home, or anywhere in between. In this episode, Mike and Andres explore how Cisco Secure Endpoint addresses these challenges with a comprehensive platform that combines prevention, detection, and response capabilities into a single, integrated solution.

What This Episode Covers

Endpoint Detection and Response (EDR) — How advanced threat detection works beyond signature-based detection
Endpoint Protection Platform (EPP) — Real-time malware and ransomware protection capabilities
Zero Trust Security — The principles behind modern endpoint security architecture
Vulnerability Management — Identifying and prioritizing endpoint vulnerabilities for patching
Data Loss Prevention (DLP) — Protecting sensitive data from exfiltration
Network Access Control (NAC) — Enforcing device health and identity-based access policies
Centralized Management — Unified administration and visibility across endpoint fleets
Integration Strategy — How Cisco Secure Endpoint works within a broader security ecosystem

Deep Dive

Endpoint Protection Platform: The First Line of Defense

An Endpoint Protection Platform (EPP) is the foundational layer of endpoint security, designed to prevent threats from ever executing on your devices. Think of it as your security team’s first checkpoint—it examines files, processes, and network communications in real time to block known malware, viruses, and ransomware before they can cause damage.

Zero Trust Network Access: Cisco Secure Access Explained

Wed, 02 Oct 2024 00:00:00 +0000

 The traditional perimeter-based security model is dead. As organizations embrace hybrid work, cloud-first strategies, and multi-device workforces, the old castle-and-moat approach simply doesn't cut it anymore. [Zero Trust](/pillars/zero-trust/) Network Access has emerged as the gold standard for modern enterprise security, but understanding how to implement it effectively requires grappling with complex architectural concepts and integration challenges. This episode dives deep into how Cisco Secure Access brings Zero Trust principles to life through an integrated platform that assumes no user or device is trustworthy by default.

What This Episode Covers

Cisco Secure Services Edge (SSE): The foundational platform combining network access control (NAC), identity-based access control (IBAC), and endpoint security
Secure Web Gateway (SWG): Web-based threat protection against malware, phishing, and ransomware
Cloud Access Security Broker (CASB): Safeguarding cloud applications and data from unauthorized access
Zero Trust Network Access (ZTNA): Identity and device posture-based access control regardless of user location
Secure Internet Gateway (SIG): Defense against internet-based threats including DDoS and APTs
Integration and ecosystem: How Cisco Secure Access works seamlessly with other Cisco security solutions

Deep Dive

Understanding Cisco Secure Services Edge (SSE)

Cisco SSE represents a fundamental shift in how organizations think about network security. Rather than relying on IP addresses and network location to determine trust, SSE implements a multi-layered approach that evaluates every access request based on multiple factors.

Zero Trust Security Strategy: Expert Insights on Implementation

Wed, 02 Oct 2024 00:00:00 +0000

 In an era where traditional perimeter-based security has become obsolete, organizations are racing to adopt a fundamentally different approach to protecting their digital assets. [Zero trust](/pillars/zero-trust/) security—a concept that's been around for over two decades—has finally moved from industry buzzword to business imperative, especially as remote work, cloud migration, and sophisticated threat actors have rendered castle-and-moat security architectures dangerously ineffective. But implementing zero trust isn't about buying a single product or flipping a switch; it's a strategic journey that requires careful planning, the right mix of technologies, and a commitment to continuous improvement. In this episode of Security in 45, hosts Mike Veedock and Andres Sarmiento explore what zero trust really means, how to approach implementation, and the critical technologies that make it work in practice.

What This Episode Covers

The origins and evolution of zero trust as an industry concept
Why zero trust is fundamentally different from traditional security models
The role of multi-factor authentication (MFA) in zero trust strategies
Endpoint protection and network segmentation as core pillars
Real-world examples of zero trust in consumer and enterprise contexts
The importance of balancing security with user experience
Why a multi-vendor approach is essential to comprehensive zero trust deployment
Practical considerations for planning and implementing zero trust initiatives
Common pitfalls and how to avoid rushing implementation

Deep Dive

Understanding Zero Trust: Beyond the Buzzword

Zero trust isn’t a new invention—the concept emerged more than 20 years ago as security professionals recognized that the traditional model of “trust but verify” was fundamentally flawed. In a zero trust framework, the basic assumption is inverted: nothing is trusted by default, whether it originates from inside or outside the network perimeter. Every access request, every user, every device, and every application must be verified and validated before granting access.