VMware Inc. is extending its offerings in the white-hot Secure Access Service Edge arena to the farthest reaches of corporate networks with the announcement of new support for edge devices delivered across a constellation of global points of presence.

VMware Cloud Web Security, which is being launched today, is a cloud-hosted service that extends the company’s software-defined wide-area network and Secure Access products to connect applications to other services on the network and in the public cloud with security enforced along the way. The software is delivered through a global network of more than 150 VMware SASE points of presence or POPs that the company can said can reach 80% of the world’s population with sub-10-millisecond latency.

SASE is a term coined by Gartner Inc. that combines SD-WAN with network security services such as cloud access brokers, firewall-as-a-service and cloud access security brokers into a single cloud-delivered package governed by zero-trust principles. Gartner Inc. has forecast that 40% of enterprises will adopt SASE by 2024, up from fewer than 1% at the end of 2018.

The cloud security concept is catching on as an alternative to perimeter-based approaches such as virtual private networks. Those proved to be bottlenecks and even vulnerabilities as large numbers of office workers shifted to work-from-home scenarios during COVID-19.

VMware Cloud Web Security combines SSL encryption, a cloud access security broker, zero-trust network access and AIOps, a term for machine learning analytics applied to information technology operations. The aim is to enable IT organizations to control the websites employees can access and filter content to prevent malicious uploads or downloads.

The new edge capabilities are positioned between the 5G wireless and SD-WAN layer at a service provider’s facility and the application higher in the operating stack. It can draw on 5G services to improve latency or performance, while simultaneously delivering specific security capabilities to applications running in the cloud or workloads moving to the edge, the company said. This enables companies to specify the most appropriate combination of bandwidth and security for their needs.

VMware consolidated its SASE and 5G operations to develop the Cloud Web Security bundle, said Sanjay Uppal, senior vice president of the company’s service provider and edge business unit. Uppal was previously chief executive of VeloCloud Networks Inc., which VMware acquired nearly four years ago.

“We’re trying to up-level our POPs, which were already multitenant and multiuser,” Uppal said. “Now they will be multiservice.”

Since introducing the POP network with SD-WAN capabilities, VMware has layered on secure remote access and AI Ops with the new edge features being the latest addition. VMware said the combination can give IT operations visibility not only across the SD-WAN but also into the customer’s local area network.

VMware also has a partnership with Zscaler Inc. that provides access to that company’s network of more than 150 regional data centers.

Having the ability to apply security controls at a granular level means organizations can split application logic depending on desired response times. For example, a retail store might verify a shopper’s identity and print a customized coupon using an edge computing node while sending a request to the cloud for the person’s purchasing history.

“The network of POPs allows you to go to your data center as well as any branch and any cloud provider,” Uppal said. “The administrator sees applications and users, defines a security profile and everything else is run for you as a service.”

Image: Pixabay/Pexels