- CISA has released new guidance to help federal agencies adopt SASE as part of their zero trust modernization efforts
- The resource supports agencies transitioning from legacy TIC 2.0 architectures to the more flexible TIC 3.0 framework
- SASE approach is designed to enhance network visibility, security controls and user experience
The Cybersecurity and Infrastructure Security Agency has released a new guide to help federal civilian agencies advance zero trust capabilities by adopting Secure Access Service Edge, or SASE, architectures under the Trusted Internet Connections, or TIC, 3.0 initiative.
Learn more about the priorities shaping DHS’ future at the Potomac Officers Club’s 2026 Homeland Security Summit on Nov. 12, where department leaders will discuss border security, AI, cyber defense and mission modernization. Register today.
Why Did CISA Publish the Guide?
The agency said Wednesday the guidance, part of its Journey to Zero Trust series, is intended to help agencies transition from legacy TIC 2.0 architectures and take advantage of the flexibility offered through TIC 3.0. The approach is designed to enhance the user experience, expand visibility and control and facilitate telemetry sharing with CISA services. The agency said the resource is aimed at helping technical leaders and enterprise architects plan and implement zero trust architectures.
CISA has been expanding the TIC 3.0 framework since 2024, when it finalized the cloud use case and updated supporting security guidance for cloud, branch office and remote user environments.
How Does SASE Address Legacy Network Challenges?
CISA said many legacy environments rely on perimeter-based security models that route network traffic through centralized controls. The evolving cyberthreat landscape, combined with agencies’ cloud transition and remote workforces, has exposed the limitations of traditional perimeter-based security approaches. The guide outlines how SASE can replace existing managed Trusted Internet Protocol Services connectivity to reduce latency while enhancing visibility and control over network traffic.
Who Can Benefit From the Guidance?
Aside from federal civilian agencies, state and local governments and critical infrastructure organizations pursuing zero trust architectures can also leverage the guide. The publication expands CISA’s ongoing Journey to Zero Trust series, which launched last year with guidance on microsegmentation and continues to provide resources on modern cybersecurity architecture and capabilities.
