Think of SASE as a Framework — Not a Checklist
According to a recent study, 94% of IT leaders have accelerated adoption of SASE solutions to make digital services and hybrid work sustainable for the long term. With the masses (98%) flocking to these solutions for their ability to converge networking and security, it’s important to understand SASE within a broader context around its definition. In fact, some IT professionals find it far more helpful to stop focusing on what SASE is exactly and take a step back, thinking of it as a framework or approach instead of a checklist for success.
To unpack this, let’s start with Gartner’s definition of SASE, as this is the information IT leaders typically get when they first inquire about converged solutions.
Gartner coined the acronym secure access service edge (SASE), describing it as offerings combining SD-WAN capabilities with network security functions. This new category of solutions combines five components into one platform:
- Firewall as a Service
- Cloud Access Security Broker (CASB)
- Secure web gateway
- Zero Trust network access
While this concrete list makes SASE instantly tangible and easy to understand, the problem is it creates a tendency for IT leaders to think of it as a recipe, using the components as ingredients for success. It becomes a formula of checkboxes, making it easy to forget about what SASE is trying to accomplish, how it should guide your IT strategy, and how it should work within your specific environment.
Why a Checklist Approach to SASE Can be Problematic
Masergy has encountered many executives adhering to this strict definition of SASE. The result is often frustration and even the creation of new IT problems. Taking the five components as hard-and-fast rules can even cause unforeseen issues with application performance, security, or both. That’s because critical thinking gets missed with a prescriptive approach.
For example, SASE is a forward-leaning solution that emphasizes cloud-based technologies and approaches, but solutions shouldn’t dictate design. IT leaders should still be asking questions like:
- Does this mean every component MUST be in the cloud?
- Are there cases when it makes sense for some SASE parts and pieces to remain on-premise? If so, when and with which components?
- Does my solution allow for design and deployment flexibility?
Given that most IT infrastructures are hybrid environments, with data both in the cloud and on-premise, you may want to design your solution to match.
At Masergy, we find IT leaders come up against SASE challenges, particularly when it comes to next-generation firewalls and the related components of Zero Trust Network Access and Secure Web Gateway. Cloud firewalls, like SWG and ZTNA, are all right there in the SASE recipe, and indeed they are very nimble and easy to manage. However, firewalls don’t have to be in the cloud in order to gain the ease of centralized management, and there are still instances when cloud firewalls may hurt application performance.
Our advice: security policy should be enforced wherever it needs to be enforced, without degrading application performance – whether it be on-premise, in a data center, in the cloud, or even on the endpoint. Digging into these nuanced judgment calls can make the difference between success and a flop.
Using SASE as a Framework
Instead of strict adherence to a checklist, many find it’s better to take a framework approach. First, understand what problem SASE solves and validate that you share this challenge, and then tailor your perfect solution to get there. Too often IT teams get caught in the minutiae of the various technology definitions and capabilities, instead of keeping their eye on the end game.
Think of it this way: At its core, SASE improves security and optimizes application performance.
How these goals are best accomplished will vary widely, as each company is unique with its own IT architecture, risks, security gaps, internal expertise, and existing technologies already in place. While one business may need all five components, another may need only one or two. In fact, it’s not all that different from network solution design. For instance, each site’s transport needs may vary based on individual requirements. MPLS, Internet, wireless, etc. can all be part of the overall network solution, just as SD-WAN, FWaaS, and SWG can be part of a SASE solution individually or as a collective group.
Still, other companies may need more than SASE – it’s not always considered an exhaustive solution. For instance, managed detection and response may be a critical add-on, as many need the help of a 24/7 team of security analysts. Meanwhile, others argue machine learning and SASE should be working together for stronger innovation.
Another thing to note: Because many security capabilities overlap, SASE can be a confusing landscape to navigate. For instance, Next generation firewalls include SWG and ZTNA principles that may satisfy the security goals of many organizations.
In the end, companies and their IT leaders should focus on their desired SASE outcomes, improving security for clouds, users, and endpoints, and optimizing application performance for all users at all locations. Let your own use cases dictate your technology needs, not the other way around. Pick the network and security components you need to accomplish your goals.
Interested in how SASE can improve your business?
Call us now to arrange a consultation (866) 588-5885.
Or arrange for a consultation through our request form.
Three Considerations for Creating a Future-Ready Enterprise
Learn about what business leaders should do to create a technology-forward, future-ready enterprise.
Delivering On The Digital-First Promise: How To Meet Heightened Demand With Less Risk
The best digital strategies foster an IT ecosystem where checks and balances allow emerging technologies to synthesize with security and the network.
AI Can Automate Your Network: Buyer’s Guide from ZK Research
Want to use AI to automate your network? These three tips from ZK Research serve as a buyer’s guide for AIOps success.
Sorting Out the Differences in SSE, SASE and SD-WAN
Running a network, connecting users to information, and defending enterprise data have all been becoming interdependent workloads. This article will help buyers sort out what they need and who offers the best solutions in each category.
Masergy Acquisition helps Comcast Business be Named a 2022 Market Leader for Managed SD-WAN Services and SDN Transformation Services by ISG
Solution advancements as well as the increased capabilities gained from Masergy make Comcast Business an SD-WAN 'Leader'.
New 2022 SASE Market Trends Study Shows Solutions Exceed Expectations in Remote Work Connectivity and Security
Distributed workforce trends and digital services accelerate SASE investments, according to CIO research sponsored by Masergy and Fortinet.
CIO Survey Says SASE Solutions are Exceeding Expectations
New research from CIO reveals which SASE features early adopters prioritize and where benefits payout beyond initial predictions.
Masergy, Fortinet, and Ingram Micro Trailblazing SD-WAN for Resellers with New Managed Services Sales Route
Offering enables resellers to easily scale their businesses, meeting growing demand for network and security services supporting hybrid work.
The Transformation Trifecta at the Heart of the Hybrid Work Revolution
How sustainable is your hybrid work strategy? It's time to unite the disciplines of connectivity, cybersecurity and collaboration.
Masergy Wins “Editor’s Choice MSSP of the Year” Global InfoSec Award During RSA Conference 2022
As a leading managed security services provider, Masergy earns one of Cyber Defense Magazine’s most prestigious awards. Here’s why.
Getting Software‑Defined Network as a Service (SD‑NaaS) Right
Explore modern SD-NaaS, understanding benefits, drawbacks, ways to get started, and considerations when selecting your provider.
The Comcast Business Story – An Overview
Comcast Business and Masergy have joined forces - We are your one provider for all your secure networking needs.
SEVEN leaders from Comcast Business and Masergy recognized on CRN’s 2022 Women of the Channel List!
New Distribution Route Makes SD-WAN Services Frictionless for Resellers
Can you hear me OK? How to keep video conferencing from dragging down your network
A more reliable network service is non-negotiable when relying on video conferencing for hybrid work. Here’s what IT leaders should consider.
Making the Business Case for SASE
Want to make SASE a no-brainer? Explore the essential elements for justifying your investment, and leveraging your existing initiatives to get started.
Masergy Awarded 2022 TMCnet Remote Work Pioneer Award
Masergy succeeds in making remote work actually work well for IT teams in the long run.
Masergy Awarded 2022 INTERNET TELEPHONY SD-WAN Product of the Year Award
Masergy’s SD-WAN demonstrates the innovation, vision, and execution to deliver software-based networking tools driving upward market trajectory.
Masergy Acquisition Helps Comcast Business Achieve #2 Position in 2021 U.S. Carrier Managed SD-WAN Services Leaderboard
As the fastest growing SD-WAN company, Comcast Business takes second position, thanks to organic growth and Masergy.
Masergy Wins Fortinet’s MSSP Partner of the Year Award
The award recognizes Masergy's exemplifying innovation, growth, and strategic business alignment with Fortinet.
AIOps lessons learned: Be careful when selecting a vendor
The path to AI raises several questions. Where should you start? Learn how AIOps can make operations speedier and more efficient.
Masergy Named as a Visionary in 2022 Gartner® Magic Quadrant™ for Network Services, Global for Sixth Consecutive Year
Masergy today announced it has been named a Visionary in Gartner, Inc.’s March 2022 Magic Quadrant for Network Services, Global, report.
Improve your hybrid workplace video experience: Proven approaches for multi-cloud application performance management
Companies need guaranteed performance between their enterprise network and the UC provider’s service network. Here's how to ensure it.
Meeting the moment for hybrid work cybersecurity
A growing number of cyberattacks and the explosion of hybrid work have pushed security resources to the brink, exposing the need for more managed services backed by machine learning.