This article was originally published on Telecom Reseller.
The cloud and the urgent need to secure data everywhere are dramatically changing the network and security. These forces are demanding a new type of IT infrastructure–one where the network and security come together into one cloud platform and one service from a single provider. This is the concept behind secure access service edge (SASE). It’s the latest SD-WAN solution framework from Gartner. While SD-WAN is a network-as-a-service, SASE is a network-security-as-a-service. See “What is SASE?” Here’s how SASE solutions deliver real business value.
The cloud moved your network off premise: IT has grown up focusing on the data center and IT security, but today IT users and networks are behaving quite differently than in the past. According to Nemertes Research, the WAN as we knew it is over. Just 39% of enterprise WAN traffic originates from, and terminates on, enterprise premises. The remaining 61% either originates from an off-premise site (such as a home-office), terminates on an off-premise location (such as an IaaS, PaaS, or SaaS cloud workload) or both (remote office to cloud). This is due to the fact that:
Today, companies must secure data everywhere: Moreover, today centralized data center security no longer delivers the required protection. Data will still exist in the data center but it will also exist in sites such as Salesforce, social media, and many other services. The level of security at each of these locations may or may not be adequate, meaning most enterprises may need to take significant action so that its entire environment meets security, privacy, and compliance requirements. Here are some of the challenges driving the need for SASE’s converged network and security model:
SASE solutions solve these challenges because it’s a cloud-based network and security service that can be applied anywhere–it’s not data center focused. SASE also uses an identity-based approach to security–network access is evaluated based on the individual user or endpoint device. Solutions and services include:
This real-time solution employs security and compliance policies all while evaluating risk during the sessions.
Plus, it helps with today’s more distributed IT environment. Secured entities can be internal and external people or groups of people and devices–think group collaboration sessions, at-home devices, cloud applications, IoT systems, and edge computing.
Combining SD-WAN and SASE together in a single market with a single provider allows the enterprise to respond faster with greater control in response to COVID-19 and the expansive growth of work-from home (WFH) users. SASE improves sensitive data awareness, secures the data, and provides threat protection especially for WFH and branch users.
Business benefits of SASE
Moving to SASE should be justified on a business foundation as well as a technical foundation. Business rewards include:
Technically you can take a DIY approach to each of SASE’s five core capability areas, but doing so may increase your IT complexity. SASE is extremely valuable for companies seeking to cut down on the number of technology providers, technology integrations, day-to-day network performance management, as well as the security firewall alert management and responsibilities of threat response. The technologies, people, and skill sets needed for 24/7 IT operations have become significant pain points for businesses of every size, and SASE is uniquely designed to address this issue in today’s multi-cloud business model.
Whereas traditional SD-WAN solutions typically include only bundled firewalls and secure web gateway, SASE multiplies the security value of an SD-WAN investment by condensing five different individual industries into a single cloud platform delivered as a service from one partner. As the SASE market matures and the interoperability between its five core capabilities becomes even more seamless, only the largest enterprises (with more IT resources) will want to continue a point-based or multi-vendor approach to all those IT needs.
This becomes particularly evident today when companies are leveraging the cost benefits of the public internet. Firewalls are necessary, meaning that unified threat management and SOC response teams work best when delivered by the SD-WAN or SASE managed service rather than DIY. This aspect alone can cost justify a managed service over a DIY approach.
In the end, security must be intrinsic to the network infrastructure with a variety of ancillary security functions all working in unison with SD-WAN. SASE makes that far easier, and a managed service model leads the way, freeing your IT resources to focus on transformative initiatives.
Read more articles in the SASE Straight Talk series:
The SASE conversation continues online–follow Masergy on Twitter!
Learn about what business leaders should do to create a technology-forward, future-ready enterprise.
The best digital strategies foster an IT ecosystem where checks and balances allow emerging technologies to synthesize with security and the network.
Want to use AI to automate your network? These three tips from ZK Research serve as a buyer’s guide for AIOps success.