SD-WAN and security in one cloud strategy
A secure access service edge from one provider
In 2019, Gartner coined the term Secure Access Service Edge (SASE, pronounced “sassy”) defining this new category of solutions as “converged offerings combining WAN capabilities with network security functions.” These solutions consolidate a swath of network and security capabilities into a single cloud-based service from one provider. SASE solutions typically include SD-WAN, Firewall as a Service (FWaaS), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), as well as features and capabilities needed in a Zero Trust network access environment.
By uniting point solutions into one cloud platform, technology silos are broken and IT complexity is replaced by visibility and ease of management. The end result is a synergy across both IT domains; under the SASE model network and security have officially come together.
Digital transformation inverts network and security service design patterns, shifting the focal point to the identity of the user and/or device — not the data center. Security and risk management leaders need a converged cloud-delivered secure access service edge to address this shift.
SASE solutions are delivered as a service, helping enterprises transition from hardware to software, reducing costs with multi-tenancy, and supporting a remote, distributed, and mobile workforce.
SASE offerings cater to companies doing business across multiple regions or countries with a software-defined network for low-latency routing across worldwide points of presence.
User identities and individual devices (not the data center) are the focus for SASE, so access to identity analytics and user activity tracking capabilities are key.
SASE services place emphasis on flexibility and security at the edge, where branch locations, cloud applications, and mobile and IoT devices connect.
Security must be intrinsic to the network, and Masergy has been uniting the two IT domains into one service strategy for years. Masergy embeds security into our SD-WAN and private SD-network, meeting the key tenets of the SASE model. Plus, clients get the freedom to choose from a wide menu of other network and security services.
CASB monitors and controls access to cloud applications and environments
Cloud Workload Protection monitors data residing in cloud-hosted environments
Office 365 security monitoring provides managed detection and response for Microsoft’s productivity apps
Cloud-based application control and content filter
Granular per-app and per-user visibility with Identity-Based WAN Analytics
Unified threat management to inspect all north/south (server-to-server) IP traffic on your WAN
Per-user statistics across all applications
User activity tracking
Real-time analytics available on-demand
Building security analytics into the network portal has a transformational impact across both IT domains. In 2017, Masergy started doing just that. Very quickly, clients noticed greater visibility for network performance optimization and accelerated security alerting, investigation, and threat response services. With years of maturity, Masergy’s SD-WAN portal includes these security features:
Be wary of [SASE] vendors that propose to deliver services by linking a large number of features via VM service chaining, especially when the products come from a number of acquisitions or partnerships. This approach may speed time to market but will result in inconsistent services, poor manageability and high latency.
While SASE’s solution medleys are refreshing in the age of IT complexity, it’s more important than ever to avoid those that leave IT teams stymied by multiple dashboards. The degree to which the underlying SASE architecture is standardized distinguishes seamless SASE platforms from mere solution sets where vendors have cobbled together parts and pieces.
The key is to have one transparent ecosystem where all SASE capabilities share a common infrastructure for superior interoperability and visibility from edge to edge. Solution providers typically use their own private network to serve as the underlying platform, and it’s here where Masergy’s underlying network architecture stands out.
IT leaders can’t focus on innovation when they are worried about how the network and security will work together. In fact, network and security approaches should be consistent across the two IT domains.
For instance, network segmentation and data protection strategies used inside the LAN should also be mimicked in the WAN—as one unified strategy. Masergy’s SD-WAN solutions are designed to create an enterprise-wide standard for network and security, helping companies unify IT operations and adhere to convergence best practices.
What is SASE and how is it a new way to address the needs of both the network and security? Here are five simple lessons for understanding SASE.
Zeus Kerravala, Principal Analyst at ZK Research, offers his guide to investing in SD-WAN for digital transformation. Get key recommendations and a checklist for selecting a service provider.
Planning a move toward SASE? Here are three ways to make apples-to-apples comparisons, teasing out the differences in solutions.
Power your digital transformation with flexible solutions that improve cloud application performance and increase agility. Learn more about Masergy's SD-WAN Secure.
Explore why Frost & Sullivan analysts named Masergy the most innovative SD-WAN service and see how Masergy benchmarks against others.
When it comes to SASE validity, there are lots of opinions. Here’s a look from all sides and tips for how to evaluate SASE architecture.
New SD-WAN features translate into more choices for IT leaders. Learn the key touchpoints for decision making with this Nemertes Research guide.
SASE is consolidating best-of-breed technologies into one cloud service, and it’s here where the Masergy-Fortinet offering stands above the rest.
Ask people what SASE is and you’ll likely get 10 answers. While the newness of SASE is a factor in the confusion, here’s what SASE is and what it’s not.
With more employees working from home, many IT leaders are putting SD-WAN in the fast lane. Highlights from an IDG study show the 2020 SD-WAN trends.
Remote work is redefining the WAN, so what is needed now? Nemertes Research explores SD-WAN, cloud security, and secure remote access.
Are firewalls becoming a dividing line between SASE strategies? Why some IT leaders choose a cloud-managed approach over a cloud-native one.