John Smith, Founder and CTO at LiveAction, tells us there are many important elements to consider when adopting a SASE strategy. He reviews five key areas and explores why they’re essential.
Secure Access Service Edge (SASE) is an emerging product category that involves integrating SD-WAN, secure remote access (e.g remote VPNs) and cloud-based security into a single solution. It promises to increase flexibility around cloud-based infrastructure, reduce costs and complexity, improve performance and better protect users, devices and data.
While many SD-WAN and security vendors have started pivoting to offer SASE solutions, few have delivered a complete solution. As a result, there is confusion in the market around adoption. According to a recent EMA WAN Transformation Report, 10% of organizations report they’ve completed a SASE deployment and 28% claim partial implementation. Given that there are so few complete solutions available, EMA believes overmarketing by SD-WAN vendors is inflating these numbers.
Regardless, the future of SASE is bright and offers tremendous value for enterprises. In fact, the increased need for remote user support during the pandemic has spurred much of the sudden acceleration around SASE deployments. EMA’s report showed that a whopping 51% of respondents have accelerated their SASE projects over the last year. Furthermore, Gartner predicts that by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at the end of 2018.
What are some key attributes of SASE?
There are many important elements to consider when adopting a SASE strategy. Let’s review five key areas and explore why they’re essential.
- Integrated operational visibility – It’s important to have network and security visibility into all the ways users access applications and resources across the enterprise footprint, whether remote, in the public cloud or on the network. Respondents ranked this attribute as the most important in EMA’s WAN Transformation Report.
- Direct cloud access – Cloud adoption is a priority, especially during this pandemic. Having fast, reliable access to cloud resources has become critical for employees, partners and customers, whether that’s work from home (WFH) users or specific applications operating in a hybrid cloud.
- Secure remote access – This has become a focal point during the pandemic and a primary element in supporting Business Continuity. Whether it’s accessing cloud applications for work, such as Salesforce or Office365, or accessing proprietary applications such as call center systems, having secure access for WFH employees has become basic table stakes (and security is a critical factor).
- Site-to-site SD-WAN connectivity – This provides flexibility and cost savings, making it possible to use more Internet at a lower cost. Or it can help load balance away from traditional MPLS circuits so organizations can more easily connect to the cloud and simplify management.
- Cloud-based, multi-function network security – The cloud makes it easy to centrally manage SASE and the associated policies. Having the security capabilities in the cloud allows for instant scalability and multiple points of presence, which relieves the problems with previous VPN-based solutions.
What is the role of visibility in SASE?
The complexity of SASE can make visibility challenging for IT. There are a variety of elements at play. If something does go wrong, how do you isolate the problem or domain? Is it the local network, SD-WAN device, cloud presence, security device, etc? Is it a problem with network traffic, applications, users? Today, analytics platforms are being used that work with SASE to provide a vendor-neutral view into deployments and the ability to analyze telemetry for network, security and compliance purposes. These solutions also offer end-to-end views once the traffic exits SASE into the branch, data center, colocation, or public and private cloud.
Don’t be fooled; visibility plays a critical role in SASE. It allows IT to better understand network and application traffic and verify that policies and their intent are working as designed. It also enables troubleshooting and the remediation of network and/or security issues. So as issues arise, IT can identify the root cause and understand the most appropriate remedial action to take. Finally, having a level of granular visibility from an end-to-end perspective allows IT to understand what is being sent and received through the SASE system and how the application traffic works from end-to-end.
How to evaluate SASE solutions
Given that SASE involves the consolidation of multiple technologies, there are technologies entering the market from various network security, cloud-based security and SD-WAN companies. They all make grand promises. But the reality is you’ll need to work with multiple organizations (at least two) to deploy SASE today. Interestingly enough, according to EMA, just 16% of organizations prefer a purpose-built SASE solution.
When making a selection, consider the following questions:
- How mature is the technology? – Are the network or security features fully baked? Is it completely integrated, separate, or does it allow for integration with other solutions? Depending on any existing vendor relationships, an all-one-solution could make sense (but most will need to be an add-on).
- Is it cloud-managed? – Is all of the functionality easily managed through a centralized cloud-based service? If so, how is this done? This can be important for reducing the complexity and management of a SASE solution.
- What are the cloud integration capabilities? – Does it easily provide access to the public cloud and offer private cloud connectivity through colocation and remote sites? This is important as more applications live in a hybrid cloud model.
- Does it offer scalable, secure remote access? – Does it include a scaled approach to remote user access, with respect to points of presence that allow for better performance from various locations mapping to customer needs?
SASE is changing how organizations think about securing and accessing connections to data and applications. Understanding the key elements of SASE and the role of visibility can help your team as they start or continue this deployment journey.Click below to share this article