There has been a dramatic shift in the way organizations operate over the past two years. Now the work-from-anywhere environment is the norm, largely due to COVID-19 and the explosion of remote working, which means people now connect to networks from multiple locations, often at various times.
As a result, organizations are increasingly turning to solutions such as Secure Access Service Edge (SASE) to provide flexibility, agility, and quality of network service, while also guaranteeing maximum security. SASE is a rapidly emerging approach, essentially creating a secure bridge between user access and the service edge (the cloud, data center, corporate network, internet). SASE establishes secure access based on the identity of an individual, device, application, or service. Simply put, the goal of SASE is to provide secure work-from anywhere user access to all applications and data, no matter where the user is located. It combines SD-WAN and networking capabilities with security functionalities via the cloud so that organizations can manage security at the edge more effectively.
However, with so many companies now claiming to offer SASE, Gartner published a report earlier this year comparing 56 solutions, and more have no doubt emerged since then. It can be confusing for organizations to identify the right SASE fit for their business. Before selecting a SASE provider, organizations need to be clear about their objectives for their SASE implementation with respect to security capabilities, integration, and performance.
At a high level, deploying a SASE solution should help organizations deliver optimal user experience, mitigate network vulnerabilities, increase security, and reduce IT complexity and costs through a single service. That may sound like a tall order, but with those benefits, it's clear to see why the demand for SASE is booming and why SASE is one of the fastest-growing tech segments.
A few elements from the vast array of SASE offerings to consider:
When evaluating which SASE solution best meets their unique networking and security needs, organizations need to ensure that flexibility is a top consideration. Organizations should look for a truly flexible SASE implementation that is integrated, one which will deliver a cloud-native infrastructure and also offer cloud instances regardless if the deployment is on public or hybrid clouds or on-premises, to any location and application type. Organizations should consider a flexible SASE architecture that reduces the burden on IT teams by simplifying the complexity of cloud or on-premises deployment while also delivering quality end-user experiences.
A main function of SASE is seamlessly linking network security and networking performance together. The SASE solution of choice should deliver a highly consistent and predictable quality of experience on the network for users, with security being agile, flexible, and dynamic enough to serve every user and resource no matter what the device or location. Organizations should look to deploy a solution that allows them to integrate capabilities from the SASE vendor with third-party solutions. This will equip them to use SASE as an extension of legacy solutions and support those third-party solutions that address any gaps in the primary SASE vendor’s capabilities. Also important, make sure the SASE vendor’s cloud solutions are consistent with their on-prem solutions to ensure operational efficiency.
It is particularly important to ensure the SASE solution’s cloud security services are combined with its SD-WAN capabilities in a single software stack to minimize operational complexity and to avoid potential software incompatibilities as well as maintenance and/or upgrade problems.
Organizations’ SASE solution of choice should centralize all security and networking into a multi-tenant, automated cloud-native software stack eliminating complexity and cost for the business. Genuine multi-tenancy includes multi-tenancy within the SASE security stack and the control system to allow role-based access to the critical policy setting control functions.
Scalability for the future
Organizations should consider a SASE solution that meets the current networking and security requirements of the organization today but is also equipped to address the evolving needs in the future. SASE should have a future-proof design and architecture to support flexible application programming interfaces (APIs), standard protocols, and integration with an organization's existing and planned future infrastructure.
Viable SASE options must support the new waves of technology, such as bring-your-own-devices (BYOD), Internet of Things (IoT) devices, virtual reality (VR), and unified communications as a service (UCaaS), which all come with their own unique security and connectivity challenges. When planning for a SASE solution, it is critical to consider not only today’s business environment but what the IT landscape and its requirements will look like in the future.
The SASE solution which is selected must be able to scale for years to come, as well as provide security for new technological and business developments, for example, 5G networks that require significantly more processing power. Organizations need to consider not just new technologies that may be added but also the ease and cost of scalability to best enable new technologies. Consider the SASE architectures, which offer easily scalable networking and security capabilities directly in the cloud that do not require additional costs when expanding the network and security to new locations.
Picking the right SASE solution does not need to be a complicated decision for organizations. Setting goals, establishing network and security requirements, understanding the right questions to ask, and knowing the important capabilities will help organizations come away with a SASE architecture that provides long-term network performance and cyber security protection without excessive costs or complications in the future.
Michael Wood is CMO at Versa Networks.