If 2020 was the year of SD-WAN as enterprises had to deal with rapidly evolving network architectures, 2021 is looking to be the year of Secure Access Service Edge (SASE). What do you need to know to be successful with a SASE framework, and why do we think it’s poised to overtake SD-WAN?
What Is SASE Network Security?
Secure Access Service Edge (SASE, pronounced sassy) is an emerging enterprise IT framework that combines the network agility of SD-WAN with focused security services to deliver a unified end-user experience independent of location without jeopardizing a business’s security posture. There are four key elements on top of SD-WAN technology that make up the SASE framework:
- Secure Web Gateway (SWG)
- Cloud Access Security Broker (CASB)
- Firewall-as-a-Service (FWaaS)
- Zero-Trust Network Access (ZTNA)
Why Did SASE Emerge?
Over the last decade, business has increasingly been done in more locations and on more types of endpoints than ever before. People work from home, offices, coffee shops, airplanes, and even tents inside National Parks, and they do so from tablets, laptops, virtual desktops, and mobile phones. Additionally, IT workloads have equally been diffused out of server rooms and into the cloud.
These factors have created two daunting challenges for IT professionals: First, how do you deliver a quality, ubiquitous, end-user experience across all these locations and all endpoints, and secondly, how do you do so without becoming insecure? While SD-WAN can help you achieve the former, it can’t help with the latter, but SASE can.
Because SD-WAN frameworks focus on network optimization, security services are prone to becoming secondary and often have to be patched together around specific vulnerabilities. These “secondary” security strategies still leave three glaring inefficiencies that have become all the more prominent as enterprises require more mobile capabilities than ever before:
Remote Access Solutions
With a more mobile workforce, enterprises need to ensure secure channels for employees to connect to internal networks, but SD-WAN doesn’t facilitate VPN access. Legacy remote access solutions like SSL or IPSEC VPN can extend your premier to include remote users, but that requires additional scaling of your infrastructure, and even in the best implementations, the end-user experience suffers.
Firewall-as-a-Service and Secure Web Gateways (SWG)
Enterprises are unable to enforce company security policies and filter internet traffic with an SD-WAN alone, and when you zoom out and look at how users access company data from outside your facilities, it gets even more challenging.
Cloud Access Management
As companies shift to leveraging SaaS-based applications such as Office365, Salesforce, Workday, and GSuite, company data is accessible in more locations than ever before, and ensuring that the right people have proper access permissions becomes an increasing challenge. But even leveraging usernames, strong passwords, and multi-factor authentication doesn’t provide the level of security you need because it doesn’t take into account endpoints. Employees can access SaaS applications from virtually any device at almost any location, and that opens up a huge risk of data leakage.
SASE emerged because it overcomes these challenges and more by integrating advanced security tools that SD-WAN technology lacks, including VPNs, firewalls, web gateways, and cloud access management, but even that isn’t always as simple as it sounds.
Is network transformation on your enterprise’s list of priorities for 2021? Telapprise helps you understand where you stand today to make smart decisions about where to go tomorrow.
How Unified Is SASE?
If you aren’t actively striving to unify the technology your enterprise relies on, you’re going to run into problems that revolve around a lack of visibility and the need for a coherent framework to guide decisions. While SASE is more unified than SD-WAN on a strategic level, it still isn’t a one-size-fits-all type solution. As a result, you may need to leverage several security providers to succeed with a SASE framework. If you’ve been disappointed by a lack of coherent security strategies with SD-WAN, SASE is certainly worth exploring. However, it’s critical to understand that you can still end up with a fragmented security framework if you don’t first outline an overarching strategy and the underlying business drivers.
Who’s the Best SASE Provider?
As an independent technology consultant, many of our partners have already come to us asking who’s the best SASE provider, but that’s akin to asking who’s the best gasoline provider. It all depends on what you’re driving and how you’re trying to get there, but the most crucial thing to remember is that SASE isn’t about a single product. It’s about unifying the right blend of services for your enterprise. Already, SASE providers are touting their solution as the end all be all, but SASE isn’t as simple as deploying a single product, so it’s impossible to say one provider is better than another. What’s more important is understanding what each provider brings to the table and how closely they align with your specific goals.
Will SASE Replace SD-WAN?
From our perspective, SASE is poised to overtake SD-WAN in 2021 and beyond. While SD-WAN previously offered an excellent starting point for enterprises that needed to unify technology and optimize network performance across multiple physical locations, it also has some glaring inefficiencies that have become too obvious to ignore, particularly as they relate to security and mobility. However, there are a couple of things to look out for as you explore the possibilities of a SASE solution, and they revolve around business drivers.
Many organizations adopt SD-WAN thinking that the primary business driver is cost savings. In reality, the underlying drivers relate more closely to network optimization with improved performance that often results in cost savings. Similarly, some enterprises may be looking into SASE to reduce costs, and while it may help you achieve that in the long run, the primary drivers are improved security and a more unified, coherent technology architecture.
Is SASE Right for Your Organization?
While SASE looks to overtake SD-WAN in popularity and market share, implementing SASE isn’t as simple as finding one provider to achieve cost savings. Instead, you need a technology partner to understand your IT stack and the nuances that make each provider slightly different from the rest to determine which best aligns with your business drivers and broader technology goals.
If you need guidance navigating the uncharted territory of SASE, Telapprise is here to help. Get started by reaching out today, and we’ll help you achieve immediate cost savings with a 2x ROI guarantee so you can reinvest that money in a SASE solution.