Employees around the world have decided they’d like to work from home, thank you very much.
Despite return-to-office “welcome back” parties, an attempt at mandates and some good old-fashioned cajoling, it will be hard to reverse the remote work tide.
And so, without hardened plans, large enterprises and governments are finding IT basics thrown into upheaval:
High-cost VPN infrastructures don’t sufficiently scale or provide enough flexibility for efficient work-from-home support.
Workers are using personal devices outside of protected networks and accessing Virtual Desktop Infrastructure (VDI) solutions.
Enterprise teams face an uphill battle to exercise corporate governance and control across unprotected devices while providing responsive remote technical support.
Resisting is futile. Especially as additional demands snowball. Migration to cloud, surging SaaS adoption, edge computing and IoT are all levying new security and performance requirements—and headaches.
Businesses must embrace a new reality with agility that can transform operations—and security must be a priority focus. SASE (secure access service edge) stands ready to help.
We recently addressed . Here, we’ll talk more about market drivers, the operational and business benefits SASE delivers, and use cases it supports.
Introducing core principles for a new world
Network perimeters are blurring, and policies are evolving quickly and constantly. We’ve seen how this complicates governance, especially as more stringent DLP and regional data privacy laws loom. To enable the needs of modern distributed and dynamic networks, we need innovation on the WAN side as well as to deliver a seamless user experience regardless of location.
If we will drill down into the SASE components and customer expectations, we can define main principles and technologies as cloud-native, intelligent and vendor agnostic. SASE deployments must be distributed, elastically scalable and resilient, leveraging policy-driven dynamic access with ongoing data protection. Crucially, it must be able to utilize a combination of security and network functions, such as zero trust network access (ZTNA), cloud access security broker (CASB) and next-generation firewalls (NGFW).
Evolving security architectures on the fly
A door has been opened to new risks that threaten mission-critical enterprise security.
Systems, applications, and tools not approved or controlled by IT departments have become a major security and compliance issue. A typical enterprise runs more than 200 applications but only a fraction is managed or visible by IT.
These shadow IT practices expand attack surfaces and open countless security gaps. They also increase operational complexity, slow IT responsiveness and drive up operating costs.
Staying ahead of the security curve with SASE
Enterprises need flexible security tools to adapt to a post-COVID threat reality—specifically, tools that work wherever employees work, SaaS applications are deployed, and support hybrid IT. That’s why SASE is getting increased attention. This new framework is right at home in hybrid environments. Its functions are hosted in the cloud, providing IT security teams with single-pane-of-glass visibility, flexible management, and control of all that happens on the network.
SASE’s approach to enterprise security management solves business problems. It provides a blueprint-like journey with the flexibility to support specific enterprise needs.
SASE provides a customized balance between security, speed of operations and access to critical business services, taking into account:
SaaS application and IaaS/PaaS platforms
Access mechanisms for users and devices
Data loss protection and data sovereignty
End-to-end SLAs, including enterprise and third-party products
Context-based decision-making with smart root cause analysis
The SASE business case
To combat shadow IT challenges and controlled access to cloud resources and applications, SASE provides simplified, central management of cloud security tools and policies, enabling:
Consistent network security with fewer network layers to manage
Centralized policy management
Lower costs with higher scalability
Single view of the entire network
Optimized network for cloud business models
Controlled growth of remote working and distributed applications
Delivery of expected security and performance
Flexibility and agility to accelerate time-to-market of new capabilities
Staying on top of SASE complexity
SASE is not a one-time event or implementation. It is a continuous journey that restores balance between hundreds of SaaS applications and IaaS/PaaS platforms, users and devices access mechanisms, data loss protection and data sovereignty, and end to end SLAs between proprietary and third-party systems. SASE powers context-based decision making with smart root cause analysis.
SASE introduces new tools and security policies, such as zero trust gateways and cloud access service brokers. As part of ensuring end-to-end service quality, SASE must be part of an overall network security assessment strategy. Each component of a service, including security, needs to be validated and tested individually and as part of the overall service.
This requires a customized framework that defines a baseline from which a specific architecture can be pivoted to serve business needs—not the other way around. This framework fosters understanding of the SASE implementation journey and can serve as a bridge between security and business teams as translation from technical to business language for better alignment between multiple parties.
SASE framework fits specific business needs and requirements and should take into consideration specific SASE technologies (zero trust gateways, firewalls, CASB, etc.), and all connected systems. The impact on neighboring systems, business operations and services must also be considered. As a result of the rapid and continuous introduction of new service features and updates, testing has also become continuous, providing continuity from development to robust change management and continuous live network monitoring.
We can help you along your SASE journey
Spirent’s SASE-driven work with customers targets new outcomes and capabilities, making it possible to:
Generate data to quantify risks, justify risk management programs and track their performance.
Test security solutions, collecting data on cyber security risks and determine efficient solutions to strike a balance between security and business needs.
Continuously assess the security systems evolution in a fast-changing environment, ensure performance and management of hybrid solutions, data protection and resolution of shadow IT challenges.
Validate and comply with end customer KPIs/SLAs, system functionality and stability, with better product representation and validation of relevant use cases.