By: Richard Kitney
Four years is a short amount of time to fully come to grips with a new combination of a set of technologies, especially when there has been rapid take-up. It may therefore be useful to identify, and then bust, certain current misconceptions relating to SASE to help get a clear picture.
SASE is a network security framework that combines networking and networking security into a cloud-delivered service. It is not a single product with a relatively short deployment window. Indeed, there is no one-size-fits-all route to solving all security issues. SASE is a transformation project, and because each organization is different, each requires a different SASE roadmap specific to its operations.
It is important to understand that not all the SASE offerings on the market are the same. Enterprises should look for a SASE framework that can be seamlessly integrated into their networking infrastructure and security architecture to ensure secure and robust connectivity alongside an enhanced user experience.
From a business perspective, SASE delivers a boost to productivity by enabling employees and devices to securely access the right data regardless of location or device. It is already highly focused on security, but partnering SASE with a zero trust strategy further enhances security. However, like SASE itself, zero trust is not a single off-the-shelf product. A zero trust framework is a set of security principles designed to ensure that all users and devices, both within and external to an organization, are continuously validated when accessing applications and data. It fundamentally relies on these validations being kept up-to-date and accurate for the model to work.
Zero trust as an integral part of SASE and can help enterprises centralize their security tools, close visibility gaps, and streamline operations, leading to a stronger security posture. At the same time, zero trust network access (ZTNA) can be attained by utilizing a single solution to apply security policies across the network.
Enterprises must understand that zero trust is evolving. It requires continuous monitoring to control what each user can do in each application using its principles. In addition, the technologies must be configured to ensure users get the right level of access while adhering to the enterprise security strategy and policy.
Too often, enterprises are told that everything must sit in the cloud for SASE to work and provide security across the entire enterprise. However, this is only half the story.
A hybrid cloud approach, one combining private cloud with public cloud services and often on-premises infrastructure, allowing data and applications to be shared between them, is appealing to
many enterprises. Hybrid can help enterprises ease into cloud migration, optimize workload resources, and protect data according to its sensitivity and regulatory requirements.
The final misconception is that an enterprise’s transition to SASE is urgent and must go full speed ahead. The reality is that SASE should be prioritized but not rushed. SASE architecture will require careful planning as part of a migration strategy that will likely take several years to implement. Enterprises should be wary of any SASE sales pitch that pushes them to abandon existing IT investments or offers a vendor solution that is not fully mature.
SASE enables resilient and secure distributed networking for the way we work now – where employees and end users work remotely, and intelligent devices need to be “dangerously” connected to core applications and databases. It is all about balancing the end-user experience with security requirements as organizations address the challenge of securing their data everywhere. And regulations are getting tighter.
Distributed networking means that the end user is the new perimeter to defend and protect on three levels: identity, data, and access. This level of protection must be implemented with the sole purpose of enhancing the end-user experience in utilizing