What kind of company should use SASE?
SASE converges both networking and security capabilities into a single-service cloud-native architecture that shifts the security focus from traffic-flow-centric to identity-centric. SASE encompasses a package of technologies that embeds security into the global fabric of the network so it is always available no matter where the user is, where the application or resource being accessed is, or what combination of transport technologies connects the user and the resource.
Converging network and security functions has broad organizational, structural and cultural implications in the approach to technology adoption, how budgeting is done, and how purchasing decisions are reached.
The impact is more profound for large enterprises and government organizations traditionally more rigidly structured, and not as nimble as smaller companies.
And yet the two most critical driving forces for SASE adoption—to converge networking and security—are equally applicable to all organizations, but especially critical to financial, healthcare and government.
- To better enable a Work-from-Anywhere (WFA) workforce
- To properly secure access in the accelerating rate of cloud adoption
The Start-up Business
Starting a business has never been easier:
- Smartphones, tablets and laptops are powerful, customizable, ubiquitous, and run capable apps.
- Minimize capital expenditure: Compute and storage resources are easily and cost-effectively available on a pay-as-you-go-and-grow basis from a large selection of worldwide cloud providers.
- Cellular and broadband network access in metropolitan areas is pervasive and affordable.
At the same time hackers are more sophisticated and numerous than ever before, leveraging the very same Work-from-Anywhere (WFA) and cloud technological expediencies. This makes it imperative for even the smallest less-than-ten-person business to be cognizant of security exposure and to take steps to secure operations.
Fortunately, the SASE barrier to entry is equally low, and—with a pure cloud-delivered solution with per-user pricing—can cost-effectively protect the smallest of businesses.
The Small-Medium Enterprise (SME)
SMEs are the most cost-conscious of organizations; there’s no money for large IT teams, nor for managing stacks of single-purposes boxes per location. Direct Internet Access (DIA) has been a life-saver (read: cost-saver). Employees using their own tablets, smartphones and laptops has phenomenally brought down user device costs.
Cloud applications are another absolution: no more servers, OS upgrades, boxes, more boxes, slow performance—SaaS pay-as-you-go instantly scales up/down.
All this economic convenience came with a concealed handicap: security. DIA, BYOD, and cloud access hugely increase the enterprise’s attack surface. Hackers have never had it so good. SASE technology is the cure for this pain, securing assets and users while allowing you to leverage the cost-savings. With cloud-delivered SASE SMEs can easily add needed services: no need to purchase, configure, deploy or manage any boxes. Unmanaged user devices are instantly secured for business purposes. Cloud-delivered SASE capabilities and per-user pricing are low-cost enablers.
The Large Enterprise
For many larger enterprises, the distributed workforce model precipitated seemingly overnight by the covid19 pandemic was a wake-up call that thrusted them into an uncomfortably unfamiliar mode of operation.
Traditional WAN architectures with rigidly-limited VPN aggregation capacity for a small percentage of remote workers suddenly proved wholly inadequate for a majority WFA operation.
SASE brings identity-based security to entities and sessions, as well as independence of the transport medium. Secure SD-WAN with SASE brings security not only to the application sources (cloud), but also to where the applications are consumed (employees’ unmanaged devices). SASE technologies accommodate scalable secure access for 100% WFA models, DIA, BYOD, and multicloud applications and resources distributed regionally or globally—with traditional WANs and security these shifts are near-impossible to keep up with maintaining security, control, visibility and performance.
The Government Organization
Governments, like large enterprises, are experiencing significant changes in their operating environment and are striving to modernize to accommodate these.
- Changing user expectations: How users and citizens expect to access information and services.
- Changing service delivery models: Modernizing network and security, and evolving to multicloud.
- Increasing cyber threats and cyber spying: The current climate of an increasingly sophisticated threat landscape, as well as a dramatic expansion of governments’ cyber defense operations.
Traditional inhibitors to government IT modernization—all of which are alleviated and addressed by adopting SASE technology—include:
- Frequent reconfiguration: Complicated re-configuration when security changes are needed in a large network and in a fast-changing threat environment.
- Lack of integrated tools: Lack of real-time visibility, analytics and tools to secure large networks.
- Physical site operations: Operations are limited by, and anchored to, physical locations.
- Multiple software stack inefficiencies and vulnerabilities: Appliance, OS and software stacks from a plethora of vendors introduce management complexity and security vulnerabilities.
- High skill demands: Staff must be skilled in many vendors’ configurations and interfaces.
Resellers have the broadest visibility of what is truly happening in the market: across multiple industries; different size customers; companies of different profiles. Many well-established resellers have expert reputations for deploying robust solutions with confidence. Yet many resellers have shied away from offering security in their portfolios due to its historic complexity.
The flexibility of SASE technology—cloud-delivered, appliance-delivered, or in combination; fixed, user, bandwidth, or appliance-based pricing—offer fresh opportunities to offer solid integrated, converged network-and-security portfolios. This enables resellers to respond to RFP/RFIs that increasingly mandate a blend of networking, applications, user enablement and security to bid successfully.
The Service Provider (SP)
SPs may add cloud-based SASE offerings to their current SaaS infrastructure, as well as offer “on-prem” implementations of SASE as part of existing or new managed service portfolios. Additionally, SPs can leverage their network backbones for SASE gateway/POP services that enable cloud-delivered SASE to be a viable solution for companies in various regions, or with a worldwide footprint.
SASE For Dummies
Learn the business and technical background of SASE including best practices, real-life customer deployments, and the benefits that come with a SASE enabled organization.
Find more research, analysis, and information on SASE (Secure Access Service Edge), networking, security, SD-WAN, and cloud from industry thought leaders, analysts, and experts.