Taking Steps Toward an Impactful SASE Architecture

Given the complexity of digitization initiatives for most companies over the last decade, the world has grown acutely aware of how crucial good cybersecurity is for business health. More than ever before, this past year demonstrated that predicting the future is difficult, if not impossible – this is no different in cybersecurity. Feasibly preparing for the unknown demands flexibility and trust. Therefore, locking one’s organization into a specific proprietary structure or set of dependencies is not only unwise, but could result in critical path failure down the road.

In the past, organizations chose specific capabilities and technologies to suit their needs as requirements arose, and worked the requirements and aggregation as best they could. These efforts led to appliance sprawl and integration challenges or unrealized value between products. In other words, several issues left for the operations team to pick up. To address a number of these challenges, a new approach has emerged, growing in both industry prominence and interest over the last few years. This approach is referred to as secure access service edge, or SASE.

In recent years, key security technologies like next-generation firewalls (NGFW) and secure web gateways have migrated to the cloud. These moves allowed organizations the freedom to integrate between tools, thus giving them time to support the best possible experience for their employees and customers, all while managing risk for their business. With SASE, organizations can adopt the on-premises capabilities that they are accustomed to via a cloud-based service.

Considerations for Using SASE

However, many approaches in today’s market omit a few critical considerations that can make a great difference in an organization’s ability to fully realize the value of SASE. One consideration is a unified policy operations approach for protecting users and securing both cloud-based and on-premises applications. The other consideration is that, in some cases, network and security capabilities are wholly separate from each other and the burden of the customer is to choose, purchase and manage. Attempting to divorce network and security is not SASE, nor what is needed for customers to overcome one of the most significant challenges to their security posture today – operational sprawl.

Additionally, many organizations still have data center assets that they must both manage and secure. That task doesn’t just magically disappear with cloud adoption. Expecting an organization to use two different management instances, sets of firewall policies or interpretations of the data in a way that allows them to address risks in tandem with the speed of threats is simply unrealistic, and increases risk as opposed to reducing it.

SASE is not a product, nor is it a service. It’s a new architecture and with it, organizations can address limitations that often accompanied previous approaches. Inconsistent policy application, integration gaps and other vulnerabilities that potentially create the weaknesses in risk posture may be exploited by bad actors. As is often the case with an architectural shift, most organizations prepare to adopt capabilities in stages. Therefore, it is imperative for vendors to partner and work together with the organization to deliver the service experience and security capabilities required for their organization’s specific needs. Whether the use case is for remote workers, branch offices, retail sites, office campus or data centers, having a single solution that provides connectivity and effective security for all these use cases is critical.

Taking Steps to Ensure Success

To ensure that your SASE journey is a success, start by identifying what and who you will need with you on this journey:

  • Create a list of needs
  • Identify key stakeholders and capture requirements
  • Conduct operational interviews
  • Construct a plan and review

This planning effort will help you in the impending project stages and assist in qualifying and assuring your success. SASE brings many exciting innovations to how we have previously approached and managed many security and network capabilities. These innovations can help accelerate business needs while effectively managing risk and addressing limitations of the existing architecture. It is essential to understand your desired outcome for this transition, so you can develop an achievable plan to get you there.

The path to SASE is an exciting one with much promise. But like any good project of this scale, it all begins with effective planning. Due diligence and discipline will ensure that the path you choose is the right one for your organization based on your security needs, organizational requirements and having the right team in place to get you there.

Avatar photo

Mike Spanbauer

Mike Spanbauer is a Senior Director and Technology Evangelist for Juniper Networks. Mike’s work and expertise in network and security advisory, consulting, and product strategy over the last 25 years provides a breadth of perspective across network and security execution, as well as approaches to solve for operational and governance needs that organizations face. He most recently served as Vice President of Research Strategy for NSS Labs, driving the enterprise research and consulting practice for NSS’ global clients. Prior to that, Mike held leadership roles at Current Analysis and HP in research, strategy, and competitive intelligence.

mike-spanbauer has 7 posts and counting.See all posts by mike-spanbauer