A few years back, when SD-WAN technology hit the scene, it rewrote the rules for enterprise networks. Finally, businesses didn’t have to deal with the high costs, complexity and poor application experiences that come with traditional wide-area networks. After all, when most IT workloads now live a SaaS or IaaS provider’s cloud, it no longer makes sense to route all traffic through the corporate data center. With SD-WAN, the network can direct each packet along the most efficient path—sometimes through the data center, but more often, directly to a nearby SaaS or IaaS cloud point of presence (PoP).
This model offers huge improvements over traditional approaches to branch connectivity. (There’s a reason why 90% of IT leaders surveyed by IDG Research last year said they were using or planning to upgrade to SD-WAN.) But “branch” is the key word. What about the growing number of users working outside the office? According to one study, remote work has grown by 400% over the past decade. And, that was before COVID-19 forced millions to work full-time from home. For those millions of users, businesses still have to route all their traffic through the central data center, because that’s where the security and remote access solutions live. Until now.
There’s a new secure connectivity game in town, Secure Access Service Edge (SASE). And, just as SD-WAN revolutionized enterprise networking, SASE takes enterprise security and remote access to places they’ve never been before.
Envisioning a Smarter, More Flexible Edge
What if you could take everything that’s great about SD-WAN and combine it with dynamic, user-centric security? What if your core security capabilities—access control, firewall, intrusion detection and more—could run from any of hundreds or thousands of cloud PoPs around the world, like any other cloud service? That’s exactly what a new generation of SASE solutions can deliver.
As originally defined by Gartner, SASE brings together SD-WAN and cloud security services to provide flexibility, agility and scale. It offers a much simpler secure connectivity model for cloud-first enterprises, bringing the full stack of modern security and access control protections to each and every user, no matter where or how they connect.
In this new secure connectivity framework, SASE providers like VMware build a global fabric of PoPs (or add new SASE capabilities to the ones they already use for SD-WAN). Just like with SD-WAN, these PoPs serve as an onramp to SaaS applications and other cloud services. But now, they can also apply the full suite of enterprise security functions to users wherever and however they connect—including outside the office.
A typical SASE solution combines the following cloud-based security functions with SD-WAN:
- Zero-trust network access (ZTNA): ZTNA frees businesses from perimeter-based trust models that haven’t reflected reality for years. Instead, businesses can grant access based on the identity and real-world context of the user (their role, location, security posture of their device, and so on), instead of an abstraction like their IP address.
- Cloud-based next-generation firewall (NGFW): SASE moves firewalling from something that has to be provisioned and managed separately for hundreds of enterprise sites to the cloud. Businesses gain a single, consistent control point to define and automatically enforce policy everywhere.
- Secure web gateways (SWG): SASE combines a full suite of modern security services with SD-WAN networking intelligence. It automatically applies the right protection for each user and application inline, in the cloud. Best of all, it extends these security services everywhere, without requiring you to maintain hundreds of distributed point products.
Together, these capabilities give businesses more secure, reliable and performance-optimized access for both traditional and cloud-based applications. You can securely connect anything and everything—branches, campuses, remote workers, IoT devices—with a single, holistic solution. And, you can bring a comprehensive cloud-based security stack anywhere users and applications need it, around the world.
Want to know more about what SASE can mean for your business and customers? Join us on October 27 for the webinar “SASE in a Work from Anywhere World: Why You Should Care.” VMware’s vice president of Product, Mark Vondekamp, will share our vision for tomorrow’s more secure, flexible model for network connectivity. Reserve your spot now.
Follow @VeloCloud on: