Back in the old days, when most enterprise applications were hosted in a central data center, it made sense for most security services to live there too. Over time though, this data center-centric model has gotten far out of whack with how businesses actually work. Today, enterprises have a much more distributed workforce—especially with so many people now working from home. The applications and workloads they’re using are also now much more likely to be hosted in the cloud.
Modern users and applications could be literally anywhere, but many security and access solutions still funnel everything through the data center. This makes configuring security policy hugely challenging for IT. It also leads to inconsistent, sometimes confusing access methods for remote users—on top of the performance hit they take from having to “hairpin” all their traffic through the data center.
Wouldn’t it be great if security and remote access could be just as flexible, ubiquitous and easy to manage as modern cloud applications? VMware and other industry leaders in software-defined wide-area networks (SD-WAN) thought so too. And we’ve developed a solution: secure access service edge (SASE).
A New Approach to the Enterprise WAN
SD-WAN solved many of the inefficiencies that come with data center-centric networking. But when it comes to security, there was still work to do. As defined by Gartner, SASE (pronounced “sassy”) takes SD-WAN to the next level by converging it with inline security, cloud-based remote access, and the ability to centrally manage and automate policy everywhere from the cloud. Specifically, SASE combines:
- SD-WAN networking as-a-service
- Cloud-scale remote access via zero-trust network access (ZTNA)
- Secure web gateway (SWG)
- Cloud-based next-generation firewall (NGFW)
SASE providers (often, SD-WAN providers like VMware) can pre-integrate all these capabilities, and others, as a unified solution. And, they can deliver them from any of hundreds of cloud-hosted points of presence (PoPs) located geographically closer to distributed users.
The SASE Advantage
With SASE, enterprises get all the benefits they’d get from SD-WAN: optimized routing, reduced costs, better application performance through the use of nearby cloud on-ramps and direct Internet traffic breakout. But now, they also gain the benefit of security and remote access that works like any other cloud service. Benefits like:
- Reduced risk with inline security for distributed users and a zero-trust framework that locks down access by default
- Simpler policy configuration and automated enforcement—across all the different ways users connect
- Easier, more consistent access and application experience for remote users
- Reduced CapEx and OpEx by unifying previously siloed security technologies (VPN, SWG, NGFW, and others) into a pre-integrated, cloud-hosted solution
The benefits can be even greater for home-based users (a critical segment of the workforce right now), where SASE offers flexibility to tailor services to their needs. For instance, a typical business user might connect via the standard ZTNA framework from home. But, for a power user—say a radiologist who needs to access huge imaging files with strong security—you can now extend the full enterprise networking and security stack, including SD-WAN and cloud-based security, right into the home office.
Find Out More
SASE represents a big step forward for enterprise networking and security. But, that doesn’t necessarily mean it’s a panacea for all the problems that modern distributed enterprises face. How well does the first generation of SASE solutions hitting the market live up to the hype? Where are businesses seeing the biggest benefits, and where does the technology still need to evolve?
To find out, join us on Tuesday, October 20, for the webinar SASE – Ushering in a New Paradigm for Networking. Zeus Kerravala, founder and principal analyst of ZK Research, will join Karl Brown, VMware’s senior director of product marketing to discuss the ins and outs of SASE and what it can bring to your business. Reserve your spot now.
Follow @VeloCloud on: