Cisco Canada Blog

Converge Networking and Security with the Right SASE

4 min read



Part 1 of the six-part series – The 2023 Global Networking Trends Report series

A major transition in IT philosophy is underway.

It’s a shift away from separate networking and security operational silos, tools, and management dashboards, and movement toward the convergence of policies, technologies, tools, and operational workflows based on a cloud-centric operating model.

As part of this transition, secure access service edge (SASE) is becoming a leading convergence architecture of choice for secure multicloud access. Our 2023 Global Networking Trends Report found that 47% of 2,577 respondents globally plan to connect their branches and remote clients using a SASE model by 2025.

However, not all SASEs are created equal. Primarily delivered as a service, SASE can be deployed as a collection of modular or disaggregated components, with separate software-defined WAN (SD-WAN), next-generation firewall (NGFW), and other security solutions that comprise a cloud-based secure service edge (SSE). Or SASE can be delivered as a unified, pre-integrated software-as-a-service (SaaS) that gives admins a highly simplified and unified way to achieve a SASE environment and manage secure, multicloud access to applications by employees end to end, wherever they choose to work.

Here’s why networking and security convergence is such a winning strategy and how to choose among disaggregated, modular, and unified SASE solutions.

How we got here

Over time, organizations have added many point security products to handle diverse cyber threats. With the increased adoption of cloud technologies, which bring the promise of agility and resiliency, organizations started migrating more applications out of the traditional data center to private and public clouds and SaaS, leading to a highly distributed environment. Coupled with today’s hybrid distributed workforce, the traditional perimeter no longer exists, and the attack surface increases substantially in this hyper-distributed IT environment. The traditional perimeter-based solutions fall short.

Additionally, 51% of respondents in the 2023 Global Networking Trends Report cited skills gaps as a main challenge to their organization’s use of cloud-native technologies. This lack of talent, along with human error, could be responsible for over half of significant cyber incidents by 2025, according to Gartner.

Networking and security convergence and a unified SASE

Converging networking and security domains brings end-to-end visibility into every connection so admins from both disciplines can work together to optimize the application experience. Integrated tools and a centralized dashboard increase efficiency and collaboration. With access to traffic data on every user experience, visibility gaps can be eliminated and mean time to repair (MTTR) times reduced.

Offering such a converged environment and centralized and unified management, SASE is a way to radically simplify security and networking (Figure 1). Gartner defines it as a multifaceted solution that delivers converged network and security as a service. Features include SD-WAN, secure web gateway (SWG), cloud access security broker (CASB), NGFW, and zero trust network access (ZTNA). SASE supports branch office, remote worker, and on-premises secure access use cases.

Figure 1. SASE enables networking and security operational convergence.

SASE provides a much-needed framework for securely and seamlessly connecting users to applications in complex and highly distributed environments. First described by Gartner in 2019, it has evolved rapidly from a disaggregated set of point solutions with many vendor solutions available in the market, to more comprehensive solutions from one or more vendors available as modular components (Figure 2).

With single-vendor solutions, a unified SASE approach emerges in which all components are fully designed, integrated, and supported as a single platform that can be optimized for SASE, merging network and security constructs to a cloud-delivered model. At Cisco, our SASE motto is “Interconnect everything and provide security everywhere,” end to end.

Figure 2. The various technology and vendor approaches for a SASE architecture.

A unified SASE makes life much simpler for IT personnel. It’s a platform approach that focuses on outcomes instead of architecture and may be especially attractive to smaller organizations with fewer IT personnel.

Each of these approaches to SASE will appeal to different organizations, and Cisco meets our customers where they are in the technology journey—supporting all models.

SASE in the real world

With 38 attorneys serving thousands of clients in South Carolina and Georgia in personal injury cases, George Sink, P.A. Injury Lawyers wanted to utilize the efficiency of the cloud to connect employees and support staff anywhere more easily and securely. They migrated their on-premises VPN to a virtual endpoint in the cloud and a unified SASE. Regardless of location, employees seamlessly and securely connect to the applications they need without physical, on-premises equipment. IT complexity was reduced by moving to the cloud with a unified, turnkey solution that deployed in hours instead of days. Great experiences for users and IT alike are the result.

Milwaukee Electronics, an electronics manufacturing services (EMS) provider based in the United States and with facilities in Mexico, India, and Singapore, was experiencing supply chain issues that made it difficult for them to obtain new technology infrastructure to support a distributed workforce. The company is a one-stop shop for custom electronics design, printed circuit board (PCB) prototyping, assembly, and project management. Their customers have stringent cybersecurity regulatory requirements, and a unified SASE improved the company’s security posture, providing visibility into every connection to their network. As a service, the single-vendor unified SASE provides the company with a highly comprehensive and automated networking and security solution, maximizing their limited IT resources.

Simplifying and improving the experiences of both user and IT teams, SASE is an architecture whose time has come. When all functions are provided in a unified SASE from one vendor, the benefits and time to ROI are accelerated thanks to the ease of deployment and simplification of use.

 

Register for the Insider Series Global Networking Trends Webinar

“Securely connect people, places, and things in an ever-changing world”

Download the 2023 Global Networking Trends Report

 

Authors

Omri Guelfand

Vice-président, gestion de produits, NaaS/SASE

Cisco Meraki

Leave a comment