The growth of dedicated internet services and broadband connectivity, along with the rise of software-defined wide area networks (SDWAN), has created cybersecurity challenges for IT departments. The Secure Access Service Edge (SASE) is designed to address the cybersecurity concerns caused by SDWAN. However, SASE is a new area of technology and its implementation is still sparse. There are different approaches to SASE, which suggests that there will be different restrictive solutions.
A look at the issues and challenges faced in deploying SASE solutions…
Issues and challenges
Setting up a network can be tricky. Adding SASE can result in duplication, cause inefficiencies and make troubleshooting difficult. SASE is a new technology, and some conveniences are still in the early stages of development. Businesses have found limited capabilities in areas such as automatic configuration, network monitoring and device troubleshooting. These solutions often require setting up business networks. Data types have different levels of sensitivity and require different levels of security. Thus, companies need to understand the importance of their data and apply conditional access accordingly.
Meanwhile, the implementation of SASE may require the reorganisation of technology teams. In some cases, network and security personnel work independently and need to be combined. In all cases, the technician must be trained in the new technology. There is nothing new in SASE since it is the integration of existing technologies, not the introduction of new ones. If SASE providers could truly integrate existing technology into a single global service with cost sharing across all customers, that would be great.
SASE suppliers are highly trusted. By bundling several functions together, SASE vendors assume that IT professionals are willing to give up the degree of freedom provided by multiple contracts. Going forward, if SASE is done right, one provider will cater to the network and security needs, wherein trust and reputation will be the key selling points.
If IT teams are isolated, then the deployment includes at least two products – one or more for networking and at least one for security. Network providers may require an SDWAN service, as well as a cloud service for CDN coverage, DDoS protection and WAN optimisation. Some of today’s SDWAN vendors provide many of these features. If IT teams are isolated and remain isolated, but agree to manage a shared infrastructure, a SASE implementation can consolidate local services into a single product. Cisco, Palo Alto and Fortinet are examples of vendors that are combining their established security with SDWAN and cloud acquisition to create a complete provisioning roadmap.
In addition, some executives are choosing to completely avoid the complexity of managing their global network and are looking for a new class of vendors that provide end-to-end services. This strategy can be thought of as NaaS. In this model, the company interacts with the vendor’s customer portal to develop policies.
Locations might need on-premise security
Sometimes one SASE solution is not enough to meet all the requirements of a company. For example, high demands on branch offices require applications and data to be stored locally as local security is required to separate OT and IT at the branch. In this case, a hybrid build to balance local versus cloud and network security in specific scenarios is the best solution.
No single platform is superior
Different companies have different needs. The universal platform takes advantage of a single policy engine that unifies network and security policies. They have some functional limitations.
Net, net, SASE is emerging as a new network option for securing remote connections. The new standard can help companies securely access their growing pool of remote workers. It has rough edges and may not be suitable for businesses that rely on VPNs or need comprehensive troubleshooting. Despite these limitations, SASE implementation is expected to grow in the coming years and is likely to become a popular way of providing secure network access to remote workers. To check if SASE is right for their business, companies can click on “Schedule a Demo” on the Lightyear homepage to chat with one of its telecom experts.