SASE

Traditional Approach

Over the last years, or even decades, we have been implementing a lot of different connectivity and security solutions in our corporate environment. For each piece of our connectivity or security puzzle, we have almost always looked at the best-in-breed solution. This quickly results in having to evaluate, procure, manage, maintain, support, … numerous point solutions. Even in a smaller environment you’ll quickly have a Next-Gen Firewall, Remote access solution, Secure Web Gateway, and most likely a couple of other standalone solutions. 

And when you have lots of locations, you’ll add the complexity (and not to mention cost) of a MPLS solution on top. In the best-case scenario, there is a SD-WAN solution in place, which is now another point solution that must be managed and maintained. 

Another consideration that must be taken into account is that traditional solutions need be purchased up front. This means that the hardware of virtual resources that you purchase today need to be scaled up, so they’ll still be relevant in 3-to-4-year time. In short, you overpay for what you use today. 

Our solution

The SASE Cloud architecture addresses this problem. It provides a single network that connects and secures any enterprise resource – physical, cloud, and mobile – anywhere. In this, the SASE Cloud is marked by four main characteristics: It is identity-driven, cloud-native, supports all edges, and is distributed globally: 

• Identity-Driven: User and resource identity, not simply an IP address, determines the networking experience and level of access rights. Quality of service, route selection, applying risk-driven security controls — all are driven by the identity associated with every network connection. This approach reduces operational overhead by letting companies develop one set of networking and security policies for users regardless of device or location.
• Cloud-native Architecture: The SASE architecture leverages key cloud capabilities including elasticity, adaptability, self-healing, and self-maintenance to provide a platform that amortizes costs across customers for maximum efficiencies, easily adapts to emerging business requirements, and be available anywhere.
• Supports All Edges: SASE creates one network for all company resources — datacenters, branch offices, cloud resources, and mobile users. For example, SD-WAN appliances support physical edges while mobile clients and clientless browser access connect users on the go.
• Globally Distributed: To ensure the full networking and security capabilities are available everywhere and deliver the best possible experience to all edges, the SASE cloud must be globally distributed. As such, Gartner notes, they must expand their footprint to deliver a low-latency service to enterprise edges.

The promise of SASE is that it will deliver converged network and security service on a global scale and reduce cost and complexity while increasing agility, visibility, and performance. However, to make sure your enterprise benefits from the potential of SASE, it’s important to ask the right questions and understand the key criteria by which to conduct a SASE vendor comparison.  

Because SASE has become such a hot buzzword, plenty of vendors have slapped the term SASE onto their current offerings without truly providing the upside of a SASE platform. As a result, enterprises are now faced with the challenge of sorting through the hype to identify which vendors can truly meet the requirements of the modern digital business. 

Contact Kappa Data to help identifying your next steps in the journey to a SASE based architecture.