More than ever, the landscape driving digital transformation for today’s organizations is increasingly complex. The acceleration of cloud-based application adoption creates new challenges for enterprise IT teams who need to ensure quick access and reliable security for an often dispersed, remote workforce.
In this eBook, we explore why organizations that are increasingly using a Software-as-a-Service (SaaS) model for delivering software from the cloud are now turning to Secure Access Service Edge (SASE) as an answer.
After the world witnessed a surge in remote work at the start of this decade, there is a clear need for secure access to network resources from anywhere and the ability to do it on any device. These factors are driving an unparalleled acceleration in the enterprise migration to the cloud, dispersing the network edge more than ever before—and in some cases, making it vanish completely.
From an enterprise IT perspective, that perimeter is no longer limited to a location. Now, it’s a set of dynamic edge capabilities delivered from the cloud when it’s needed. And the new reality coming with it is that the intersection of networking and security is quickly becoming more complex than ever.
New questions demand new answers, which is why many organizations are turning to new technologies that can help them meet the ever-evolving landscape with speedier, more agile digital business transformations and more workforce mobility.
Can yesterday’s networks handle tomorrow’s challenges?
Traditional hub-and-spoke networks and their associated security architecture were built for a set purpose: using Multiprotocol Label Switching (MPLS) made them an ideal way for organizations to run multiple business-critical applications from data centers. However, in today’s environment, the “data-center-centric” approach is showing its limitations.
With Virtual Private Network (VPN) connections into the data center, these networks aren’t equipped to serve a remote workforce that’s more geographically distributed
These networks also aren’t built to deal with the increased volume of traffic that traverses public, private hybrid and multi-cloud environments en route to its destination
Constantly routing traffic to and from data centers through a centralized security stack and ultimately out to the Internet creates network congestion
Ultimately, all these factors and the resulting congestion combine to hinder application performance, which affects end users’ experiences and productivity
“The assumptions underlying legacy WAN architectures— that most users work from branches, that almost everything lives in a central data center—no longer apply.”
SASE & ZTNA for Dummies2
In short, SASE offers a unified, secure connectivity experience that is available anytime and anywhere .
The barriers of SASE...
Recently highlighted by Network World3 , the major challenges standing in the way of organizations adopting SASE follow a consistent theme: the readiness of vendors to support this new technology. Those barriers can include:
01. Vendor focus
Your provider’s capabilities and offerings may be focused exclusively on networks or on security, but it’s possible they aren’t proficient in both areas
02. Vendor approach
Well-integrated features, in-line proxy experience and context awareness are all key to successful SASE implementation. If a vendor lacks them, it can increase costs and decrease performance
03. Vendor history
Your provider’s legacy experience may be with on-premises hardware in the “data-center-centric” approach, which can create resistance to a cloud-native mindset
...and the breakthrough
As a key to overcoming these barriers, SASE achieves its capabilities because it’s built upon a solid platform of SD-WAN technology. The software-defined wide area network adds a layer of software intelligence on top of the WAN infrastructure and access networks to give users smarter, more efficient, higher-performing connections to cloud-based applications.
SASE + SD-WAN: More security, less complexity
SD-WAN technology is what allows security capabilities to be run in the cloud like any other SaaS service. This, in combination with SASE technology, creates room for dynamic extension of the edge of the private network to end users without compromising on critical security capabilities.
That’s the powerful end result of this combination: enhanced network security with less network complexity. Together, the pair delivers:
Combining dynamic, intelligent network capabilities with advanced security functions helps achieve both comprehensive protection and necessary compliance for cloud migration
The more efficient cloud-based connections provided by SD-WAN allows the dynamic, user-centric security services of SASE to be delivered rapidly at the same time
All the most essential security capabilities—such as encryption, firewall, web content filtering, intrusion prevention and remote access control—can be run in the cloud similar to other SaaS services
No more perimeters
Using Zero Trust Network Access (ZTNA), access can be granted based on the identity of the user (or application, or other entity) instead of location or IP address as in the past
The real boost to your business
The core SASE benefits to your business can impact not only your end users’ experiences, but your organization’s bottom line.
Enterprise-level security for users that allows access to apps and data over any connection type
Centralized operations that put policy management in the cloud and distributed enforcement points close to the user, app or device
Device consolidation via the reduction of the number of single-purpose customer premises equipment (CPE) at a branch to a single agent or SD-WAN device
Secure Remote Access (SRA) that helps ensure encrypted connections and bases network access on the identity of the user, device or application—not IP address or physical location
Hybrid WAN that can run security over the top of both existing private MPLS connections and public Internet bandwidth for rapid, seamless deployment
Improved performance which is critical for latency-sensitive apps such as collaboration, video, voice and web conferencing
Lower operational overhead due to SASE providers running and maintaining security engines, so IT doesn’t need to constantly update, patch and scale appliances
Already, we’re seeing SD-WAN deployments skyrocketing within organizations around the world. This demand is driven by IT departments’ intentions to use resources in the cloud and deploy a more flexible and manageable network overall. Looking forward, it’s becoming more and more important for organizations to recognize and understand not only the potential benefits of SASE adoption, but to anticipate any barriers in the way so they can better prepare to overcome them.
The cloud era is redefining the business network. SASE will enable organizations to deliver protected networking and security services in a consistent way as the landscape continues to evolve in an unceasing movement towards digital business transformation and, ultimately, workforce mobility
It's time to get SASE
In partnership with VMware, Windstream Enterprise delivers the most sophisticated and resilient solution to protect your data and network from unwanted access. With SD-WAN Concierge™ from Windstream Enterprise powered by VMware SD-WAN™, you can provide a high-performance network and integrated security that will help your organization consolidate security elements in the cloud. And with our deep experience in providing all the foundational elements of a SASE architecture, you can count on Windstream Enterprise to continue developing our SASE capabilities as this technology unfolds.
1. Patrizio, Andy. “With COVID-19 hanging on, migration to the cloud accelerates.” Network World, Nov 12, 2020.
2. SASE & ZTNA for Dummies — VMware Edition (2020).
3. Korolov, Maria. “What is SASE? A cloud service that marries SD-WAN with security.” Network World, Sep 7, 2020.
4. Smarter with Gartner, Top Actions from Gartner Hype Cycle for Cloud Security, 2020, Susan Moore, August 27, 2020.
About the AuthorVisit Website More Content by Windstream Enterprise