Contact Cisco

  • Get a call from Sales
  • Call Sales:
  • 1-800-553-6387
  • US/CAN | 5am-5pm PT
  • Product / Technical Support
  • Training & Certification

Amid momentous shifts in where and how organizations operate, IT administrators have done admirable work in shoring up the essentials of network connectivity and security. Now you’re settling into the new hybrid work reality, which is making your IT organization rethink the traditional architecture in favor of a more converged network and security framework.

You have the chance to consider your want list as you make plans to renovate existing infrastructure or build a dream network over the next five years. As you do, you’ll want to thoroughly understand secure access service edge (SASE) and why it’s emerging as the exemplar of secure, accessible networking.

Change can be unsettling, but it also inspires innovative advances in technology and operations. SASE is showing itself to be one of those developments, creating a stronger footing for the digital life of businesses.

The visionary new building code for networking and security

Just as new building codes are issued to protect us from threats like earthquakes and respond to trends in accessible design and energy use, the SASE model represents the latest ideal for network security and performance, established in response to evolving conditions and challenges.

The near ubiquity of digital transformation

The pandemic sped up existing transformation programs and created new ones. Global findings show that 55% of products and services were digitized by July 2020, up from 36% the year before.¹

The expansion of the remote workforce and rise of hybrid work

82% of company leaders plan to allow employees to work remotely at least some of the time.² So, it’s important to provide them with secure access to business-critical apps, wherever they are.

The widening attack surfaces

As more endpoints and devices are added, bad actors have more opportunities to exploit, and organizations are at greater risk. Although VPN and remote access increased by 1.5x at the start of the pandemic (as expected), malicious remote-access attempts grew by 2.4x over the same period.³

And just as homeowners must decide whether to upgrade their current residence or build from the ground up, organizations must determine their best plan forward for constructing or improving their network infrastructure.

Affirming the foundation of SASE architecture

What makes SASE connectivity different from traditional network approaches with MPLS lines and VPN connections? Here are a few of the foundational principles of SASE that underpin each component and the architecture that brings them together.

Optimizing user experience and security for distributed access

When organizations try to bolt on remote access and cloud hosting to existing on-prem networks, the results are often prone to lag and vulnerable to security threats. Since the traditional architecture was created to optimize onsite access, traffic coming or going from points outside will always be disadvantaged.

SASE is designed on the assumption that distributed access is the rule, not the exception. It delivers distributed access with the best speed, security, and convenience possible. With SASE, users can connect from anywhere, and applications and data can be hosted anywhere, without compromising their experience, safety, and performance.

Centralizing management

With a traditional architecture, internet traffic and cloud applications must be secured and administered with point solutions tacked on to the on-prem security stack and network operations. Management becomes scattered and complex.

By moving security and networking into the cloud, SASE can bring all that functionality together in a single service, with simplified management in one dashboard.

Integrating the functions of security and networking

NetOps and SecOps have tended to work in silos, partly because they’ve used different vendors and toolsets. It’s a human tendency for groups to specialize and operate independently, especially when the architecture reflects that separation.

However, the siloed approach doesn’t transfer well to SASE because it’s not a single product or tool that can be controlled by one functional team. Instead, SASE consolidates the security and networking functions in a unified architecture that reinforces integration. Combining NetOps and SecOps improves collaboration and drives faster time to resolution.

And because SASE is an architecture, Gartner recommends undertaking this transformation at the CISO- and CIO-level, engaging a single vendor (two at most) for both networking and security solutions.⁴

Exploring the components of SASE

The list of functionalities that make up SASE can be long, so at Cisco we’ve simplified it into the 3 Cs: Connect, Control, and Converge.

Connect

SASE connects users to the applications and data they need to access, using SD-WAN and remote access. These connections are secure and seamless, and they can originate from anywhere: off ice, branch, or home.

A software-defined wide area network

(SD-WAN) is abstracted from its hardware, so it can scale more easily and be managed remotely.

Remote access

services ensure that users can log in to apps, control devices, and use resources no matter where they’re located on the network, without jeopardizing security. SD-WAN is an ideal starting point for upgrading to SASE architecture. An optimized network addresses customer challenges and gives employees the best experience. It also lays the groundwork for your organization’s secure posture and complete observability. Leading with connectivity helps you ensure that security is deployed in accord with seamless access.

Control

SASE extends these secure services from the data center to any cloud, establishing zero trust access and providing leading threat protection:

A secure web gateway

delivers more transparency, control, and protection by logging and inspecting all web traffic.

Cloud access security brokers

deliver consistent protection by enforcing internal security policies and compliance regulations. You get insight into the use of cloud applications and can identify unsanctioned shadow IT.

Firewall as a service

also enforces broad, reliable security coverage across all traffic using IP, port, and protocol rules.

Zero trust network access 

is a strategic approach that better supports a distributed workforce by implementing identity- and device-based access rather than location-based access. 

Converge

By design, SASE integrates cloud-delivered networking and security, and enables observability across the entire architecture. Removing the walls between networking and security teams enables your organization to find the optimal balance for the two functions that maximizes both access and protection.

Observability

tools allow visibility across the network, even for infrastructure that is not directly owned or controlled. More than that, observability translates to actionable insight into performance issues so incidents can be resolved quickly to maintain reliable connectivity.

Enjoying the outcomes of SASE

As any builder will attest, the process can be messy, but the results are worth it. When you stand back and survey your new or improved SASE network, you’ll appreciate these important benefits.

Secure connectivity in times of disruption

Freeing your organization from the limitations of a traditional network allows you to adapt more easily to crises and change.

Agility for fast paced environments

With SASE, your business will be able to respond more quickly to market dynamics and launch new services faster. Leveraging the cloud for security and networking removes complexity and gives you immediate, global scalability.

User satisfaction and productivity

The flexibility of remote access, combined with the reliable, secure performance of a SASE network, makes users happier with their experience and more able to contribute.

Build SASE your way

Adopting the SASE model is about accelerating your move to the cloud. Each organization will have its own plan for SASE: a strategy for where to start, which components to incorporate, and in what order.

Whatever the plan, though, it’s wise to take a long-term view and work with a technology partner that can deliver the full slate of services, whether you need them now or in the future. SD-WAN is a natural place to begin, laying the groundwork of scalable connectivity that security can build on.

As the largest SD-WAN solution provider in the world, with the highest market share and more than 30,000 customers, Cisco SD-WAN helps organizations to securely connect any user to any application, over any transport, while ensuring a predictable user experience.

Sources

1: How COVID-19 Has Pushed Companies Over the Technology Tipping Point, McKinsey, October 5, 2020.

2: Gartner Survey Reveals 82% of Company Leaders Plan to Allow Employees to Work Remotely Some of the Time, Gartner, July 14, 2020.

3: Hybrid Work Index, Cisco, October 2021.

4: Realize SASE Your Way with Cisco, Cisco