The rapid shift to hybrid working has transformed where and how work takes place. Today’s workers are more likely to go online from their home office than from corporate headquarters, creating new challenges for IT security teams tasked with protecting networks and to move the periphery forward and in the center.
Amid this shift, Secure Access Service Edge, or SASE, emerged, combining WAN and security services into a single cloud-delivered service model. However, while the narrative around SASE is the way to protect the edge, the edge is only half the story. SASE improves security across the entire network in three key ways to create the best and most secure experience possible.
Centralized orchestration and monitoring
Over the past few years, many security teams have likely experienced a variation of the same trend: a solution from one current vendor lacks the functionality they need, so they overlay functionality from another vendor. This cycle continues until they get the stack that meets their security requirements. Sometimes that never happens.
While excellent in the short term, this approach creates significant problems over time. Teams end up with a complex and sprawling security stack that generates a ton of data and contains individual components that don’t communicate with each other. Therefore, a siled stack quickly becomes an insecure stack.
SASE reverses this dynamic by aggregating functionality: SASE solutions provide a single location for policy management, configuration, and monitoring across the entire network. Creating single visibility across the entire client-to-workload transaction simplifies management and enables teams to respond to threats with greater agility and efficiency.
Building a more resilient security operation
The emergence of a unified security management approach to network security has led to a new appreciation of the limitations of the old.
Case in point: consider the firewall. Creating and building a perimeter around a company’s most important assets has always been comforting and alluring. But with this approach comes downsides. For example, what happens when a firewall goes down? A centralized approach to security, in which the application operates through a single point of failure, carries inherent risk.
SASE, on the other hand, comes with built-in resiliency. Here, policy enforcement happens closer to where the users are. As Gartner Ratingsit’s a reversal of network security design, as it “shifts the focus to the identity of the user and/or device, not the data center.”
Ultimately, this approach also benefits from being more scalable: security teams can ensure that their protection scales alongside their operations without having to purchase and install new hardware.
Create a more consistent user experience
With the consumerization of the business, every team is now a customer experience team. Yes, it also means security.
A key benefit of SASE is its ability to simplify and centralize how security policies are developed, propagated, and enforced. The result: Devices and security tools can take advantage of the same security policies, meaning users have consistent, unified access whether they’re on campus, in a branch office, or on the go.
Consistent security experiences have a direct impact on overall network security. The more consistent and seamless a security experience is, the less end users will attempt to circumvent it through less secure means.
The “it just works” mindset has become pervasive in the consumer space. SASE continues its efforts to bring this to the enterprise side.
Kate Adam is Senior Director of Security Product Marketing at Juniper Networks Inc. She wrote this article for SiliconANGLE.