As data storage and processing move into the cloud and employees work remotely, the ability to connect to the corporate network via high-performance, secure links is vitally important to employee efficiency and productivity.
Traditional solutions for building a corporate WAN, such as virtual private networks (VPNs), do not meet the needs of the modern business. Secure Access Service Edge (SASE) provides an alternative for secure, high-performance network connectivity.
Network Needs of the Modern Enterprise
An organization’s network infrastructure has become a critical component of its ability to do business. As the ways that businesses use their networks evolve, new needs exist that traditional network solutions are simply incapable of meeting.
- Low-Latency, Reliable Networking
Companies have been moving to cloud computing and Software as a Service (SaaS) applications for several years, and COVID-19 has only accelerated this transition. With the sudden shift to remote work, many companies are reliant on cloud-based teleconferencing, data storage, and other solutions.
As organizations expand their cloud footprint, their need for high-performance network connectivity grows significantly. Many SaaS applications require low-latency and reliable connections, and delays caused by inefficient network routing – like that required by a perimeter-focused security model – and unscalable network infrastructure – such as overloaded virtual private network (VPN) endpoints – has a significant negative impact on application performance and employee productivity.
The use of cloud-based applications will only continue to grow as organizations work to maximize the efficiency of their operations. With this growth of the cloud comes the need for high-performance, reliable network connectivity.
- Scalable Remote Connectivity
Many organizations experimented with telework in the past, and some companies have been fully remote for years. However, the COVID-19 pandemic forced many organizations that were accustomed to having most or all of their employees on-site to adapt to supporting a mostly or wholly remote workforce in order to maintain business operations.
This transition highlighted the shortcomings of traditional approaches to providing secure remote connectivity for teleworkers, such as the use of VPNs. VPN infrastructure designed to support a small fraction of the workforce could not meet the needs of a fully remote organization. Attempts to alleviate this issue, such as the use of split-tunnel VPNs, have their own issues as they degrade network visibility and open the organization to attack via compromised endpoints (whose Internet connections are no longer protected by the corporate security solutions). Additionally, VPNs, which often require re-authentication at regular intervals to maintain connectivity, are not designed for constant use.
In the wake of COVID-19, many organizations are reconsidering their physical locations and plan to have at least some employees work from home for an extended period of time – if not indefinitely. As telework becomes “business as usual”, companies need the ability to ensure that these remote employees are able to work both effectively and securely.
- Network Security at the Edge
In the past, most of an organization’s IT infrastructure was located on-premises and connected directly to the corporate network. This led to the rise of the perimeter-focused security model, where cybersecurity solutions were deployed as a “stack” at the network perimeter, and all inbound and outbound traffic was funneled through them for inspection and enforcement of security policies.
Over time, organizations’ infrastructure and employees have been migrating outside of the traditional perimeter. The mass adoption of cloud computing has moved a large amount of data storage and processing to the cloud, and the adoption of bring your own device (BYOD) and telework policies mean that many devices are connecting to the corporate network via external, untrusted networks.
However, while the corporate infrastructure has moved off of the enterprise network, many organization’s network security has not followed suit. Many organizations make the choice to either forgo visibility and security for external devices or force traffic to be routed through the corporate LAN (via VPNs and similar solutions) for security inspection even if the traffic flow originates and terminates outside of the corporate LAN.
The first of these approaches endangers corporate cybersecurity, and the second sacrifices network performance and employee productivity. As an organization’s devices and users move to the network edge, an organization’s cybersecurity solutions should be capable of following.
Modern Companies Require a Modern Network Solution
Traditional solutions for corporate networks, such as VPNs, were designed for traditional networks, where most devices and at least one end of every network connection was within the corporate LAN. Modern enterprise networks no longer look like this, and many organizations are finding that their traditional network and security solutions are unable to cope with the change.
Software-defined wide area networking (SD-WAN) provides the networking functionality that modern companies need. It aggregates multiple different transport media and provides optimized routing over the available options based upon an application’s unique needs. However, many SD-WAN solutions lack integrated security and are deployed as physical appliances, limiting their ability to provide the edge-based security that companies need.
SASE solves these problems by integrating a full security stack with SD-WAN functionality as a virtual appliance and placing this solution in the cloud. Each SASE point of presence (PoP) is capable of providing the same security and visibility as a traditional security stack but does not require traffic to be diverted through the enterprise network to be inspected. SASE enables traffic to be optimally routed over a corporate WAN that can easily scale to meet the needs of the enterprise. This enables a company to build a network that supports the needs of the modern business.