The fields of science and IT are constantly evolving. Just when we get comfortable, things change, forcing us to create new theories that drive new ways of doing things. For example, before the germ theory of disease was developed in the late 19th century, doctors thought disease was spread by miasma or “bad air.” Sounds ludicrous, but this was a reality at one time.
There are IT practices and methodologies that appear just as outlandish today. For instance, remember the practice of backhauling all internet traffic to the corporate data center via expensive MPLS lines and VPNs? With the advent of cloud services, routing traffic to the corporate network seemed as absurd as the idea of a flat earth.
Direct Internet Access
To reduce latency, workload congestion, and cost, enterprises are now implementing Direct Internet Access (DIA). DIA allows branch offices to connect directly to the internet, rather than rely on round-about routing to a centralized data center. DIA provides users low-latency access to their cloud services in a highly efficient matter. It seems so sensible; it makes you wonder why we didn’t always provide direct internet access to users.
In the past, it was common practice to allow friends and family to greet travelers at the airport gate. However, the early 2000s brought a realization: only those with a boarding pass and proper ID could be trusted beyond the security checkpoint.
Similarly, in the IT landscape, we used to extend trust to anonymous users and devices on our networks. But in today's world of increased threats, costly data breaches, and malware outbreaks, that trust can no longer be taken for granted. Now, we understand the necessity of constantly verifying the identity and purpose of users and network-connected devices. Trust is no longer an option; verification is a must.
What Is Secure Access Secure Edge?
DIA and Zero-trust network access are just two components of a new cybersecurity framework called SASE that integrates wide area networking capabilities with network security services, combining them into a single cloud-based service.
The term was coined by Gartner in 2019 and represents a shift in how organizations are approaching network security in a cloud-centric world with highly distributed workforces. SASE incorporates multiple as-a-service capabilities to service branch offices and remote workers, ensuring a secure optimized digital experience.
Additionally, SASE offers the following capabilities:
- Software-defined wide area network (SD-WAN)
- Firewall as a Service (FWaaS)
- Secure Web Gateway (SWG)
- Cloud access secure broker (CASB)
- Zero trust network access (ZTNA)
- Data loss prevention (DLP)
SASE is typically delivered as a comprehensive cloud service built on a global, cloud-native architecture that ensures scalability and performance. With its integrated SD-WAN capabilities, network security functions, and policy-based management, SASE ensures optimal performance, reliability, and secure workloads for users connecting to applications and services. SASE provides end-to-end traffic modeling for optimal routing regardless of a user's location in a world driven by soaring internet workloads and new traffic patterns that create bottlenecks in legacy network topologies.
The Answer To A Complex World
SASE was derived from the need to reduce the complexity of hybrid systems. That includes hybrid network architectures, hybrid clouds, and hybrid work models. SASE offers IT teams a simpler approach to securing expanding attack surfaces and managing an endless array of network-connected devices. It helps eliminate the silos that security teams once operated within, silos that created security gaps that threat actors can exploit.
Here are a few of the ways SASE is helping enterprises navigate the increasingly complex digital landscape:
- AI Optimization: This innovative technology automates manual tasks and eliminates human configuration errors as well as accelerates troubleshooting and remediation efforts.
- Up-to-date Technology: This solution came from the realization that networks are now comprised of multi-gigabyte port options and 5G cellular links.
- Enhanced Cybersecurity: It is also a much-needed way to mitigate the cyber risks posed by expanding attack surfaces in a time of tightening compliance regulatory standards.
Ultimately, SASE is the answer to a growing number of emerging challenges.
Benefits Of SASE
Benefits such as reduced complexity are noble justifications for SASE adaption, but business decisions are driven by numbers. Companies that have integrated Cisco SASE experienced the following:
- A 73% improvement in latency and traffic consistency for their users.
- 85% of enterprises cut their malware infections by half.
- 75% of organizations were able to give their IT teams the ability to focus on cost savings.
It is no wonder Gartner expects 80% of enterprises to adopt a SASE architecture by 2025 and why 98% of CISOs plan to spend money on SASE and prioritize 25-75% of their IT security budget on SASE in the future.
Whether you are navigating the challenges of a hybrid workplace, multi-cloud architectures, limited network visibility, internet latency, or an ever-expanding attack surface, Cisco can provide the right SASE solution to help you adapt to the new world that your business must operate and thrive in today. Talk to one of our WEI SASE specialists to learn how SASE can benefit your organization.
Next Steps: Discover more about how your business can implement a meaningful SASE strategy by downloading our tech brief, The First 5 Things You Should Know About SASE.