Strategies for transitioning to a SASE architecture

In this Help Net Security, Prakash Mana, CEO at Cloudbrink, discusses the primary challenges companies face when transitioning to a SASE architecture and how to overcome them.

What are companies’ primary challenges when transitioning to a SASE architecture, and how can they effectively overcome them?

The primary challenge in transitioning to a SASE architecture lies in adapting technologies originally designed for office-centric models to the post-Covid hybrid work environment. Many SASE vendors underestimated the remote work trend and their remote access solutions involve disparate parts that are difficult to integrate and manage, especially with existing legacy systems. This complexity not only strains limited IT and InfoSec resources but also creates frustration among end-users due to variable security policies and significantly impacted performance for remote users.

The answer is a shift to what we call personal SASE, which aligns with Gartner’s concept of “coffee shop networking”. This streamlined, user-centric approach simplifies management and user experience by securing every user as if they were remote.

How should security leaders present the value of SASE, especially in terms of cost-effectiveness and risk management?

SASE should be able to unify connectivity and security to simplify and accelerate both the end-user experience and IT management functions. Few current solutions do this.

The emphasis on zero trust within SASE offerings underscores their effectiveness in managing risks by applying consistent identity- and context-based policies across all access mechanisms. Newer SASE offerings increase security so attention should be on the extra security controls and reduced attack surface. However, VPNs, ZTNA and early SASE offerings can severely hamper productivity for hybrid workers.

Security and network performance are not a trade-off. They should go hand in hand. SASE ROI should be measured by the ability of the solution to accelerate application access without compromising on security.

Operational costs are only one measure of cost-effectiveness. Your ROI calculation also needs to account for employee productivity and end-user satisfaction.

How are new technologies like AI and machine learning being integrated into SASE solutions, and what benefits do they bring?

AI integrations with SASE can significantly enhance the security posture and operational efficiency of SASE frameworks, offering a more dynamic and resilient defense mechanism against cyber threats.

One of the most important developments is automated moving target defence (AMTD). AMTD introduces a proactive approach to cybersecurity by dynamically altering the network’s attack surface, making it more difficult for attackers to find and exploit vulnerabilities. This method includes frequent rotations of security certificates, modifications to points of presence (PoPs), and changes to network paths. By creating a continuously shifting environment, AMTD disrupts traditional attack methodologies, enhancing distributed network infrastructure security.

With numerous vendors offering various SASE solutions, what criteria should organizations use to select the right vendor and product fit?

IT has a dilemma – buy everything from one vendor or piece together the best components from different vendors. The single vendor approach is appealing because there is “one throat to choke” when things go wrong. Unfortunately, even single vendor solutions are sometimes a collection of poorly integrated acquired products. The other approach is to buy the best components and do the integration work yourself – or pay a third party to do it. More cost and complexity!

As a rule, the fewer vendors involved in your SASE solution, the better.

Security leaders need to stand back from the hype and ask some simple questions:

• Does the solution improve the productivity and experience of staff? (If it doesn’t, why would you buy it?)
• Does it work just as well for remote users?
• Does it make the security team’s job easier in terms of deployment and support?
• Can we apply a single policy for networking and security?
• Is it still secure, regardless of the applications users are accessing and the type of network connection? Do we have visibility and control from the enterprise to the edge of the network?

How do you see the role of SASE changing in the next 5-10 years?

As office networks follow the “coffee shop networking” model, SASE will bring major industry shift in the way networking and security are consumed. Expect SASE to have impact on IT services deployment comparable to cloud, mobility and AI trends. Every other service including endpoint protection platforms and XDR will eventually be consumed by SASE.