As we come to the close of another great Cisco Live event, I am taking the time to look at another of the announcements that caught my eye, the latest developments in the world of SASE. If you have not read my previous post, you can find it here. Also do not forget to catch up with the on-demand content if you missed it the first time around.
What is SASE?
If you haven’t heard this term before, SASE stands for Secure Access Service Edge. This is an industry term coined to cover an array of components that work together to provide the latest and greatest in remote access, intent-based network access, and security posture.
Cisco’s industry-leading experience in both network and security allows you to bring together NetOps and SecOps teams to build solutions using SD-WAN, Cloud Access Security Broker (CASB), Firewall as a Service (FWaaS), Secure Web Gateway (SWG), and Zero Trust Network Access (ZTNA).
SASE provides modern businesses with the toolset required to solve the complex problems of not only providing remote access, but also maintaining a secure edge. This isn’t anything new, however, the recent world events have accelerated the need for these types of solutions. Just recently, a major UK building society announced that they would allow their workforce to continue to work from anywhere permanently. This will become more commonplace as time goes on.
Why SASE?
The workplace is evolving. Your office could be anywhere. A coffee shop, home, a shared community workspace, or an existing branch office. Just as locations evolve, devices that we use to access company applications and data also evolve. You may now use your own personal devices, or perhaps public/shared devices to access company resources.
This changes the dynamic from solutions to old. We used to trust locations, Office A can communicate with HQ via a site-to-site VPN or MPLS network, for example. Additionally, we may have trusted devices, a corporate-issued laptop with the correct software could connect to the corporate network via VPN.
This no longer works in a world where we increasingly need Zero Trust models, every device or location needs to be scrutinized in the same way. Access should only be granted to those with the access privileges assigned to them. Furthermore, the level of access should be adjusted based on the access method that is being used. A user connecting via a web browser in a coffee shop should not be able to save data to an uncontrolled device, however, the same user should be able to save to a corporate-controlled device.
Additionally, a distributed workforce requires distributed applications, SASE helps companies adopt cloud and SaaS technologies. Ensuring that the users can connect to the locations they require wherever they are globally and providing the security that compliance teams expect. This modern way of working is where Cisco leads the pack for me, bringing Thousand Eyes to the table allows deep monitoring and visibility of the user experience. When you can work from anywhere on any device, the increasingly limiting factor is the quality of the internet. Thousand Eyes helps you to build and maintain solutions that take this into account.
SASE solves these problems. It encompasses solutions that focus on the user and the access they have been granted. Allowing different methods of access depending on the location and the device in use. Controlling access to the most secured data only via the most trusted devices or locations. SASE brings the application or data to the user securely from anywhere, this is nearly the opposite of traditional solutions where we effectively moved the user to the application or data.
What’s New from Cisco?
We’ve covered the what and the why, now let’s look at what’s new. Cisco already has a variety of tools in the chest for solving these problems. What we saw from Cisco Live is a new way for you to purchase and build these solutions. It’s SASE, your way.
Now you can purchase a single product SKU and work with the products in a way that suits where you are on the journey. No one implementing solutions to tight deadlines and with increasing demands wants to boil the ocean at the start. However, you do want to know that you won’t have to rip and replace all that hard work in a few months just to add that feature you need.
If you are at the beginning of the journey, you may just want to get remote access and device assessment implemented. If you are more mature, you may be interested in Zero Trust Network Access. Maybe you already have a great SD-WAN implementation and you just need to extend the security side and gather new visibility. Wherever you are, whatever the requirements, Cisco is making it easier for you to build the solution you need on your terms.
Combining Umbrella, SD-WAN, Duo, AnyConnect, and ThousandEyes into a single SASE offering not only makes a whole lot of sense, but it also provides a great deal of investment protection.
Closing Thoughts
I’ve been really impressed with the announcements made during this year’s event. With my previous post, I looked at how Cisco is making the consumption of the cloud much easier with improvements and partnerships in the SD-WAN space. If you then combine that with the developments around SASE, it is clear to see that the portfolio provides comprehensive end-to-end solutions for the modern business and the modern workforce.
Any cloud, any location, any device: get your users the access they need to the applications and data that is critical to running your business, all while ensuring security and compliance. I think that should help us all sleep easier at night.