Often, engineers are sold a shiny new technology that’s positioned as the answer to “everything.” And just like that, the technology that had been serving us well for years is suddenly stigmatized as legacy technology and there’s the urge to rip it out and replace it. The reality though, is that we generally don’t have the luxury of rearchitecting an organization’s entire infrastructure, nor should we.
The better approach is looking into how these new technology innovations can help make the current architecture better and address specific use cases more effectively. SD-WAN and the emergence of SASE is one such example of technology innovation that allows organizations to apply secure access no matter where their users, workloads, devices, or applications are located.
Single-Vendor SASE
While some probably remember when SASE stood for “Self-Addressed Stamped Envelope,” and was used to get something from a celebrity or some back-of-the-box offer, today it stands for Secure Access Service Edge. Now wait, this is old stuff from 2019, right? While the term has been around for a while, the technology really matured as the remote work population reached all-time highs throughout the pandemic.
With the majority of organizations supporting hybrid workforces, CIOs are tasked with the challenge of securing users as they move from their home to the office, during travel, and everywhere in-between. If it wasn’t dead before, the perimeter for securing a business is officially gone now. Zero trust is the only way forward, and SASE is a major part of that future state. SASE is not a silver bullet, no technology is, but it plays a very important role in securing a distributed workforce and should be used to augment your next-generation firewalls and other on-premises technologies to help provide consistent security and user experiences regardless of where employees are located.
This is where Fortinet’s approach with Single-Vendor SASE comes in. Customers want FortiOS to be the unifying presence, from firewall to the cloud and beyond. Whether it is on-premises or in the cloud, FortiOS is the glue. Likewise, one client, FortiClient, will help secure endpoints whether they are connected to the cloud, or a traditional on-premises firewall.
Unified policies, whether it’s “legacy” technology, or the latest iteration of SASE, provides business with a way to seamlessly integrate the new technology while maximizing their existing IT investment.
Another reason for extending existing security architectures instead of replacing them is that, not all use cases lend themselves to SASE. For example, many organizations still demand on-prem security for use cases like internal segmentation, compliance and regulatory requirements – especially those in the financial and federal/government verticals. And, of course, there are customers are cloud-friendly or predominantly remote workforce would take the route of cloud-delivered solution. What is turning out to be more important is the flexibility for customers to enable security where it is needed on their journey to a SASE framework and, while these organizations are adopting cloud-delivered security for a hybrid workforce, they are also making sure to enable internal segmentation for on-prem locations to prevent the lateral movement of threats.
In this scenario, the single-client approach from Fortinet shines as it reduces the individual policies, configurations, and software that need to be deployed to the end user devices, thus simplifying deployment, as well as user experience. They use the same software for both on-premises and SASE. So, to them, it’s the same thing and it’s simple. No need to have complicated instructions of when to use one solution over the other. Colleagues outside of IT deserve connectivity and security with the least amount of friction possible.
Conclusion
While it may not always be possible to use the same vendors for all security needs, there is a compelling case to consider it. Keeping a uniform security posture regardless of where users are helps make sure that security intent is properly implemented. Misconfigurations and oversights are often at the root of security infiltrations. Anything that helps IT teams provide a great user experience while maintaining a uniform security posture is a win-win for the business.
To learn more about what Fortinet is doing with their Single-Vendor SASE architecture, be sure to check out their page.
Guest
Narav Shah, Vice President of Products – SD-WAN, SASE, Zero Trust at Fortinet
Moderator
Ben Story
Connect with Narav on LinkedIn and learn more about Fortinet and their security on their website.
Follow us on Twitter and SUBSCRIBE to our newsletter for more great coverage right in your inbox.