Since its emergence, IT has always been a field marked by constant change. However, it is possible that change is not constant but is actually accelerating. This certainly feels true now, when more of the world’s population is working from home (or anywhere else) than ever before. More of the world is connected to the Internet and “the cloud” and “the edge” are forcing changes in the way we think about technology infrastructure. These changes have opened the door to a new convergence of networking and security commonly referred to as SASE. In this post, we’ll take a look at just how SASE can serve us through the lens of a leading SASE provider, VMware.
The Age of Distributed Work
There has been a lot of talk over the past 18 months or so about the emergence of a new normal, and about the future of work. While a lot of that talk ends up being nothing more than conjecture, there are some key trends we can trust. They are trustworthy because they have been unfolding over many, many years and have simply been accelerated by recent events.
So, what can we say for sure about the future of enterprise IT operations? We can confidently say that they won’t revolve around a single datacenter, with dedicated private networks connecting each site to that physical building. And we can also say that they will be forced to deal with the reality of Internet-connected cloud applications, a highly distributed workforce, a focus on the quality of experience, and ever-increasing cybersecurity threats.
The Emergence of SASE
These trends towards ubiquitous Internet access and as-a-service (“cloud”) business models are what spurred the creation and currently ongoing adoption of SD-WAN. And now, especially in their accelerated state, they are driving forces for enabling the SASE approach to converged networking and security. Essentially, SASE layers crucial security tools on top of SD-WAN connectivity. More specifically, SASE leverages the flexibility and scale of the cloud to connect and protect the increasingly cloud-centric enterprise.
While SASE, in general, is still in its infancy, we can look to several great examples of current implementations that show us what the future is bringing. VMware is one such example. The foundation of VMware SASE is over 150 global PoPs. These PoPs ensure that 80% of the world’s population is within 10ms of VMware’s network and that all major cloud providers are within 5ms. They were originally built to support VMware SD-WAN, and of course, they still do. But over the past year or so, they’ve been enhanced with the features you need to secure, as well as connect, all of your users, applications, and locations.
In this Gestalt IT Showcase, Karl Brown lays out the vision behind VMware SASE:
The VMware SASE
We already know that VMware SD-WAN provides assured performance and increased quality of experience for any application and any branch location. And we’ve previously seen how VMware SD-WAN provides context-based security through its intimate knowledge of each connecting client and application. But VMware SASE takes us beyond that, with additional services to enhance what VMware calls “intrinsic security” and to make operating your secure network easier as well.
VMware Secure Access is a recent addition to VMware’s SASE stack with an initial use-case of enabling remote access directly from any device. This extends that context-aware security into a true zero-trust network access (ZTNA) modality while maintaining a single network fabric and a single management plane. Overall network security can be further enhanced with VMware Cloud Web Security, which supports the VMware secure web gateway (SWG) capability providing SSL decryption, URL filtering, and anti-malware today; with CASB, DLP, and remote browser isolation coming soon. With SASE, user traffic is sent to the cloud for security services that can inspect, block and log threats, instead of deploying security services at homes and in data centers.
Observability is also enhanced with VMware Edge Network Intelligence, an AIOps solution that is both integrated into VMware SD-WAN and also available independently. VMware SASE ties all of these components together in a unified management plane that combines policy decisions, orchestration, and enforcement. But they also support a cloud-native and open ecosystem, meaning that you can pick and choose just the services you want, and combine them with third-party solutions as needed.
To learn more about the technical details of VMware SASE, listen to Aamer Akhter break it down in this Gestalt IT Showcase:
The Bottom Line
The world was already changing when the COVID-19 pandemic struck. Over the past 12-18 months, these changes were accelerated. And now, we are squarely within the age of the distributed enterprise. How do we keep our users connected, our data secure, and our application experience top-notch in this new world? Secure Access Service Edge (SASE) is the solution, and VMware is setting the example.