Why SASE is not the magic bullet yet (but makes employees and IT managers happy)
We’re no longer working like we used to - from nine to five, in the office, on a desk with a fixed computer and a telephone. Instead, we’re working from home, in our local coffee shop, or on the go, with a wide range of devices and digital applications. Whatever makes your employees happy, and your organization stronger, right?
But these modern ways require modern IT solutions. After all, your people need quick and easy access to all your enterprise resources - all the time, from anywhere. But your IT managers need to sleep soundly, too. That’s why they probably considered implementing a Zero Trust policy. It’s pretty straightforward: for your IT department to consider you trustworthy as a user, you’ll have to perform some security checks - they’ll verify your identification, privileges, machine security status, and so on. In short: your security architecture is designed from the premise that every interaction with its resources is not to be trusted. It may sound drastic, but better safe than sorry.
Is SASE too good to be true?
Since late 2019, vendors are offering the perfect solution for modern organizations: SASE or Secure Access Service Edge. This network architecture concept combines the swift network accessibility and redundancy of both SD-WAN and VPN with their respective security features. And the best part: you handle it through a user-friendly interface. Merging two specialized, modern-day IT solutions and making them easily accessible for everyone makes perfect sense. And yet: if it sounds too good to be true, it usually is. It’s no different for SASE.
Well, for starters: the concept of SASE was thought up by the American research and consulting firm Gartner. Not quite the average path, as vendors usually launch a new disruptive security technology and market analysts create a new category for it. This time, it was the other way around, resulting in lots of confusion. Analysts claimed that SASE was merely a concept, vendors assured people it was definitely a product, and others said it was a combination of several existing products.
But did these new products really comply with the SASE idea or not? And were they really the perfect solution, as their vendors claimed?
Generally, they don’t. And no, they’re far from perfect.
No magic bullet (yet)
Connect everyone with one easy-to-use product that makes the Zero Trust policy come true: great idea, obviously. But in reality, matching two existing technologies is an unbelievably complicated process. It requires a lot of deep knowledge and time to make the ultimate product. A lot of companies took giant steps in order to live up to this new standard. The ones that specialized in roaming user connection developed additional products that took care of branch office connectivity too. SD-WAN developers tried to make their roaming connectivity fully SASE compliant. And vendors who offered both solutions tried to merge the two interfaces. But does it really make sense to combine interfaces for tools that only partially overlap in terms of features? For the security part: absolutely. For the connectivity part: not so much, as SDWAN and SSE/VPN can hardly be reconciled. Therefore the SASE concept, while looking perfectly logical at first glance, may not be as relevant as we want. It doesn’t help if vendors create products that comply with the definition, but are definitely not the magic bullet - yet.
But what if your organization can’t sit around and wait a few years until the perfect solution has materialized? Well, don’t worry about that too much. The ‘SASE-like’ solutions on the market today may not be perfect yet, but they’ll often do the trick. It all depends on what your organization needs. Do you need to connect a growing number of roaming users, or should you focus on connecting branch offices instead? If you say ‘both’: sure, it can be done, with as much security as you like, but not with the ultimate user-friendly interface that’s inherent in SASE.
Bottom line: don’t be confused with all the SASE solutions out there. But don’t pull your Zero Trust card either when you’re looking into them. With the correct analysis and guidance, you’ll find a solution that guarantees both happy employees and IT managers.