In the final installment of our three-part series on the journey to Secure Access Service Edge (SASE), we’ll discuss the architecture. See part two in our SASE series here.
An organization’s choice in architecture is critical because it can directly impact their SASE objectives. Choices made at the architecture definition stage will dictate how each service component supports current business needs. Organizations must keep the big picture in mind and that includes being mindful of the service dependencies and capabilities in attack surface mitigation or their security risk management strategy. Think about all of the factors that play into this: timing, application and service coverage, availability and resilience, geographic requirements and teams involved, to name a few.
How to Prepare?
In part one of our SASE series, we discussed timing in the context of each organization having its unique journey to plan for and execute. An effective architecture supports the organization with the challenges it’s facing today and evolves to address future needs. But where to begin? It starts with asking questions before you begin the journey. You wouldn’t pack for a business trip without checking the weather report for your destination, would you? Much like choosing a parka vs. windbreaker, choices made in the planning stage are likely to dictate adoption workflow and significantly impact the transition’s success. Plus, you don’t want to have to run to the store to buy a heavier coat at your destination if the temperature drops.
It’s also critical to consider the disciplines impacted by architectural choices. It’s no question that network and security decisions are intertwined today for most organizations. The dependence and success of each decision is often made clear by the physical choice of where a service resides. This inherent dependence is one of the core capabilities and benefits of SASE. Still, it’s wise to consider each capability and how the operations team will manage and maintain the architecture once deployed to ensure the right choice is made.
Improve the SASE Odds
Another organizational benefit of SASE is that it moves security closer to both the user and the data. SASE makes it easier to work closely with development teams and bring security capabilities to application and development teams in a seamless and frictionless way rather than determining how to mitigate risk after deployment. On that trip you packed for, having a travel umbrella in the event you are caught in the rain is better than getting drenched. The more homework an organization does upfront, the better the odds of a successful outcome. With SASE, a great architecture can be designed and planned for – one that ideally suits an organization’s current and future needs and balances costs with agility and resilience.
The beauty of SASE is its ability to move discrete, complex capabilities to a cloud-native implemented service. Organizations benefit from cloud attributes like agility, flexibility and a “right-size” consumption model for their needs while focusing on business-critical challenges like web traffic security, productivity application data, custom applications for a particular vertical (e.g., healthcare) and more. For organizations with premises-based data center security, the operations team’s ability to manage both the cloud-based and on-premises appliance policies becomes streamlined. It’s important not to overcomplicate the process by introducing a new set of tools that require an additional set of policies, some of which may not translate easily between instances.
Every SASE Journey is Unique
Networking and security are converging more than ever before. While each demands expertise unique to the discipline, there is also a cross-over opportunity. By empowering each team to help the other, this convergence strengthens the organization and improves overall operational resilience. SASE provides the perfect opportunity for organizations to commit to a cloud-enabled architecture group. Network, security and application discipline expertise is required to build tomorrow’s architecture proposal. It’s exciting to see this evolution drive change for our customers and the industry.
If organizations learned anything about cybersecurity in 2020, let it be this: it’s impossible to predict the future, but we must be proactive and prepared. Organizations need a resilient and secure infrastructure that can keep up and readily accommodates current and future needs. With SASE, Juniper is helping organizations realize this vision.
And finally, as we close our first security blog of 2021 and continue to make moves in SASE, we wish you health, happiness and successful security projects in the new year!