Published12. Oct. 2020
Silver Peak & Zscaler: Making SASE Work for You
The business landscape is seeing a rapid increase of cloud usage, and Silver Peak and Zscaler help firms to maximize the benefits of cloud transformation with a more secure SD-WAN solution.
As part of their digital transformation strategy, many enterprises are actively migrating applications to public cloud infrastructure and Software-as-a-Service offerings. Enterprise IT objectives and expected benefits of cloud migration include:
- Increased agility
- Higher application performance and availability
- Improved application accessibility for users
- Reduced data center footprint
- Lower costs
Unfortunately, the transformational promise of the cloud often falls short of meeting these expectations.
Why? Because traffic patterns have changed.
They have changed not only due to the migration of apps to the cloud, but also in response to today’s “work-from-anywhere” world. Users now access applications from anywhere, from any device and across diverse WAN transports, including residential broadband.
IT has quickly come to realize that making incremental investments in their legacy routers and firewalls didn’t yield the desired outcomes. Traffic bound for the internet was still backhauled to the corporate data center, adding unnecessary latency and negatively impacting application performance.
What’s required is a complete transformation of the wide area network, and this transformation has fueled the biggest evolution of the WAN in two decades: the software-defined wide area network, or SD-WAN.
The combination of workers accessing business applications from home and remote locations (e.g. airports, coffee shops), along with the explosive growth of IoT devices is rendering the traditional enterprise security perimeter ineffective. Today’s cloud-first enterprise must arm workers with a security service solution that follows them wherever they go.
As we’ve already seen, continuing to use a hub-and-spoke architecture, backhauling internet-bound traffic to the data center for advanced security inspection, results in a sub-optimal user experience. What’s needed is a complete transformation of security infrastructure, and this has driven the rapid adoption of modern cloud-delivered security services.
WAN Transformation + Security Transformation = Digital Transformation
Only by transforming both the WAN edge and security architectures can the full promise of the cloud be fully realized.
In a report published by Gartner in November 2019, they proposed a new model called the secure access services edge – SASE for short. The model describes the integration of core WAN edge capabilities such as SD-WAN, routing and WAN optimization at the branch locations with a comprehensive array of cloud-delivered security services such as secure web gateway (SWG), firewall-as-a-service (FWaaS), cloud access security broker (CASB), zero trust network access (ZTNA) and more.
A key design principal of SASE is the transformation from complex hardware-laden branches to thin branches with cloud-native security services. The promises of the SASE model are many:
- Improved user experience by delivering better application performance by breaking out cloud traffic locally over the internet from the branch
- Operational efficiency by simplifying branch WAN infrastructure and through centralized orchestration of application, network and security policies
- Reduced risk with consistent, always-up-to date, business-driven security policy enforcement
- Increased business agility by significantly reducing the time to bring new sites and applications online or to update application and security policies
But simply adopting just any SD-WAN solution and cloud security offering is not enough to maximize the return on cloud investments described earlier.
While those individual solutions might deliver on the app performance/availability and accessibility promises and enable the shrinking of the data center, that approach falls short of delivering increased business agility and lower costs. And it won’t address consistent security policy enforcement across all users, locations and devices to mitigate risk to the enterprise.
What’s needed is fully automated orchestration of the WAN edge network functions and cloud-delivered security services. This is a 1 + 1 = 3 benefit for IT and the enterprise.