SASE is a framework for designing and securing networks to support a remote work force, growing cloud services, private applications, and distributed business locations.   Given the recent changes in remote workers and growing concerns on cybersecurity, businesses are evaluating how to best improve security, application performance, and visibility for devices, users, cloud services, private applications, and sites.   

A question often asked is ….. how does a business initiate a SASE approach?  Assuming a company is aligned with a leading SASE technology and solutions provider, there are two logical starting points that will enable immediate advantages while positioning the business for meeting future requirements.

One starting point is to implement a Secure SD-WAN solution for branches, homes, data center, HQ, and public cloud environments.  A Secure SD-WAN solution would include routing, SD-WAN, and security features at each site to ensure a robust Secure SD-WAN overlay for WAN resiliency, application prioritization and safeguard against critical network security risks.

A second starting point is to deploy secure access client software for employee devices that are remote to the corporate network.   The secure access client interconnects with secure cloud gateways to ensure optimal and secure network traffic flow.  Further, the secure access client is simple to turn-up, manage, and control corporate access and security policies to provide performance and visibility for both public and private applications being used by remote employees.

Either of these starting points should be initiated with a planned-out SASE architecture so a company can incrementally expand and improve their network and security policies.  Regardless of how a business starts, their SASE solution must provide flexible IT control of network and security policies and integrate services such as Zero Trust, Software Gateway, Cloud Access Service Broker, FWaaS, and Remote Browser Isolation, either at the edge locations (sites) or via cloud gateways.  And, these services should be implemented through a single software stack using neutral hardware and a single pass architecture for optimal performance.