The perimeter-less, cloud-based working environment was always inevitable, but most thought leaders scheduled this revolution for sometime around 2025. With the advent of remote work, and with the prospect that no one will quickly return to the office, it’s clear that changes to the corporate network will now become permanent.
The enterprise data center concept is rapidly becoming dated, though companies still rely on it as a sort of pass-through. Employees are supposed to use VPN to connect to the data center, which connects them to their data and applications in turn. Traditional firewalls protect the data center from malicious traffic.
What companies are quickly discovering, however, is that VPNs weren’t designed to support the entire company working from home at once. Meanwhile, traditional firewalls don’t stop attackers from taking over user endpoints or stealing their login credentials. By entrenching the data center using their customer tools, administrators create a complex edifice which requires effort to maintain—and which doesn’t fully satisfy security requirements for a new cloud era.
Although administrators would prefer that their employees use remote networks as designed, the reality is that up to one third of personnel don’t use VPNs to connect to the corporate network while working remotely. Users access their SaaS applications without using VPN, they place their sensitive data in the public cloud outside of enterprise infrastructure, and they do so on devices that administrators didn’t provide or configure.
Most users prefer working this way—as many are genuinely more productive working in this manner. Rather than clinging to the how things used to be, administrators need to extend security to their users in a way that protects them no matter where they’re located or what device they’re using.
SASE (pronounced “sassy”) is one way to get this done. Using SASE, administrators combine security technologies such as Zero Trust Network Access and Firewall as a Service (FWaaS) with network technologies such as SD-WAN. This produces a flexible network that can create secure connections between users, defended by a security implementation that’s both lightweight and powerful.
In a recent report The Future of Network Security Is in the Cloud, Gartner states, “By 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.”
For SASE to work, it requires a staggering amount of visibility. Remember, we’re talking about creating a security infrastructure on users’ devices without relying on them to install traditional security tools such as firewalls and antivirus. Monitoring tools replace these solutions instead.
What this means is that monitoring tools in a SASE implementation need to be incredibly sensitive. If a user’s configuration changes, if their behavior pattern changes, if they start trying to access materials they aren't allowed to access, or if they log in from a new device, it could mean that they’re compromised. Any SASE solution needs to be sensitive enough to pick up on these changes and alert on them when necessary.
Lastly, much of a SASE implementation bypasses the enterprise data center, so it isn’t obvious how to even collect the data you need in the first place.
Garland Prisms is a cloud-native visibility solution that is designed to provide deep insights to SASE implementations and their administrators—without high costs or overhead. Garland Prisms is specifically designed for cloud deployments, virtual infrastructure, and SASE environments, letting you mirror traffic from containers, virtual machines, and any kind of cloud.
Although circumstances may have forced you to begin creating a SASE implementation far sooner than you ever planned, Garland Prisms give you the ability to fully instrument your SASE implementation as soon as you can get it up and running.
Looking to add visibility to your cloud SASE deployment, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do!