An organisation’s choice in architecture is critical because it can directly impact their SASE objectives. Choices made at the architecture definition stage will dictate how each service component supports current business needs. Organisations must keep the big picture in mind and that includes being mindful of the service dependencies and capabilities in attack surface mitigation or their security risk management strategy. Think about all of the factors that play into this: timing, application and service coverage, availability and resilience, geographic requirements and teams involved, to name a few.
In the final instalment of our three-part series on the journey to Secure Access Service Edge (SASE), we’ll discuss the architecture. Also read part two in our SASE series 'Establishing a plan and team for success'.
How to prepare?
In part one of our SASE series, we discussed timing in the context of each organisation having its unique journey to plan for and execute. An effective architecture supports the organisation with the challenges it’s facing today and evolves to address future needs. But where to begin? It starts by asking questions before you begin the journey. You wouldn’t pack for a business trip without checking the weather report for your destination, would you? Much like choosing a parka vs. windbreaker, choices made in the planning stage are likely to dictate adoption workflow and significantly impact the transition’s success. Plus, you don’t want to have to run to the store to buy a heavier coat at your destination if the temperature drops.
It’s also critical to consider the disciplines impacted by architectural choices. It’s no question that network and security decisions are intertwined today for most organisations. The dependence and success of each decision is often made clear by the physical choice of where a service resides. This inherent dependence is one of the core capabilities and benefits of SASE. Still, it’s wise to consider each capability and how the operations team will manage and maintain the architecture once deployed to ensure the right choice is made.
Improve the SASE odds
Another organisational benefit of SASE is that it moves security closer to both the user and the data. SASE makes it easier to work closely with development teams and bring security capabilities to application and development teams in a seamless and frictionless way rather than determining how to mitigate risk after deployment. On that trip you packed for, having a travel umbrella in the event you are caught in the rain is better than getting drenched. The more homework an organisation does upfront, the better the odds of a successful outcome. With SASE, great architecture can be designed and planned for – one that ideally suits an organisation’s current and future needs and balances costs with agility and resilience.
The beauty of SASE is its ability to move discrete, complex capabilities to a cloud-native implemented service. Organisations benefit from cloud attributes like agility, flexibility and a “right-size” consumption model for their needs while focusing on business-critical challenges like web traffic security, productivity application data, custom applications for a particular vertical (e.g., healthcare) and more. For organisations with premises-based data centre security, the operations team’s ability to manage both the cloud-based and on-premises appliance policies becomes streamlined. It’s important not to overcomplicate the process by introducing a new set of tools that require an additional set of policies, some of which may not translate easily between instances.
Every SASE journey is unique
Networking and security are converging more than ever before. While each demands expertise unique to the discipline, there is also a cross-over opportunity. By empowering each team to help the other, this convergence strengthens the organisation and improves overall operational resilience. SASE provides the perfect opportunity for organisations to commit to a cloud-enabled architecture group. Network, security and application discipline expertise is required to build tomorrow’s architecture proposal. It’s exciting to see this evolution drive change for our customers and the industry.
If organisations learned anything about cybersecurity in 2020, let it be this: it’s impossible to predict the future, but we must be proactive and prepared. Organisations need a resilient and secure infrastructure that can keep up and readily accommodates current and future needs. With SASE, Juniper Networks is helping organisations realise this vision.
Mike Spanbouer, Juniper Networks - 15 February 2021
Get in touch with us today
Do you want to learn more about this subject, or do you have specific questions? Give us a call or leave a message.