Last time we talked about the powerful features and rich usage scenarios of SD-WAN (SASE Popular Science Series: Understanding SD-WAN), what about the relationship between such a powerful SD-WAN and NSFOCUS SASE? This starts with the challenges faced by enterprises today……
Current Problems Faced by Enterprises
Single node deployment security capacities, causing network congestion
With the advancement of the digitization of modern enterprises, the overall popularization of mobile and cloud computing, the centralized infrastructure of the first generation of information construction is facing huge challenges. Nowadays, not only data center traffic of enterprises has increased sharply, but also a large amount of off-net traffic is generated, that is, traffic to various cloud computing platforms. The centralized detection of all these traffic flows through the security protection equipment deployed in the enterprise data center on a single node will inevitably sacrifice the agile and efficient advantages of cloud computing.
Multi-point security products, complex management
In the current modern information architecture of enterprises, there are multiple types of devices with multiple levels of trust on the access side, and applications deployed in computing environments whose physical locations are not even known can be accessed through enterprise controllable or uncontrollable network channels. Therefore, companies often turn to multi-point deployment products including NF, VPN, IPS, etc. Since these products have their own policy management protocols, interfaces, and log sets, this may cause unwieldy administration problems, increase costs and complexity, and lead to gaps in the company’s security status.
In this context, SASE provides a new solution, that is, SASE serves as an intermediate layer to undertake computation and terminal, and to perform security checks on the round-trip traffic.
Among the security capabilities of SASE, ZTNA, CASB, FWaaS, IPS, AV, SWG, etc. are all traditional security technologies, which only need to be delivered as SaaS. As you can see, security capabilities are not a difficult problem for SASE to solve. So how can SASE avoid becoming a security resource pool deployed on the cloud, but truly deliver agile security value to users? SD-WAN is the answer.
SD-WAN’s Role in SASE
So what role does SD-WAN play in SASE?
First of all, SD-WAN can help customers connect their internal network to the secure cloud, as well as multi-cloud assets and multi-branch to the headquarters, to achieve rapid networking for customers. It can connect all data centers, branches, mobile users, and cloud resources into a global, optimized, secure, and managed SD-WAN service, protecting all WAN and internet traffic with a comprehensive set of security services.
In addition, SD-WAN can reduce the difficulty of service activation and complexity of operation and maintenance. For example, if customers do not introduce SD-WAN, they need to maintain the tunnel from assets side to NSFOCUS SASE themselves when using NPA service, which is relatively a large workload.
Finally, customers can log in to NSFOCUS SD-WAN platform to visually operate and maintain their network. SD-WAN creates a large intranet for customers, which is much less stressful than previous VPN maintenance, and can quickly determine underlay/overlay network problems and traffic conditions.
“The drive to accelerate digital transformation and adopt cloud services is changing not only the network but also security. With SD-WAN, we enable our customers to migrate from a data center-centric, MPLS-based WAN to a cloud-centric WAN that fully utilizes the Internet. Today, customers are asking to use our edge platform to help them transition from the traditional boundary-based security model to SASE. Our zero-trust WAN edge can complement its selected cloud computing security service provider, and control all security policies through an orchestrator.”
——Founder of Silver Peak, Aruba CTO David Hughes
Summary of the role of SD-WAN in SASE:
- Help customers achieve rapid networking
- Reduce service difficulty and complexity of operation and maintenance
- Realize visual operation and maintenance
After the explanation of these two chapters, I believe that you have a certain understanding of SD-WAN, so to the SD-WAN chapter in SASE temporarily come to an end. With the support of SD-WAN, what kind of surprises will NSFOCUS SASE cloud service have in terms of security capabilities? Stay tuned for the next chapter, SASE Security Capabilities.
If you are not familiar with the functions of SD-WAN, please refer to the previous article “SASE Popular Science Series: Understanding SD-WAN”.
SASE Popular Science Series: Understanding SD-WAN