Part 4: SASE Implementation Strategies
By Darran Clare
Architecting the right SASE solution for your business…
In previous blogs, we’ve covered what SASE is (and what it is not) along with the benefits and different scenarios where you might want to consider deploying SASE.
You’ve had chance to evaluate your current environment and are most likely looking at implementing one of the following projects :
- Remote workers access – improving or expanding access and security
- Security-as-a-Service roll out to branches
- Improving WAN agility
- Adding SASE to SD WAN
- Shifting workloads and applications to the cloud
- Closing existing security gaps or embracing new security capabilities
- Handling global or regional expansion
- Dealing with MPLS circuits in expensive or difficult locations
We’ve looked at the different vendor solutions available, and after drawing up a short-list of solutions and an outline plan you are now ready to get started with your SASE project!
To understand if the short-listed solution or solutions are right for your environment we recommend taking an hour or so to whiteboard how it will work with guidance from experts with both networking and security know-how. It will also be worthwhile to arrange demos from the vendors you are considering. This can also validate whether you will need to use multiple vendors or a single vendor that will be able to provide all the SASE components alongside an SLA-backed private IP backbone.
From a project perspective, we recommend a step-by-step approach to rolling out SASE. However, whichever angle you approach it from, you will need to embrace both networking and security from the outset, otherwise, in the future, it may cost you time and money re-architecting the entire solution.
It is important to bring the network, security and cloud teams together to buy in to the solution, so that they will understand the benefits and the toolset that they will have to help them solve problems in the future, such as:
- Improved application visibility, and security of remote workers
- Easy roll out of enterprise grade security to branches
- Simplified support and centralized management
- No more patching and maintenance of remote access and security toolsets
- Providing Cloud applications closer to the user with resilient and optimised direct links
The next step is to see the solution in practice in your own environment and test it for a sub-set of your users through a proof of concept. With so many different SASE vendors, some with multiple point solutions, it will help to validate which are the easiest and most cost-effective to implement and manage.
Other key considerations are whether you intend to manage your SASE solution internally or will you need a managed service or help in deploying the solution. The more integrated Cloud-based SASE solutions make management easier. They give you the ability to configure all security, routing and QoS yourself, but require no involvement in updating and upgrading the underlying infrastructure – saving IT teams much valuable time in maintaining point solutions. For smaller companies looking for more of a “hands off” approach it is a good idea to engage a partner with the full spectrum of networking and security expertise to help design, roll out and configure your environment. You can then, either manage the solution yourself or sign up for specific managed services, such as monitoring for security threats, site deployment, monitoring last-mile links or performing policy configurations.
Finally…
If you are still evaluating SASE and deciding where to start, get in touch. We can help you to evaluate your current environment, understand the best fit for your IT infrastructure and business, and help design and implement the right solution. With just an hour-long whiteboarding session we can help set you on your path to SASE and a flexible and secure network. Book a technical consultation >
Have a question? Ask our technical specialists
