With many organisations moving to hybrid cloud and remote work environments, the threat landscape is constantly shifting direction, and maintaining a secure network at the edge is taking centre stage.
There’s significant complexity in delivering a range of different services in an integrated way when needs are continually changing. This is where an integration model such as Secure Access Service Edge (SASE) aims to combine numerous network-based security functions into a simplified approach covering secure web gateways, firewalls, zero trust network access and cloud access security broker functionality — with software-defined wide-area network rolled into one.
SASE is expected to open new pathways to help customers conceptualise the components of a credible network and security environment.
However, first, partners need to nail both their technology and go-to market along with seeking out areas to continuously shape and improve their integration model.
According to Gartner, the popularity of SASE is expected to snowball over the next few years, claiming it will be the dominant consumption model for WAN edge in new and updated deployments.
Arrow A/NZ general manager Karl Sice noted that customers were moving away from separate vendors and complicated product sets and are instead looking for a simpler unified technology solution that reduces overhead, increases security, is easy to maintain and can also integrate with other existing solutions.
“Migration and services skills are required to transition companies to the new networks, which not only boosts the partners profit, but allows for closer collaboration and ongoing maintenance of the customers SASE environment in the long term,” Sice said.
“Partners are now able to offer mature SASE solutions to their customers that reduce the complexity and cost of their network, improve security posture of all connections, regardless of their location and improve network performance of all applications.”
What are some of the core pillars that make up a successful SASE strategy?
According to Sice a successful SASE strategy for any company should incorporate and integrate a Zero Trust Network Access (ZTNA) strategy, with Firewall as a Service (FWaaS), Secure Web Gateways (SWG), Cloud Access Security Broker (CASB) and SD-WAN/VPN access and connectivity layers.
“Tying all of these technologies together and integrating the management and supervision of the environment is imperative to ensure the integrity of the network is maintained and secured at all times,” he said.
“A successful design, deployment and implementation of SASE not only provides a recurring revenue stream for partners with regards to implementation, management, renewals and support, but also allows partners to leverage their experience across multiple verticals, opening up new markets and opportunities to partners that might otherwise be inaccessible.
“A successfully managed SASE environment is a powerful reference that can be advertised in any market and then adapted to the specific client’s needs.”
Visibility and integration are two of the most important components in managing a SASE model, Sice said. Without visibility, the security of the network cannot be ensured and if one part of the network is unable to integrate with another for user profiles, device types and profiles, an end to end security strategy cannot be maintained.
“Partners need to be aware of the complexities that companies face in trying to manage ever-expanding and more complicated network environments,” he said.
“Simplifying and unifying their networks with a strong SASE design can reduce overheads and maintenance headaches without sacrificing security. Partners can now leverage best-of-breed SASE solutions that provide enterprise class security controls and visibility and are easy to maintain and support.”
In the wake of two high profile data breaches in Australia namely Optus and Medibank, partners have an opportunity to be the trusted advisors to organisations as they look to identify gaps in their cybersecurity strategies and mitigate any risks.
According to Symantec, a Division of Broadcom Software, for partners to help these organisations, they need to understand the entire threat landscape by developing the right skills and invest in offering the full breadth of cybersecurity solutions to their customers.
“SASE has been with us for several years now and there’s much focus on what are the features that define success rather than the customer outcome that SASE should deliver,” Symantec General Manager, Symantec Enterprise Division, Broadcom Software, Rob Greer said.
“As a cloud-first convergence of security and networking delivered to the edge, stronger security and a better user experience are at the forefront of any SASE deployment. Along with those, a customer should benefit from reduced operational complexity.
“Symantec SASE customers enjoy stronger security as we have one, if not the, most comprehensive cloud-delivered security portfolios in the market.
“Our deeply integrated Secure Web Gateway, DLP, CASB, ZTNA, Remote Browser Isolation and Sandboxing technologies (along with others) have been leaders in the market long before SASE had a name.”
Greer highlighted another Symantec strength is its network backbone particularly following its considerable investment to build its SASE upon Google Cloud for an optimal user experience.
“Symantec has never been more focused on being an R&D organisation. This makes us more reliant than ever on the strength of our partner ecosystem, opening the door for partners to play a greater role in the customer relationship to both create and sustain long-term value,” he said.
Westcon director, David Peach spotted one of the largest opportunities in considering your current ability, or appetite to build, your own full SASE solution, or whether you will partner with others in more of an ecosystem approach to meeting your customer needs.
“The right channel partnerships can create opportunities once you agree how you can cross sell alongside other like-minded partners,” Peach said. “Many organisations rushed out solutions to enable remote work back in early 2020. Offering an independent review of the ongoing suitability of those environments in the post-covid hybrid work world is a great way to start a conversation.”
Peach articulated that if customers aren’t already discussing a cyber security strategy with you as a partner, chances are, they’re already talking to someone else.
“So not having a security strategy that addresses the needs of a modern business, as SASE does, is not an option. How you choose to build that is up to you – not everyone can or should try to become expert in delivering an end-to-end ZTNA outcome - I am seeing more examples of partners with complementary skillsets combining for mutual success,” he advised.
One of the biggest challenges is customers want SASE, but they want it delivered “their way” and out-of-the box solutions don’t always work, Greer said.
“Customers often require hybrid SASE where users, data and security can be anywhere - including on-premises. And while they often may want to coexist on-premises and in the cloud, they don’t want to buy, operate or maintain two security stacks,” he said.
Westcon’s Peach warned not to try and take your customer from zero to a full SASE ZTNA solution, as different customers will evolve their requirements over time.
“Start with a particular team or addressing a particular concern (like protecting branches or a class of remote workers perhaps) and then build from there. Perfect your own support capabilities and then build out your SASE solution from there,” Peach said.