The following is an excerpt from Netskope’s recent book Designing a SASE Architecture for Dummies. This is the fifth in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture.
Now that your organization is smarter about its traffic, able to see what’s going on, and able to enforce policies to secure its data, you can realize the promise of a remote-first workforce. You’re going to make it possible for people to not only work from anywhere, but also make it a great, fluid, productive experience that at the same time is highly protective of your data, your applications, and your employees.
The most noticeable change is to move away from your legacy VPN—that long, inefficient hairpinning route that forced all your remote users’ traffic back to the data center on its way to the Internet. People just want to access Microsoft Office 365 or Salesforce and get things done. Using Netskope NewEdge, the NG-SWG security web routes that traffic to its destination while enforcing your security policies to protect data.
Zero Trust means enforcing the assumption that any user may be up to no good at all times and ensuring that data is always protected no matter where it needs to go. NG-SWG’s deep contextual knowledge about the user, device, network, behavior, and hundreds of other details, are used to limit activity to only what has been allowed by policy and to ensure that the user is who they say they are.
Once in place, your organization’s security and networking will have truly transformed to suit the needs of cloud workers and data security.
|Out with the Old||In with NG-SWG||NG-SWG Integrates with . . .|
|Legacy VPN||Security cloud to route and protect traffic as dictated by policy||SD-WAN providers|
|ZTNA||Identity management systems for managing and verifying the identities of users and groups|
|Zero Trust Data Protection|
If you’d like to read the complete Designing a SASE Architecture for Dummies book, you can download a complimentary copy here!