The last decade has seen a notable step in the evolution of network security and operations as companies move to a Software Defined Network (SDN) model, centralising control of switches, routers, VPN concentrators, load balancers and SD-WAN devices. This simplifies the management and operation of the network, driving down operational costs and reducing risk through better patch and update management.
At the same time, some organisations have also seen the value in moving to a network-as-a-service (NaaS) model, replacing CapEx expenditure with an OpEx model and outsourcing the management of all network components. Alongside this approach, organisations are also replacing traditional private links, including MPLS circuits with an SD-WAN model for WAN connectivity. Gartner expects that by 2026, 45% of enterprise locations will exclusively use internet services for their WAN connectivity.
However, the one area overlooked by this evolution to NaaS and SDN is the integration and management of the security layer. This oversight has been highlighted over the last few years by the change in working practices. Network traffic no longer runs through the infrastructure that enterprises built inside of a data centre or office. It is now traversing through the internet without touching traditional security layers. Organisations can’t inspect it, can’t troubleshoot it, and don’t know how to provide the best user experience to their end users.
Further complicating this is the fact that users are now on personal devices and accessing cloud based corporate applications, which—when an organisation uses traditional VPNs—can often result in strange “hairpin” network routing.
Surely, then, the next step of this evolution is to move security enforcement primarily to a single cloud-based enforcement point, with remote application access and SD-WAN deeply integrated, combining aspects of a NaaS model with the in-built security missing from the original model. This is in essence the premise of secure access service edge (SASE).
Here at Netskope we firmly believe this to be the case and this is validated by Gartner, with the prediction that end user spending on SASE will