Cisco will upgrade and integrate its access control, networking and security products to meet the objectives of Secure Edge Access Services (SASE.
The Cisco equipment supplier adopts the SASE architecture of Secure Access Service Edge put forward by Gartner. The OEM plans to upgrade some of its products to provide access control, security and network capabilities to cloud services. Enterprise adoption of SASE technology will be gradual, according to Cisco. “The adoption will take place as they identify the best way to connect their increasingly remote employees to distributed resources delivered by enterprise data centers and in the form of cloud services,” said Cisco. “Flexibility will be essential, as IT services will choose from multiple security and network features that best suit their operations, regulatory requirements and types of applications,” said in a blog post, Jeff Reed, senior vice president of products for the Cisco Security Business Group. “Security services can be delivered widely from the cloud to maintain consistent access policies across all types of devices. However, companies with global operations may need to tailor their security and routing services to meet regional requirements. “
According to Mr. Reed, secure access and optimal performance are essential. “The rapid adoption of SD-WAN to connect to multi-cloud applications is a good opportunity for companies to reconsider the way they manage campus access and security to the cloud and to the periphery,” he said. -he declares. “60% of companies believe that by 2021, the majority of applications will be hosted in the cloud and that more than 50% of employees will work remotely, and SASE technology provides network connection and security solutions to manage this new normal ”. According to Mr. Reed, “SASE’s goal is to provide secure access to applications and data from on-premises datacenters or cloud platforms, with access decisions based on the identity of the entity to the source of the connection, therefore individuals, groups, places, devices, services or a combination of these entities ”.
A boon for equipment manufacturers
Service edge means global points of presence (PoP), IaaS or colocation facilities where local branch and endpoint traffic is secure and routed to the appropriate destination without going through data centers. the business. “With this ability to deliver combined security and network services from the cloud, businesses will be able to securely connect any user or device to any application and optimize the user experience,” said Mr. Reed. To support the technology, Cisco said it would enhance and integrate a number of networking and security products, including its SD-WAN networking software, its cloud-based security platform Cisco Umbrella, and its Zero Trust authentication solution. .
Mr. Reed explained:
– “Cisco SD-WAN is a cloud-delivered WAN architecture overlay with application optimization to provide predictable application performance in multi-cloud environments. The integrated full security stack built in this way offers a firewall, Intrusion Prevention System (IPS) / Intrusion Detection System (IDS), Advanced Malware Protection (AMP) and URL filtering. In addition, Analytics and Assurance provide the visibility and information needed on any type of connectivity to provide the best possible experience.
– “Cisco Umbrella unifies the functions of secure web gateway, DNS layer security, firewall and Access Security Broker to the cloud in a single integrated platform native to the cloud. Built as an architecture based on micro-services with dozens of points of presence around the world, the Umbrella platform offers the scale and reliability necessary to secure current remote workers, all thanks to threat intelligence supplied by Cisco Talos.
– “To verify identity and protect access to resources, Cisco Duo and Software-Defined Access (SD-Access) from Cisco extend the Zero Trust network architecture to all locations from which employees work. Duo provides protection for remote workers, while SD-Access protects the workplace. Ultimately, where security is less important and IT can activate policies across the enterprise, “said Mr. Reed.
“The disparity in how security and network services are sold can make it difficult to purchase services to take advantage of SASE,” he wrote. “Today, on the one hand, these technologies generally have separate purchasing cycles, which can slow the adoption of SASE. Secondly, the license structures are different for networks and security services, the former being generally based on speed, while the latter are based on protecting a wide variety of users and endpoints. ”
A method to secure access
All experts believe that SASE is still in its infancy. “SASE is a journey, not a product, and it will take time to adopt,” said Lee Doyle, senior analyst at Doyle Research and contributor to Network World. “Cisco has adopted SASE terminology and the OEM is in a unique position because it has all the necessary assets in terms of network technology and security to develop it,” said Doyle. “Cisco will not be able to meet all of the SASE criteria, and it does not say it does, but the OEM is well positioned,” added Doyle. “The next step will be to bring everything Cisco has into one integrated solution that is easy for customers to consume.” Either way, Cisco will certainly not be alone in the SASE field: VMware, Palo Alto, Fortinet, ZScaler, Cato Networks and others are all watching technology and preparing to fuel the competition.