Answering the Top Questions About SASE Asked by IT Professionals
IT departments love their silos. Servers operations, virtualization, app development, networking and others live in silos. However, there’s another layer of silos within those that great more granular ones. For example, in networking, when it comes to access, companies tend to manage the various methods of access independently. This has given rise to businesses building strategies and buying products specifically to address in office access, remote access, home access and a bunch of other types.
Isn’t time we stopped thinking about access silos and just considered “access” as one problem, regardless of where the user is located? That would certainly simplify user experience as workers would no longer be burdened being the integration point for all these various technologies. In his era, where consumer vendors compete on ease of use, users hate complexity and accessing corporate resources has become an overly complex task.
Don’t get me wrong, IT organizations and network vendors aren’t doing this on purpose. The problem lies in the fact that access has evolved and new solutions were designed as a way of enabling people to work from these new locations without thought to what existed before. 50 years ago, if the technology industry could have foreseen what the world was like today, we may not have the quagmire of stuff that we do. But alas, that isn’t the case and we’ve layered on access technology after access technology to enable people to work where and when they need to.
The problem with the piece part approach is that it creates inconsistencies for workers. Either the business allows everyone to access everything from everywhere or manage access policies one system at a time. The problem with the former is that it has some significant implications to security and compliance and the latter methodology is a nightmare to manage. So, what’s a network manager to do?
VPNs are one possibility but they are a headache to set up and manage and don’t always work. Many hotels, airports and other public locations block VPN access causing access problems. Also, VPNs make sense when accessing internal resources but gets in the way of accessing cloud services. Given businesses are shifting more apps to the cloud, it may be time to ditch VPNs.
It’s time to rethink access and that requires changing the way we think about it. Instead of thinking about access being a problem to be solved on location by location basis, think of solving access through the lens of the user and that requires creating a single access method and policy so the user no longer has to be the middleware.
Doing this with traditional on-premises infrastructure might be possible but requires a massive overlay to be built and maintained. A better approach is to leverage a cloud service. In this case, the worker would connect into the cloud, via a secure connection, and the cloud provider would connect the user to the correct internal and cloud resources. This has the added benefit of enabling workers to connect directly to a cloud service bypassing the connecting into the company network and back out. Given the amount of traffic going to and from the cloud, having users go direct to cloud will save a significant amount of bandwidth and money. Users will also have a better overall experience as their connection to the cloud won’t be “trombining” into a centralized hub and back.
A single connection method also allows for a unified set of policies to be applied. A cloud service allows for corporate policies to be enforced across all traffic regardless of source and destination. This includes legacy WANs, SD-WANs, branch office connections, cloud and mobile connectivity – multiple connection types, one policy.
From a user perspective, this has the benefit of making access and security transparent. In a sense, the cloud acts an overlay that masks the underlying complexity. Instead of making the user the integration point, the cloud takes that role.
The world is becoming more dynamic and distributed, which means silos are bad as they tend to be centralized and static. Rethinking access so it no longer lives in silos is crucial to ensuring users can indeed do what they need to, when they need to, regardless of location.