The Path to SASE: A Project Planning Guide

Listen to post:

Breaking Free from Legacy Constraints

Enterprises often find themselves tethered to complex and inflexible network architectures that impede their journey towards business agility and operational efficiency. Secure Access Service Edge, or SASE, a term coined by Gartner in 2019, defines a newer framework that converges enterprise networking and security point solutions into a single, secure, cloud-native, and globally distributed solution that secures all edges.

SASE represents a strategic response to the changing needs and challenges of modern enterprises, delivering a secure, resilient, and optimized foundation essential to achieving the expected outcomes of digital transformation. But digital transformation can be hard to define in practice. It can be an iterative process of researching, planning, and evaluating what changes will yield the most benefit for your organization.

This blog post provides a practical roadmap for SASE project planning, incorporating essential considerations and key recommendations that will help guide your path to a successful implementation, meeting the needs of your business now, and in the future. Let’s take the first step.

Start With the Stakeholders

For a successful SASE migration, it’s extremely beneficial to unite security and network operations teams (if such unity does not already exist). This collaboration ensures both the security and performance aspects of the network are considered. Appointing a neutral project leader is recommended – they’ll ensure all requirements are met and communicated effectively.

Take a tip from Gartner and engage owners of strategic applications, and workforce and branch office transformational teams. Collaboration is key, especially if there is a broader, company-wide digital transformation project in planning or in effect.

Setting Sail: Defining Your SASE Objectives

Your SASE project should include clear objectives tailored to the unique needs of your business. Common goals for a SASE implementation include facilitating remote work and access, supporting global operations, enabling Secure Direct Internet Access (DIA), optimizing cloud connectivity, consolidating vendors, and embracing a Zero Trust, least privilege strategy to safeguard your network and establish a robust security posture.

Plan to align your network and security policies with evolving organizational needs and processes, ensuring full data visibility, control, and threat protection. Prioritize a consistent user experience, and foster digital dexterity with a cloud-delivered solution that can cater to anticipated and unexpected needs.

Blueprinting Success: Gathering Requirements

It’s essential to identify the sites, users, and cloud resources that need connectivity and security. Plan not only for now but also for future growth to avoid disruptions later.

Pay attention to your applications. Real-time apps like voice and video can suffer from quality loss.

High Availability (HA) might also be a requirement for some of your sites. While most of HA responsibility lies with the SASE provider, there are steps your business can take to increase the resilience of site-based components.

Map all Users

Remote and mobile users who work from anywhere (WFA), are simply another edge. Ensuring a parallel experience to branch office peers across usability, security, and performance is crucial for these users. Map their locations to the PoPs offered by SASE providers, prioritizing proximity for minimized latency. Focus on SASE solutions hosting the security stack in PoPs where WFAs connect, eliminating the need to backhaul to the corporate datacenter, and supporting a single security policy for every user. This not only improves latency but also delivers a frictionless user experience.

Map all Cloud Resources

A vital component in SASE project planning is mapping all your cloud resources and applications (including SaaS applications), giving consideration to their physical locations in datacenters worldwide. The proximity of these datacenters to users directly affects latency and performance. Leading hosting companies and cloud platforms provide regional datacenters, allowing applications to be hosted closer to users. Identifying hosting locations and aligning them with a SASE solution’s PoPs in the cloud, that act as on-ramps to SaaS and other services, enhances application performance and provides a better user experience.

Plan for the Future: SASE’s Promise of Adaptability

Your network needs to be a growth enabler for your organization, adapting swiftly to planned and unknown future needs. Future-proofing your network is fundamental to avoiding building an inflexible solution that doesn’t meet evolving requirements.

Typical events could include expanding into new locations which will require secure networking, M&A activity that may involve integrating disparate IT systems, or moving more applications to the cloud. Legacy architectures like MPLS offer challenges such as sourcing, integration, deployment, and management of multiple point products, often taking months or longer to turn up new capabilities. In contrast, a cloud-delivered SASE solution can be turned up in days or weeks, saving time and alleviating resource constraints.

Remember, if you are planning to move more applications to the cloud, it’s important to identify SASE solutions with a distribution of PoPs that geographically align to where your applications are hosted, ensuring optimal application performance.

How to Plan a SASE Project | Get the Whitepaper

SASE Shopping 101: Writing an RFI

Once requirements have been identified, send out a Request for Information (RFI) to prospective SASE vendors. Ensure they grasp your business requirements, understand your goals, network resources, topology, and security stack, and can align their solution architecture with your specific needs. Dive deep into solution capabilities, customer and technical support models, and services. The RFI, in essence, sets the stage for informed decision-making before embarking on a Proof of Concept (PoC).

Step-by-Step: Planning a Gradual Deployment

With SASE, you can embrace a phased approach to implementation. Whether migrating from MPLS to SD-WAN, optimizing global connectivity, securing branch Internet access, accelerating cloud connectivity, or addressing remote access challenges, a gradual deployment helps mitigate risks. Start small, learn from initial deployments, and scale with confidence.

Presenting the SASE Proposition: Board Approval

Getting buy-in from the Board is essential for network transformation projects. Position SASE as a strategic enabler for IT responsiveness, business growth, and enhanced security. Articulate its long-term financial impact, emphasizing ROI. Leverage real-world data and analyst insights to highlight the tangible benefits of SASE.

Unifying Forces: Building Consensus

Securing sponsorship from networking and security teams is critical. Highlight SASE’s strategic value across the enterprise, showcasing its ability to simplify complexity, reduce security risks, and streamline IT efforts. A successful SASE implementation facilitates initiatives like cloud migration, remote work, UCaaS, and global expansion, and empowers security professionals to mitigate risk effectively – essentially allowing them to meet the requirements of their roles. By simplifying protection schemes, enhancing network visibility, improving threat detection and response, and unifying security policies, SASE alleviates common security challenges effortlessly.

The SASE Test Drive: Running a Successful PoC

Before committing to a specific SASE solution, embark on a Proof of Concept (PoC). Keep it simple; focus on a few vendors, one or two specific use cases, and limit the PoC to a 30 or 60-day timeline. Test connectivity (across different global locations), application performance, and user experience. Evaluate how well the solution integrates with legacy equipment if that is to remain after SASE implementation. Remember, not all SASE solutions are created equal, so you’ll need to document successes and challenges, and determine metrics for side-by-side vendor comparisons – laying the groundwork for an informed decision.

The Final Frontier: Selecting your SASE

Armed with comprehensive planning, stakeholder buy-in, and PoC insights, it’s time to make the decision. In determining the right fit for your organization, choose the SASE solution that aligns seamlessly with your business goals and objectives, offers scalability, agility, robust security, and demonstrates a clear ROI.

In Conclusion

By now, you’ve gained valuable insights into the essential requirements and considerations for planning a successful SASE project. This blog serves as your initial guide on your journey to SASE. Recognize that enterprise needs vary, making each project unique.

Cato Networks’ whitepaper “How to Plan a SASE Project” has been an invaluable resource for enterprise IT leaders, offering deep and detailed insights that empower strategic decision-making. For a more comprehensive exploration into SASE project planning, download the whitepaper here.

Related Topics