Subscribe
About

Post-pandemic confusion in the digital security space

Traditional networks and their legacy security systems are under pressure when it comes to keeping pace with the changing traffic patterns caused by remote working.
Paul Stuttard
By Paul Stuttard, Director, Duxbury Networking.
Johannesburg, 01 Sep 2020

There is mounting evidence of confusion in the post-pandemic corporate world. It concerns the most appropriate means of dealing with digital security in the rush to return to “business as usual” which, as many industry watchers point out, will never realistically occur since the many benefits of remote working and “the new normal” have been proven.

As I highlighted in a previous Industry Insight, the work-from-home requirement, which has admirably contributed to the “flattening of the curve”, has resulted in a powerful shift in corporate emphasis from on-premises users to remotely located and mobile employees. Many view this migration as a central component of the new normal.

This has sparked a desperate search for security solutions to support networks in which large numbers of connections are both internal as well as remote.

William Dixon, head of Future Networks and Technology at the World Economic Forum, notes COVID-19 has “changed the technology culture and infrastructure of every medium-sized and large organisation faster than any other known event or phenomenon”.

He says unless there is a seismic shift in the way organisations address digital security, they could be “investing time, effort and money in a battle long lost”.

A recent investigation into the attitudes of UK-based business leaders in the post-pandemic environment reveals widespread confusion concerning the adoption of appropriate network security solutions. This has been highlighted by respected writer, business analyst and former University of Hertfordshire lecturer, Joe O'Halloran.

In an insightful feature in a specialist publication, he says the confusion is centred on the perceived security benefits of the two candidates emerging as the preferred post-pandemic network technologies: software-defined WAN (SD-WAN) and secure access service edge (SASE).

The rapid emergence of SASE should not prevent any organisation from opting for an SD-WAN-based solution.

According to O’Halloran’s article, nearly half of the organisations that participated in a nation-wide survey said SD-WAN is “less relevant to the burgeoning remote workplace that has emerged since lockdown” while 55% favoured SASE as the network security solution of the future.

This must be viewed against the backdrop of the rapid acceptance and adoption of SD-WAN – on a global basis – over the past year. Will this trend be reversed?

Undeniably, traditional networks and their legacy security systems are under considerable pressure when it comes to keeping pace with changing traffic patterns created by the rapid rise in mobile, cloud and edge deployments. Many of these networks have outlived their usefulness.

As O'Halloran notes: “The pandemic presents an opportunity for full-blown innovation, a dramatic shift in perspective and the adoption of safe and resilient operating processes.”

How important is it to pick a winner in the SD-WAN versus SASE contest? Will the recognised definitions assist in establishing a preferred option or simply stimulate further debate?

SD-WAN technology is focused on connecting offices to a central headquarters and data centre, although it can also connect users directly to the cloud. It is defined as a software-based approach to building and managing networks that connect geographically-dispersed offices.

A SASE network is focused on providing cloud-native security tools and has the cloud at the centre of the network. A SASE solution combines the capabilities of a WAN with comprehensive security functions to facilitate secure network access in cloud and mobile environments.

If anything, these definitions, as accurate as they are, only lead to more confusion. For example, many are of the opinion that SASE is simply a repackaging of SD-WAN, when in fact – according to authoritative industry analysts – SD-WAN should now be viewed as a subset of SASE.

As is becoming clear, SD-WAN appliances are central to the delivery of vital networking functionality while SASE has the task of converging SD-WAN with other network and security services. This has the potential to create a holistic WAN connectivity and security solution.

The respected Gartner research and advisory firm sees SASE being offered as a managed service and running on a “single-pass engine incorporating all of the core security and networking capabilities”.

According to Gartner, SASE services will converge a number of disparate network and network security services – including SD-WAN – into a unified, cloud-native, globally distributed platform. In this light, Gartner expects at least 40% of organisations to have specific plans to adopt SASE by 2024.

I believe SD-WAN’s key role in the development of more powerful, responsive, efficient and intelligent networks will remain unchanged and unchallenged, while SASE – as an equal partner – will facilitate the secure connection of remote users to their applications, data and services on an “anywhere, anytime access” basis.

While there will seldom be a single, one-size-fits-all solution for every organisation’s security demands, by combining SD-WAN and other networking functionality with advanced security features, SASE can legitimately address most WAN network and security needs today and scale to meet future requirements.

If there is a note of caution, it’s linked to SASE’s need for above-average levels of integration to ensure an optimum user experience. These heights have not generally been scaled by industry players to-date. It’s time for the transformational specialists to step forward.

Their involvement in establishing a viable, practical partnership between SD-WAN and SASE will result in organisations benefitting from a distinctive solution with a single policy capable of providing wide-ranging protection against cyber attacks and other threats.

In conclusion, the rapid emergence of SASE should not prevent any organisation from opting for an SD-WAN-based solution. However, this solution should ideally be teamed with a carefully-defined, engineered and mandated SASE service supporting WAN, mobile, cloud and edge computing.

Together, SD-WAN and SASE are tasked with complementing the design of enduring, sustainable and secure corporate networks, ensuring their armour will remain effective for many years to come.

Share