Design Overview
Zero is the most appropriate starting place with SASE design. Leveraging a ZTF-based design allows all additional security services to increase in value as implemented. SASE can be implemented one service at a time as needed. Each service must leverage interlocking and supporting policies so that no one service defeats the overall design.
ZTF starts with zero, which means all ports and systems are blocked until the access policy is met. As each attribute passes each test of the policy, resources are unlocked for the device, user, or system to make use of. The design must allow additional generations of secure services to integrate without reducing security or performance benefits.
Many organizations will start implementation with SD-WAN as it provides a direct replacement for the previous site-to-site communication solutions such as routed MPLS, point-to-point IPSEC tunnels, and other legacy solutions. SD-WAN provides API solutions to integrate with ZTF. SD-WAN...
