Present SASE
Presenting SASE to executive, administrative, or technical audiences requires a framework for discussion, of which a sample is provided in the following list of items, with a key understanding of each topic that may be further detailed or placed into a slide format with speaker notes:
- Introduction:
- SASE is pronounced sassy.
- Gartner defined the term to describe what was happening in the market.
- SASE services may include SD-WAN, ZTNA, CASB, NGFW, SWG, as well as other services.
- From Framework to Managed Service:
- The SASE framework provides for the integration of solutions from multiple vendors.
- The market is buying SASE services on a consumption basis.
- Most organizations will leverage two to three SASE vendors and one MSP.
- SASE Managed Service:
- This effective managed service offering allows for OPEX instead of CAPEX.
- Managed services are being consumed for SASE due to rapid software development ahead of effective education for engineering or operations staff.
- The right managed service offering provides orchestration, open Application Programming Interface (API) integration, Artificial Intelligence for IT Operations (AIOps), and multivendor seamless integration.
- SASE Service Stakeholders:
- For secure, compliant, resilient, and high-performing solutions, a framework for feedback and participation in business-impacting decisions is required.
- Stakeholders may be defined leveraging Project Management Institute-Project Management Professional (PMI-PMP) best practice.
- Governance is required.
- Actors and the Managed Service:
- SASE defines subject actors, target actors, and the role MSPs play.
- A subscriber contracts a service for the actor's benefit.
- The managed service must provide layers of security that account for real-time access to zero trust.
- Identity, Context, Situation:
- Identity, as in who or what is authorized by the service.
- Situation builds upon the context for the access role and further defines access.
- SASE Sessions:
- Sessions are the heart of SASE and may be considered as a wrapper for network sessions.
- Sessions incorporate application-specific policies.
- Sessions leverage the zero-trust framework as well as SD-WAN.
- SASE Security:
- Security is not a product but builds effective layers upon a secure foundation.
- DevSecOps and DevOps necessitate production software code updates as often as every 2 weeks.
- SASE will require integration across vendors for best-of-breed capabilities.
- SASE Policies:
- Legacy firewall or router policies force specific behaviors that are not sensitive to external changes in the factors by which that policy was written.
- Automation and orchestration allow policies to be changed based on real-time conditions.
- Effective SASE policy considers all available data in the decision process.
- SASE Connectivity:
- Most commonly, SASE connectivity will come from SD-WAN.
- SD-WAN allows SASE to leverage quality, performance, and application-awareness tools.
- Remote access solutions, Fifth-Generation Cellular (5G) services, satellite services, Ethernet circuits, and legacy WANs may be incorporated into SASE.
- SASE Services Use Csases:
- The primary SASE use case is SD-WAN plus security.
- SASE may be leveraged for both cloud infrastructure and applications.
- SASE can be used to create on-demand, secure communications across any network type.
- Looking Forward:
- The future is SASE, as it is possibly the last step in the pure cloud transformation journey that all organizations must take.
- AIOps with SASE allows for consistent, reliable, secure, and on-demand application access.
- SASE education must follow the continual learning, continual improvement path for staff.
Presenting SASE requires a balance between the past, present, and future, as well as between many independent technology focus areas. This outline provided a framework for bringing the entire audience into a SASE mindset, regardless of skill set.
