SD-WAN or SASE: The Power is in the Platform
As enterprises set out to modernize their networks, SD-WAN has become a key networking technology for connecting offices. But with COVID-19, users transitioned to work at home, not in the office.
What’s the alternative? Buy more VPN servers? That’s short-term thinking, and only effective until enterprises need to change again, and users move back to the office. Then IT’s left with an infrastructure investment sitting underutilized.
No, to support the new requirements of the post-pandemic era, enterprises need a new strategy, one that addresses the needs of an uncertain working environment.
A Platform Rather than a Product
The biggest challenge for this new strategy is that it’s not clear as to what those needs will be. Yes, we need to have large scale, high performance remote access today but that was a problem for IT back in January and March. What are tomorrow’s challenges? That’s harder to foresee. And since you don’t yet know what problems will arise, you can’t possibly buy a product to prepare for tomorrow – unless, of course, you’re prepared to gamble with your budget.
What you can do, though, is put in place a solution that has ALL the capabilities you’ll need but only activate those needed today. When new work conditions present themselves, the right platform can adapt quickly. Such a platform should be agnostic of the last-mile technologies. It should be lean enough to run anywhere on any device, connecting any kind of location – a branch, datacenter, or cloud resource. And it should have the geographical footprint, security capabilities, and optimization technologies to securely connect users across the globe without comprising the user experience.
A decade ago, such a comprehensive, global platform wasn’t possible. Today, though, the necessary networking and security technologies have matured to the point that they can be converged together. The Internet is everywhere. Processing resources are ubiquitous in the cloud. And 90 percent of the capabilities of routers, firewalls, and now, SD-WAN are common across vendors. The real value then comes not in any one product but in the convergence of those capabilities together.
Yes, SD-WAN is one of the capabilities in such a platform, but SD-WAN alone is not the answer. SD-WAN appliances are products aimed at addressing a very particular problem – the limitations of MPLS and legacy networks. They won’t connect your mobile users or solve your long-term remote access challenges because SD-WAN solutions are built for the branch. They also don’t secure users or sites against malware. SD-WAN solutions also fail to provide the backbone for predictable, global performance. To address these and other gaps, you’ll need yet more hardware or software limiting IT agility, fragmenting visibility, and increasing costs.
Comprehensive Visibility and Management Remain Critical
As we tackle new challenges with point solutions, we risk creating greater management problems for ourselves. Add a new security solution – new type of firewall, a SWG, or IPS – and you have yet another product to manage and maintain. Your visibility into the network becomes fragmented if you have one console for SD-WAN and another for the firewall, or global backbone provider. And once your view is fragmented, troubleshooting becomes dramatically more complex.
Having all technologies in one platform allows for a single-pane-of-glass. IT managers can see networking and security events in one interface for all users – at home or in the office – accessing any resource – in the cloud or in a private datacenter. Such holistic insight improves all facets of network and security operations from planning to provisioning new resources to troubleshooting.
And management delivery should be flexible enough to meet enterprise requirements. With self-service, enterprises configure and troubleshoot the networks themselves, doing in seconds what otherwise required hours or days with legacy telcos. For additional assistance, co-management should be available allowing customers to rely on ongoing support from the provider or its partners without relinquishing control for overall management. Fully managed offloads responsibility for moves, adds, and changes onto provider.
Support Well, Run Fast
A company’s network is critical infrastructure. It is the lifeblood of the organization’s communications and, quite often, its operations. Therefore, the customer/provider relationship should be viewed by both sides as a true partnership where each one can only succeed with full support from the other.
Such a partnership can be hard to establish when a vendor just wants to sell a product and move on to the next opportunity. It requires companies to not only support customers well but also innovate fast. By owning the platform, providers can deliver new features independent of any supplier. It’s the kind of innovation we’ve seen in cloud services but not telcos and legacy carriers. It’s up to you, though, to find providers that live up to this vision – and this is where GlobalDots steps in to help you.
Contact us to discover how quickly you can cut off from your legacy network to SASE.
Originally published in https://www.catonetworks.com/blog/sd-wan-or-sase-the-power-is-in-the-platform/