The appliance-based VPN was designed at a time and for a world where most people worked in an office five days a week, remote access was not commonplace, and cloud applications were rare. Back then, it made sense to centralise traffic through a handful of connection points. In today’s world, with teams and resources spread across national and international borders, this model is being stretched beyond its limits.
Companies need security solutions that enable their employees to work from anywhere with powerful connectivity. CIOs therefore have two basic options: either expand and scale their existing infrastructure or seamlessly complement it with a globally deployable, cloud-based solution.
The increasing prevalence of geographically flexible working models (‘New Work’) means that employees expect seamless access to SaaS applications, internal systems, the cloud and the Internet – regardless of their location.
This results in four specific requirements for IT teams:
• Secure access across on-premises, cloud and remote environments.
• High-performance connectivity to increase employee productivity.
• Consistent enforcement of (data protection) policies.
• Robust threat defence and visibility across the entire network.
Appliances such as next-generation firewalls remain critical for internal segmentation and data centre protection, but the cloud edge is more effective at managing global remote traffic. Instead of routing traffic through a centralised appliance, it is better to enforce zero trust policies at globally distributed points of presence (PoPs).
SASE solutions must offer exactly that and more:
• Grant secure application access – cloud or internal – based on identity and security status.
• Backhauling is eliminated, allowing employees to access critical applications faster.
• Consistent access policies can be applied from a single console to improve visibility.
• Real-time traffic inspection with AI-powered threat prevention at the device.
Remote users get secure, cloud-agnostic zero trust access and are protected from web-based threats by robust internet security. SaaS usage also becomes visible and manageable. All this is possible while existing firewall appliances continue to protect on-premise data centre environments. SASE technology should therefore be viewed as additive, not disruptive. Companies do not have to choose between the cloud and on-premise, but can instead leverage the best of both worlds.
