By Satish Madiraju, Sr. Director of Products – SASE at Fortinet
It’s no secret that SASE has skyrocketed in popularity in recent years due in large part to how the solution provides strong threat protection and secure access no matter where a user, device, or application is located. This is no small feat, especially in the work-from-anywhere (WFA) era, where employees are logging in from a coffee shop one day and the office the next.
Because of the popularity of SASE, many vendors are trying to get a piece of the pie and are making strong claims about their offerings that may fall short in practice. One of the most misunderstood SASE features is unified management, which empowers organizations with a simple management console for their entire solution—both the networking and security components. Because this is such an important element of any SASE deployment, customers need to understand how to cut through the marketing chatter and procure the best solution for their needs.
Single-Vendor SASE, Please
SASE is one of the first truly converged networking and security solutions that have gained mainstream popularity. But, one of the biggest challenges facing customers is understanding all of the networking elements and cloud-delivered security services that work together to provide all SASE features across the entire hybrid network. At first, many organizations used point products from multiple vendors for SASE functionalities. This presented significant policy enforcement and management challenges because these products all used different management dashboards and didn’t share information. IT teams were bogged down trying to manage the complexity and costs of working with multiple vendors.
Because of these issues, industry leaders began promoting single-vendor SASE, which is when a single company supplies both the networking and cloud-delivered security components. One of the major selling points for single-vendor SASE is unified management, which describes a simple-to-use management tool for all security and networking features. Before single-vendor SASE, IT professionals had to update security policies on many point products. Now they can upload the new policy to a management console and deploy it across all relevant areas with a few clicks.
Understanding Unified Management
Now, when someone says “unified management,” I’m sure you have a cursory idea of what it means. But what does it entail when it comes down to brass tacks? Unified management should mean a single management console for the entire SASE solution. This single console provides end-to-end visibility and the ability to streamline policies.
However, some vendors claim to offer a single-vendor solution with unified management when they really require customers to work with separate management tools. This often happens if a vendor acquires a company or companies to combine with their current offerings to provide SASE. Essentially, this is a single company selling two solutions under a single name when the elements work in silos and have to be managed as such. Of course, streamlining management down to two consoles when some vendors were using five or more is an improvement, but it undermines the true value of unified management.
And this is not a minor point. Having a single console to deploy policies, manage network traffic, and ensure a positive user experience is crucial. A customer told me, “Being able to manage and address everything from a single location increases our efficiency and our ability to deploy and manage and address issues with limited staff.”
Unified Logging Deepens the Benefits of Unified Management
In addition to deep visibility and the ability to unify policies, unified management should also include logging to help IT teams manage potential issues across their SASE deployments. Logging is all about troubleshooting and day-to-day operations for the network operations centre (NOC) and the security operations centre (SOC) teams. IT needs a SASE solution that collates alerts across on-premises and remote users as this greatly simplifies the troubleshooting process. The ultimate goal is to help the NOC and SOC teams minimize the mean time to detection and the mean time to remediation.
A strong SASE solution with an AI component helps IT teams avoid alert fatigue by giving them an easier way to analyze the numerous alerts that come in using granular controls. It helps them prioritize alerts so they know which ones to tackle first, second, third, and so on. And this is where end-to-end visibility helps because without a big picture and being able to prioritize, IT teams are stuck trying to figure out which issue is a major one and to address it first.
A Note on Agents
Understanding how your SASE solution addresses agents is also important. Similar to management consoles, vendors often have separate clients for each product that is part of their SASE offering. But it’s much easier to maintain endpoints with one agent. With a unified agent, you can support multiple security tasks and only have to turn on the agent once. Additionally, a unified agent feature makes onboarding new users and deploying new technologies extremely easy.
Going Beyond SASE
A SASE offers a more streamlined and efficient way to manage and secure network traffic and is well-designed to handle and protect the hybrid workforce. However, remember that not all SASE solutions are built the same. I recommend you partner with a provider with deep SASE experience and a truly unified offering.
And remember that while unified management is key for SASE, it’s also critical for other components of your security architecture as well. Having a single console that provides visibility and control for the entire hybrid network, including LAN/WLAN, IoT, OT, data centres, and more, empowers organizations with the information they need to protect their business and roll out updates efficiently.