Selecting a SASE solution can be a daunting task for any customer as there are three separate, but intertwined areas to consider for selection:
The key factors to consider in making these three selections are the subject of a separate article – but, before getting to that point, a customer should “get its own house in order” by reviewing, consolidating, updating, etc. the following. This information will be important to share with any or all of the suppliers of the three SASE areas described above.
Collect data on your network usage across all sites – critical for determining network bandwidth sizing (key SASE cost driver) and internet link requirements. Think carefully on whether you want a High Availability solution at any, or all sites, and clearly define what that means for you (e.g dual Internet links on different platforms and/or dual SD-WAN appliances)
What are the critical traffic flows the SASE solution must continue to support?
Think carefully about your journey to cloud – will all your apps/workloads move to the cloud or will some stay on-premise in your DC or your Head Office or even at some branches? This will have a significant impact on the design of the SASE solution and its subsequent cost. Don’t forget to consider whether internet pacing company web sites, payment systems, etc. are staying on-premise or moving to the cloud. Such platforms are accessed by the public or business partners directly via the Internet, outside a SASE solution. Your MSP will need to know this to plan for it and implement some form of traffic inspection as part of its SASE design.
Clarify your BYOD policy – will remote users be able to access company resources, via the SASE cloud security layer, with their own devices or will the policy say that only company end point devices can be used?
Do a complete, holistic review of all your security policies. Implementing SASE means all other security products can be replaced with the SASE cloud layer which enables consistent policy enforcement across all users/devices; something not possible when you have deployed multiple security point solutions from different vendors.
Such policies include, but are not limited to:
Your office has changed, and so should your network security. With flexible Secure Access Service Edge (SASE) solutions, full visibility and control are back in your hands.