Hello SASE. Goodbye SD-WAN?
The working environment has been irrevocably changed over the past two years, and the debate rages on as to whether we’ll ever go back to a pre-COVID set-up.
Certain organisations like PwC have made decisive moves, with the accounting and consulting firm announcing earlier this year that all of its 40 000 US client services employees would be able to work virtually, from anywhere, permanently. Other major accounting firms, including Deloitte and KPMG, have followed suit, providing staff with the option to continue to work remotely into the future.
In South Africa, it seems – at least for now – that many businesses are considering a hybrid approach to working, giving employees a degree of flexibility, with certain days designated as in-office ‘face time’ days and others as work-from-home days.
Farmers too have had to modify their day-to-day operations, where possible changing the way in which they interact with suppliers, clients and staff, explained Hardus Dippenaar, senior network architect at Datacentrix, a hybrid IT systems integrator and managed services provider.
Speaking at Datacentrix’s Agri Indaba event, Dippenaar added that regardless of what a company’s decision is in the shorter term around a hybrid approach to work, several considerations must be taken into account.
“One is that an organisation’s data is moving as people are moving. Another is that staff expect the same, seamless connection to the applications they need, regardless of where they might be working from.
“Not only this, but security as we know it is no longer pertinent just in the workplace, it also needs to move with your users,” he stated.
This is where the concept of secure access service edge (SASE) is coming to the fore, Dippenaar explained, as the requirements of a distributed workforce have placed remote access to applications and the ability to work from anywhere as top organisational priorities today.
“The data centre is no longer a company’s hub, it’s now the user. At the same time, though, the traditional office has not disappeared and worker distribution could shift again at any point.
“It makes sense then to deliver the necessary agility by running your network as a service through a SASE-enabled architecture, which defines the edge of the network as constantly changing and moving with the user, extending IT’s visibility beyond the corporate network and into the cloud.”
But what about SD-WAN?
The good news for those businesses that are or have already invested in software-defined networking (SD-WAN) technology, is that there is no rip and replace required. “Businesses deploying SD-WAN create an overlay network through physical appliances, software or cloud-based vendor services, depending on their IT needs, but SASE is more distributed and, by Gartner's definition, strictly cloud-based.
“The critical difference for today’s environment, however, is the fact that SD-WAN still follows the more traditional networking concept of all network infrastructure centring on an organisation's data centre, whereas SASE considers the data centre as just another service edge – essentially the SE in SASE.
“Essentially, SD-WAN provides the foundation for a SASE-enabled architecture, delivering protected, anywhere, anytime access.”
How secure is SASE?
With cyber criminals already raking in billions of rands, a valid concern voiced by many firms is whether SASE is further complicating cyber security challenges. This is not the case, said Dippenaar, due to the multilayer security capabilities provided by SD-WAN technology for both on-premises and cloud.
“These security measures can bridge a company’s current security deployment with a SASE roll-out by providing consistent security policy enforcement that can be rolled out and managed anywhere. The edge is secured because the network is treated as a zero trust network. The trust of any device and any user must be proven with every access request, no matter where it comes from.
“An important point here is that it’s not just about the deployment of security across the modern enterprise, it’s also about the simplified monitoring, managing and reporting that this also brings.
New connectivity needs?
By the same token that an existing SD-WAN implementation does not need to be replaced when rolling out SASE, an organisation’s connectivity infrastructure should also not necessarily be changed. “A company can use its existing connectivity, whether it be an asymmetrical link, fibre, LTE (long-term evolution), MPLS (multi-protocol label switching) or anything else. Don’t throw away good infrastructure unless it’s expensive, or slow; use what’s available and optimise it.”
From a local agricultural perspective, Dippenaar clarified that the future of business within the sector will see a large-scale interest in and adoption of IOT (internet of things) devices and related data collection. “Digitalisation is a major driver for the future of agri. Through SASE, organisations within this industry will be able to empower their workforce with greater mobility, while also ensuring that only those people with the correct credentials and rights can access data and deliver it to the cloud. This information can then be analysed and used for more sustainable farming,” he said.
Download the Datacentrix Agri Indaba 2021 presentations.