Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts.
What’s the Difference Between SASE and SD-WAN?
While SD-WAN is a key part of a hybrid workplace and multicloud operation, it should be treated as a stepping stone to SASE, not an alternative.
2 Min Read
Source: alphaspirit via Adobe Stock
Question: What’s the difference between SASE and SD-WAN?
Shaila Shankar, SVP and general manager, Cisco Cloud Network and Security: At Cisco, we get this question a lot. A software-defined wide area network (SD-WAN) is key as we transition to a hybrid workplace environment. It is an inseparable component of secure access service edge (SASE).
Let’s first discuss SD-WAN, which addresses some of the challenges of a traditional WAN by improving traffic routing and network operations. In essence, SD-WAN decouples the networking hardware from the networking services and control. It is managed via a centralized controller that enforces a data policy across its connected devices. That said, it was not developed with security as a priority, and while it has some security capabilities, many SD-WAN vendors partner with security vendors to offer a more comprehensive solution. But this approach results in additional costs and is vulnerable to gaps in integration between the vendors.
In today’s workplace environment, many workers are entirely mobile and are likely to remain so. Remote and office workers are using multiple devices and accessing applications that are deployed on the public cloud and run by SaaS providers. It is not realistic for an SD-WAN that backhauls traffic to the data center to adequately handle the surge in data, network complexity, and resulting security challenges to provide a seamless and secure user experience. The increased network complexity and traffic, coupled with the increase in security risks, require a paradigm shift to a more distributed network model that centers on the endpoints and end-user devices.
So in comes SASE, which combines the organization’s network and security capabilities into a cloud-delivered service that operates closer to the endpoint. Rather than backhauling traffic to the data center like a traditional SD-WAN, SASE’s traffic inspection occurs closer to the endpoints across distributed points of presence (PoPs). The result is a better user experience, enhanced security, and simpler network and security management.
About the Author(s)
You May Also Like
More Insights
Webinars
Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024Assessing Software Supply Chain Risk
June 6, 2024Preventing Attackers From Wandering Through Your Enterprise Infrastructure
June 19, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024