Cybersecurity In-Depth

The Edge

What Are the Pros and Cons of a SASE Architecture?

SASE is a promising and burgeoning networking architecture approach, but it's not without some challenges.

Question: What are the pros and cons of a SASE architecture?

Shaila Shankar, SVP and general manager, Cisco Cloud Network and Security: SASE is a promising and burgeoning networking architecture approach, requiring more than just security as well as a deep partnership with the enterprise networking group. SASE is designed to address both networking and security needs and is built for the growing networking complexity of the hybrid workplace and the mobile worker. With campuses, offices, branches, and remote workers all accessing resources in or over the Internet from managed and unmanaged devices, it can be difficult for organizations to efficiently monitor and remediate security incidents. Existing networking technologies are not poised to address such challenges; SASE offers a comprehensive vision with the end user and endpoint in mind.

That said, SASE is not a single product or solution. It is a journey. It requires meticulous planning and selection of partners and road-mapping of solutions. Many vendors offer only a small part of the SASE gamut, and organizations must be wary of creating a multivendor patchwork that would be hard to maintain and improve cohesively. Partnering with fewer vendors that offer a wide array of network and security solutions is highly advised.

Many enterprises with existing WAN infrastructure investments face yet another challenge. SASE is delivered as a cloud service and is considered an operating expense (OpEx). Large enterprises with heavy capital-expense (CapEx) investments in infrastructure may be reluctant to make the transition until these investments have sufficiently depreciated. Nevertheless, these organizations must start the SASE journey now to provide a seamless and secure hybrid workplace experience. This may prove costly compared with the transitional networking technologies.

The good news is SASE can be implemented gradually, in a disaggregated fashion by assessing and prioritizing the capabilities to implement, based on your specific goals and needs.