Can SASE fit into an adaptive security model?

Security & GRCStrategy & ArchitectureNetwork
1.1k views1 Upvote7 Comments
Sort By:
Oldest
Co-Founder, SVP, CISO3 years ago
We’re in a dynamic, ever-moving world that requires an adaptive security model. I don't know if SASE does that. One of the things we're playing with is constantly assessing who you are, where you are, how you are. If you’re on an airplane, no, you can't look at that file now. It’s not happening.
CISO in Software3 years ago
All these network and SD-WAN vendors are suddenly, "Oh, we're not SD-WAN. Now we're SASE companies." But when you get down to it, they're an SD-WAN company but they offer integrations or APIs into their system to provide security. And I don't want to call it end-to-end security, but there’s some more security on top of the networking services they provide. 

Let's say you get Versa networks. You deploy them, and then go to the integrations page within their console. You choose to integrate with this cloud access security broker (CASB) or proxy server, like Zscaler, and then you add those services on top of what you have. Now you're paying for SD-WAN but you're also paying for your Zscaler and you're paying for your CASB and everything else on top of that. It's a convenient way to have your networking and security in one box but just like any company that offers everything, they're not good at everything. So, it's a way to get best-in-breed networking and security in one solution, but it still doesn't work in that it doesn't address the internal issues and propagation.
1 4 Replies
Co-Founder, SVP, CISO3 years ago

It sounds like they delegate out—they have hooks into other things.

lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
CISO in Software3 years ago

I’ve asked Versa how their CASB works and they said, "Well, it's not our CASB. You have to integrate with somebody else.” But then Netskope has the whole package. They have single sign-on, they have everything that Duo and Okta do, and they have SD-WAN now. It's interesting how their path is coming along and it'll be interesting to see where they go.

And there some CASBs are agentless and some are not. I went through this whole journey to get Zscaler, Netskope, SD-WAN, and some other things to work and had to create this big PAK file. You have to get your config file right before you push it out through GPO or DP because if you put the PAK file stuff in the wrong order, it doesn't work. So if you get it wrong, then you have to reissue all the agents and it's a pain. Agents are a step back, period. Nobody wants to manage agents or anything on laptops. GPOs, all this stuff, those are all 20-year-old technology. Why use it anymore?

1
Director of Enablement4 months ago
A true SASE solution is an adaptive security model, but it should also be able to integrate with your existing security strategy.

The majority of players in the SASE space today are just riding the Gartner hype train, and are actually point-product solutions just deployed in the cloud. It’s a chaos of integrations, API hooks and disjointed context. The reason for this? SASE is sexy, and they want a slice of that pie.

If you look at the SASE originators (no naming here), you will see that the platforms are designed with scale and adaptation in mind. In the event that you need to add or remove services/rules/policies etc, it’s a couple of clicks instead of a couple of deployments.

You want CASB? Check the toggle and get it working. You need DLP? Sure! RBI? Deployed worldwide in 5 minutes.

This is one of the powers of a true SASE approach. You don’t need to kill your existing architecture, but instead you can adopt one that collapses your vendor sprawl, and scales to your business need

Content you might like

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Applications & PlatformsCloudData & Analytics+15 more
Head of Enterprise Architecture MERCK Group in Healthcare and Biotecha year ago
Strategy & Architecture
Read More Comments
39k views5 Upvotes34 Comments

What is your primary deciding factor in adopting enterprise search?

Strategy & ArchitectureCloudEnd-User Services & Collaboration+26 more

TCO19%

Pricing26%

Integrations21%

Alignment with Cloud Provider7%

Security10%

Alignment with Existing IT Skills4%

Product / Feature Set7%

Vendor Relationship / Reputation

Other (comment)

View Results
5.7k views3 Upvotes1 Comment

What cybersecurity topics do you think are critical for CIOs to be more involved in, even in orgs that have a CISO?

Relationship ManagementSecurity & GRCSecurity Strategy & Roadmap+1 more
Director of IT in Healthcare and Biotech9 days ago
Cybersecurity governance and risk management (setting up monitoring of emerging threats), data protection and privacy compliance (standardize on data protection across all channels), incident response and recovery planning ...read more
Read More Comments
1.3k views3 Comments

The use of the lake in the cloud has impacted an increase in cloud costs. I'm considering doing a TCO study to bring some workloads to our datacenter in house. Has anyone gone through or is going through this challenge?

Data & AnalyticsData CenterDatabase+2 more
Founder in Finance (non-banking)3 months ago
May I ask if there was a TCO comparison of running these very workloads on the cloud vs on-prem? If so, in what ways did the original TCO modelling fail to reflect today’s reality?
1
Read More Comments
4.4k views2 Upvotes8 Comments

In the past 6 months, have you seen an uptick in targeted cyberattacks on telehealth devices and networks?

Security & GRCNetworkThreat & Vulnerability Management+2 more

No Increase16%

1-5% increase47%

6-25% increase24%

26-50% increase6%

51-75% increase1%

76%+1%

Other2%

View Results
1.7k views1 Upvote