The need for a distributed networking architecture
The last thing any IT leader or security team member wants to see is their organization on the news as the victim of the latest large-scale cyberattack. However, the threat landscape is more complex and dangerous than ever, with over 600 million cyber attacks occurring daily in 2024 with no sign of slowing down. In fact, hackers are also implementing Artificial Intelligence (AI) to assist them in gaining access to data. On top of that, organizations are more dispersed than they have ever been. Even fully on-site companies must still contend with traffic from IoT devices and applications.
In the old network security model, which an alarmingly high number of organizations still rely on, remote workers would utilize a VPN that routed traffic through a network hub at headquarters. Every application that users accessed in their daily routine would also have to be routed through the VPN, passed through various firewalls and security policies, and then sent back to the user—a phenomenon known as “hair pinning” or “tromboning” from the traffic bouncing back and forth. This process is incredibly inefficient, increasing latency and slowing network speeds.
Bandwidth-intensive applications are becoming the norm, so delivering bandwidth at higher speeds and low latency matters. Your ability to compete for new business and workforce talent depends on an end-to-end managed network solution.
Secure access service edge (SASE, pronounced “sassy”) is a cloud architecture that combines network and cloud-native security technologies and delivers them as a service. This model of virtualized networking solves many of the challenges of modern enterprise networks. However, adoption of SASE remains surprisingly low for several reasons, which we will explore later in this post. At Pomeroy, we believe that the benefits of SASE far outweigh the drawbacks.
How is SASE different from SD-WAN?
SASE is the natural outgrowth of software-defined wide area networking (SD-WAN), which became one of the first networking models to virtualize network systems. In fact, SASE incorporates SD-WAN as a key component and combines it with various cloud security tools, including Firewall as a Service (FwaaS), Secure Web Gateways (SWG), Cloud Access Security Brokers (CASB), and Zero Trust Network Access (ZTNA) into centralized management.
In other words, rather than relying on bulky server farms on-premises, networking infrastructure shifted to a cloud-based model. (Those servers still exist, just off-premises, in SD-WAN providers’ data centers.)
Visualize the differences between networking models like airport security. The TSA gate resembles the traditional castle and moat model of on-premises security, and the metal detector is like the old-fashioned firewall. Now imagine making it through security, only to find a security checkpoint at each shop, restaurant, and gate in the airport—this is how SD-WAN functions. SASE takes it one step further. Imagine security guards assigned to each passenger as they traverse the airport, constantly checking passports and boarding passes.
While this nightmare travel scenario would be harrowing, it is ideal for securing networks. Essentially, SASE shifts the focus from securing infrastructure to securing user identities.
The benefits of integrating security and networking with SASE
SASE is a more efficient networking model that converges over half a dozen network and security technologies into one. The benefits of SASE include:
- Enhanced security: SASE increases security by using secure web gateways, cloud access security brokers, and zero-trust network capabilities to validate authentication and ensure trusted devices’ access to applications.
- Flexibility: SASE provides security regardless of the user’s location, whether working from home, the office, or a public place like a coffee shop or hotel.
- Control over network traffic: While organizations cannot control remote workers’ networks, they can control work-related traffic from the user’s device to the cloud or data center, ensuring it meets security standards.
- Zero trust and authentication: SASE uses zero-trust network capabilities to validate that devices are trusted and client access security brokers to ensure logins are authenticated, including two-factor authentication.
- Secure DNS: SASE employs secure DNS instead of the regular DNS, redirecting traffic to ensure safe communication from the client to the cloud or data center.
- Cost-effectiveness: SASE is cost-effective because it consolidates network and security options into a single service, eliminating the need for multiple security appliances. This integration reduces hardware, software, and maintenance costs, making it a more efficient solution. SASE also reduces support needs and extended warranty costs, as fewer devices need maintenance and support.
The drawbacks of SASE
The adoption of SASE is still low due to the newness of the technology and funding constraints. Other challenges to SASE implementation include:
- De-siloing of security and networking: SASE combines security and networking, which have traditionally been separate departments within enterprise IT. SASE forces interdependence between the two teams and, in some cases, merges them.
- Market confusion: There’s a lot of hype around SASE. Many vendors overpromise SASE capabilities without fully understanding them before marketing them to clients.
- Single point of failure: SASE providers have been trending toward single-vendor service. While this move reduces complexity, it also creates a single system that can fail.
The Pomeroy approach to next-gen networking
Pomeroy adopts a vendor-agnostic approach, collaborating with a wide range of industry leaders, including Cisco, HPE Aruba, Palo Alto, and Fortinet. This flexibility allows Pomeroy to tailor its solutions according to each client’s unique technological landscape and existing infrastructure. By aligning offerings with technologies familiar to the client, Pomeroy simplifies the path to managing and supporting their network and helps clients leverage their existing knowledge and capabilities, lowering the learning curve, which can be a barrier to adoption. Clients can transition smoothly into optimized solutions without the steep learning curve typically associated with new technologies.
Pomeroy provides expert recommendations for specific use cases and design requirements for organizations with a diverse technology stack, guiding them through the nuances of SASE implementations or vendor differences.
AI and SASE: The future of networking
As SASE technology develops and improves, more organizations will adopt it to gain the benefits of next-gen networking, especially those with remote workers and distributed networks. Gartner expects 30% market growth for SASE through 2027, reaching a global market share of $25 billion. Just in the last several years, we have seen the integration of AI into various aspects of SASE. Autonomous Digital Experience Management (ADEM) intelligently monitors customer experience and traffic. AI-powered agents allow network professionals to investigate issues with natural language prompts. And the next generation of malware and virus protection deploys AI to seek out threats as they arise.
Pomeroy is dedicated to delivering secure, reliable connectivity for any device, anytime, anywhere, distinguishing itself as a leader in managing complex IT environments. Rather than pushing a one-size-fits-all solution, Pomeroy focuses on what complements the customer’s current setup, ensuring that the recommended technology is appropriate and enhances operational efficiency and ease of maintenance.
Contact us to learn more about our next-gen networking offerings or visit our Network Services page.
