Secure access service edge (SASE) deployments have seen strong momentum thanks to increased complexity in managing networks and dealing with security threats.
Digital businesses are more reliant on their networks than ever before. Technologies that enable digital transformation, such as IoT, mobility, and cloud, are all network-centric, and that has raised the bar on the value of the network. My research shows that almost two-thirds of business leaders believe the network is more valuable today than it was five years ago.
That said, today’s organizations face increased complexity in managing networks and dealing with security threats. We live in a world where everything is connected, and it’s up to network operations to manage traditional connectivity and connections to people’s homes and a growing number of things such as kiosks, autonomous machines, and others.
In the current business environment, organizations are increasingly adopting cloud services while maintaining some on-premises applications. The rise of remote work due to the COVID-19 pandemic has accelerated this trend, leading to more security threats and network management challenges. To tackle these challenges, the industry has recognized the need for a unified approach to networking and security, which is why secure access service edge (SASE) deployments have seen such strong momentum. In fact, SASE was one of the hot topics at the RSA 2023 show, as security vendors are trying to align themselves with networking and vice versa. In concept, (SASE) management addresses these challenges by combining software-defined wide area networks (SD-WAN) with security. Delivered as a single vendor, cloud-based service, SASE management allows businesses to protect their networks and digital resources while simplifying the management process. I used the term “in concept” as there are many options for customers. but, the customers typically need to pick and choose networking and security components from different providers and bring them together and correlate the information and policies manually. The complexity of doing this opposes the simplicity SASE is supposed to bring.
Managing SASE requires two disciplines that have historically not been tied together – making wide area networks more efficient (SD-WAN) and ensuring strong network security. This combination needs to be delivered as a single service via the cloud. Additionally, SASE management should make it easy to apply rules and policies across the entire network for all users and devices. This can be difficult for companies that want to take a “best of breed” approach, as the correlation of data and integration of services and policies are typically done manually.
Verizon’s SASE solution combines its managed network and security services to create a closed-loop system that involves zero-trust networking, visibility and reporting on security threats, and improved latency and performance for accessing applications. The provider has partnered with Versa Networks and Cisco for the SD-WAN, plus Zscaler and Palo Alto Networks for security, to create an integrated offering that includes a single portal view for SD-WAN and SASE deployments. The deployments are managed by one network operations center (NOC) and security operations center (SOC), potentially lowering costs and simplifying operations.
“There isn’t yet a single vendor or partner with a technology stack that does both SD-WAN and security service edge (SSE)-like services to meet the SASE vision. As such, Verizon is focused on a couple of combinations for our customers using top-tier SD-WAN solutions and top-tier SSE solutions,” said Vinny Lee, Verizon’s product development director, during a recent webinar hosted by the provider.
A networking element that plays a key role in SASE management is network as a service (NaaS). In fact, Verizon views SASE as part of the evolving network as a service (NaaS) narrative. NaaS provides organizations with a flexible, programmable, and scalable way to manage networks, combining different levels of service, access types, and service-level agreements (SLAs). Alternatively, traditional SD-WAN solutions often require a combination of internet-based and private-based access technologies in order to achieve better performance and reliability.
Verizon aims to build a “single pane of glass for the SASE digital experience,” which will eventually expand into a broader NaaS offering, said Lee. This would allow customers to see all the services they have procured from Verizon in one location and understand how they work together, creating a holistic experience for customers. Verizon’s NaaS strategy involves securing, connecting, and managing all aspects of the network, including incident management and monitoring connectivity tunnels.
Verizon is also addressing the increasing use of wireless local area networks (LANs) and 5G networks. The provider is offering customers the option to access its network with any type of last-mile access, including broadband, fixed wireless access, and 5G using what Verizon calls a “secure hybrid network” service. This allows customers to get into Verizon’s core private internet protocol (PIP) network even if they’re using other providers, including global providers in areas like the Asia-Pacific (APAC).
Lee shared two use cases that demonstrate how customers are utilizing SASE management. The first customer, a security solutions company based in Europe, acquired Verizon’s SASE management package as part of a total NaaS solution. The customer embarked on a complete network transformation, which included implementing various security components. The second customer, in healthcare, focused on transitioning to a traditional SD-WAN, integrating Palo Alto Prisma and leveraging Verizon’s NOC incident ticket handling and policy management services. This customer sought a single vendor to deploy the complex solution and achieve overall cost reduction.
SASE management from Verizon is available in three packages, with the price based on the number of users. Each package provides integrated security management support for a defined feature set.
- The first package is multi-vendor SASE management, which includes change management and incident management for a set of basic security features.
- The second one is multi-vendor SASE management plus, which includes features available under multi-vendor SASE management, change management and incident management with enhanced security options.
- Package three is multi-vendor SASE management preferred, a complete service package that includes all the features in the other packages in addition to managed detection and response—Verizon’s security as a service (SECaaS) offering.
Verizon launched SASE management and its advanced SASE offering in early 2023, which included the combination of Cisco and Versa for SD-WAN and Zscaler and Palo Alto Prisma for security. This bundled solution serves as a standard offering for customers. According to Lee, Verizon plans to introduce a single-vendor solution through Versa later this year, combining the security and SD-WAN components to provide a reliable, end-to-end solution for customers seeking a unified experience.