SASE security must-haves for CISOs

Sean Campbell, Director Canadian Channels, Fortinet

Digital innovation and evolving business needs have required CISOs to invest significantly in multi-edge networking strategies that adjust to new cloud environments and applications and provide secure access for work-from-anywhere (WFA) employees.

Yet, as networks expand, so does the threat of cyberattacks. When the gap between network function and security grows, CISOs will look to trusted vendors to help them navigate legacy systems and keep pace with innovations. 

Increasingly, CISOs are looking to secure access service edge (SASE) solutions to integrate and scale security and networking while meeting the needs of a growing remote workforce. Partners offering SASE solutions will find new business opportunities to help CISOs keep up with the changing nature of their multi-edge networks.

SASE solutions should, at minimum, secure cloud access for authorized users anywhere. Choosing your SASE vendor is critical because not all SASE solutions are created equal. They vary in security, composition, and scalability. These differences can impact cost, workflow and the human resources needed to achieve the integrated system a SASE approach promises.

Partners looking to support CISOs should ensure the SASE solution they offer meets their top security requirements:

SASE as part of an integrated platform 

The security offered through a SASE solution must be part of an integrated platform. While SASE solutions are designed for secure, cloud-based connectivity, chances are that most customers aren’t cloud exclusive. Most likely have a multi-cloud strategy and physical networks thrown in the mix. Partners need to make sure that any SASE solution they offer includes the ability to protect data centers and on-premises resources.

A truly integrated solution should ensure consistency in the deployment of policies across all network environments and feature the same security products and services applied elsewhere. This approach will help whittle down the list of vendors, as most cloud-focused SASE solutions won’t be able to address network security holistically. Prioritizing SASE services that can seamlessly integrate with the extended network will give partners an edge, as the resulting unified security framework will increase effectiveness and reduce overall costs for the customer.

Global insights 

Beyond the need for a unified security framework, partners should prioritize SASE solutions that use advanced threat research. Access to threat intelligence ensures security protections are updated, further securing the customer’s networks from new and emerging threats. Consideration should be given to the vendor’s track record of security research and innovation alongside their networking experience.

Single-vendor advantages

While the benefits of SASE are substantial, successfully deploying can be complex. SASE encompasses networking solutions including SD-WAN, WAN optimization, routing, and content delivery, as well as cloud-delivered security services such as Firewall-as-a-Service (FWaaS), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB) and Zero-trust Network Access (ZTNA). Getting all these solutions from different vendors to work as a unified SASE architecture can be challenging and time-consuming. As a result, a single-vendor SASE approach offers significant benefits.

A single-vendor approach elegantly converges networking and security so policy enforcement, management, and optimization are controlled through a single interface. It also seamlessly hands off connections between the cloud and on-premises devices, enabling access and security policies to follow users and applications end-to-end, which advances the adoption of zero-trust principles – a critical step in securing access for WFA employees.

Moving forward with SASE

By focusing on these priorities, partners can make informed choices about the SASE solution they offer to their customers. Regardless of the vendor, security must be foundational, integrated, and scalable. Considering the vendor’s history of security solutions, access to threat intelligence, and approach to network and security convergence can further ensure that the solution on offer is the best for your customers. Taking the time to ensure you make the right vendor selection can ease the transition to SASE solutions, helping you expand and deepen customer relationships.

Sean Campbell is Director of Canadian Channels at Fortinet