hi, one does not necessarily exclude the other :)...For example - I have implemented on all our domestic ( per country ) WAN networks SD-WAN- to be more flexible with the lines and not be dependant on one provider ..but to secure my end-users we will implement the SASE solution ...like ZSCALERS, CISCO, ...etc...NGFW will use to ensure good segmentation of the network. To additionally secure your users - you can deploy SWG, some security on your sites you have with SD-WAN equipment ( level will depend on which producer you will choose - one that background is from the network or the one that the background is security :) ) - but for sure not you will not achieve the level as with SWG.
VPN - I intend to keep it only for special purposes after we deploy SASE..I hope this helps:)
SASE is cloud delivered architecture that provides central policy and unification of network and security services which are typically delivered by a MSP think of SASE as a cloud hub, it helps avoid the need to back haul traffic via central DC’s reducing the reliance on expensive security stacks and resources, allowing sites to go direct to internet for SaaS traffic which in turn improves performance without impacting security.
Its primary usecases are mobile working and direct internet access from branch sites, Covid has accelerated the adoption of SASE in the last year with a need to provide unified security and compliance to any user, device anywhere.
SDWAN is the transport layer to ensure the WAN performance and availability of onprem site traffic (in essence its a edge Router) that can also be used to direct traffic of intrest to the SASE cloud gateway for inspection.
SASE - Secure Access Service edge is an architecture and strategy. This is focused on Zero Trust which has a huge focus on Identity. Think about accessing your corporate applications and data anywhere, anytime, any device securely with a great experience. In that journey a technology stack supporting and enabling the SASE architecture is what you need. Look at Netskope - Okta - SentinelOne - Silverpeak (this may not be required depending on your env't). If you want to chat more let me know - email@example.com
I'm looking for a study (or a report) that can help me choose the best possible SD-WAN solution (features, cloud access, security, deployment, service chaining, etc.). I work at a university with 5K+ employees.
I searched but each time I find contradictory information. It will hel... Read More »