Post Pandemic, Yesterday's Network and Security Models Need an Overhaul

With remote work here to stay, PoPs and SASE make connecting faster and more secure.

May 10, 2022

6 Min Read
Old Way vs New Way
Getty Images

By Abe Ankumah


Abe Ankumah

COVID-19 sent shockwaves through enterprises, and IT organizations are still scrambling to adapt. As the pandemic pushed millions to full-time work-from home, IT leaders had to accelerate strategies for enabling a more distributed and cloud-connected workforce. IT vision-setters expected steady growth in remote workers, and to see more applications move to the cloud and edge. But they hadn’t planned on seeing a decade’s worth of that evolution squeezed into mere weeks.

Overhauling the enterprise operating model so quickly spawned growing pains, especially pertaining to managing networking and security. Suddenly, IT needed to support a different workforce and application stack. But in many cases, staff are still relying on tools designed for a pre-pandemic world. Worse, they face new security requirements that legacy approaches can’t address, leading to extra effort and complexity in the best cases, and dangerous blind spots in the worst.

Secure access service edge (SASE) is a new way to manage enterprise networking and security that’s designed for distributed workforces and applications. SASE enables a cloud network operations model that’s suited to the way modern businesses work. And it’s becoming a mission-critical technology for the post-pandemic enterprise.

Turbocharging Change

Historically, enterprise IT architectures revolved around centralized corporate data centers since that’s where the business applications and security lived. But what happens when most users suddenly work from home, accessing mostly cloud-based applications? As enterprises discovered trying to adapt their operating model on the fly, serious problems became obvious. Problems such as:

  • Poor application experiences: Home-based workers might connect from anywhere. If you’re still routing all their traffic through a centralized data center, you introduce latency that diminishes application performance, especially for real-time video applications such as Zoom.

  • Increased risk: Adding thousands of user-owned devices to the IT environment makes it harder to protect against threats. Shifting architectures also make it easier for policies set by security teams to get lost in translation by network admins tasked with implementing them. Additionally, more workers may download web-based productivity applications that haven’t been cleared by corporate security and could pose a threat.

  • Operational complexity: As IT scrambled to connect home-based workers, they found themselves navigating a patchwork of legacy management and security solutions, struggling to understand interdependencies, and swiveling between tools to fix problems.

  • Pressure to support environments outside IT’s control: Users now access business applications from personal devices, connected to spotty Wi-Fi, over aging last-mile broadband networks. Problems can arise in any link of that chain — problems that users still expect IT to fix — even though IT has no visibility into most of that infrastructure.

If you’re trying to solve these issues using tools designed for yesterday’s architectures, you’re going to struggle. To get to a point where you can spend more time focusing on business outcomes, instead of chasing down trouble tickets, you need a different operating paradigm, one built for the distributed enterprise.

Cloud Network Operations

Navigating these changes requires a modern, cloud-centric IT operating model. Implementing SASE is the most important step you can take to enable it. SASE combines multiple networking and security technologies within …

… a single cloud solution and a single management portal:

  • Software-defined wide-area networking (SD-WAN) intelligence to route traffic over the best path to optimize application experiences

  • Zero-trust network access to extend secure connectivity wherever users work

  • Cloud-based security services that can be applied to traffic in-flight, instead of having to route it through the data center

  • Artificial intelligence for IT operations (AIOps) to gain deeper insight into edge experiences.

SASE delivers these capabilities from a network of cloud-based points of presence (PoPs) located closer to distributed users and applications. With this cloud network operations model, you can:

  • Improve application performance: SASE distributes your most important network and security functions out to the near edge (SASE PoPs) closer to users, reducing latency.

  • Optimize IT efficiency: By managing all networking and security functions for your distributed workforce through a single-pane-of-glass, you can rapidly solve problems and reduce countless trouble tickets consuming your time.

  • Strengthen security: Now, users can connect safely and easily from anywhere. With distributed cloud and web security, you gain more visibility into applications to quickly assess their reputation and risk. Also, security policy can now be configured centrally and implemented automatically, no interpretation required.

  • Better manage edge experiences: IT can’t be physically present at every user’s location. But you need visibility into each user’s experience, so when problems arise, you can determine if the issue resides with the application, the broadband network, or locally with the user. That way, you can quickly move to resolution instead of wasting time trying to determine the right group to handle a trouble ticket. These benefits don’t just apply to human users, but also to Internet of Things (IoT) devices.

Make the Most of Your SASE Investment

Any SASE solution beats relying on antiquated networking and security models that don’t reflect the realities of your business. But different solutions employ different approaches. As you weigh the options, look for:

  • Fully integrated networking and security: The advantages of single-pane-of-glass management can be undermined quickly if security and SD-WAN sides of a SASE solution are separate technologies, sold together but not truly integrated.

  • Integrated AIOps: AIOps should be deeply embedded into your SASE solution, so you can better understand edge experiences without needing additional equipment.

  • Extensible architecture: Ensure your solution can scale services to meet today’s networking and security needs and support new edge compute-based services in the future.

  • Large, mature PoP footprint: The closer users and cloud apps are to SASE PoPs, the better performance you can expect. Look for SASE vendors with large footprints to provide the best user experience, and ample experience deploying and managing a global network of PoPs.

Enterprises might not have been prepared for IT requirements to change so quickly. But with a cloud operations model built for the distributed enterprise, we can address today’s most pressing technology challenges — and make sure we’re ready for tomorrow’s challenges.

Abe Ankumah leads the VMware product marketing and partnerships team for its SD-WAN and SASE business. He joined VMware via AI-based network analytics company Nyansa, where he was CEO and co-founder. Previously he was director of products and alliances at Meraki and earlier worked at Aruba Networks, where he was responsible for product and business operations. He started his career as a research engineer at NASA’s Jet Propulsion Laboratory. You may follow him on LinkedIn or @VMware on Twitter.

Read more about:

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like