SASE: reduce risk, modernize your network and improve the user experience

Rob Mello is Vice President: Managed Network and Collaboration Services Presales at NTT. In this interview, he explains the secure access service edge (SASE) framework, how it benefits organizations, and our partnership with Palo Alto Networks.

What is SASE?

SASE is effectively the cloudification of network security services. It enables dynamic and secure access for users, applications and devices, no matter where they are.

It brings together the software-defined wide area network (SD-WAN) and network security services such as zero trust, firewall as a service and secure web gateways to provide a single, cloud-delivered service at the network edge.

Why is SASE so important?

This framework holds benefits for organizations that have many disparate security-point products, disconnected network and security operations, and a vast sprawl of on-premises physical security appliances.

Because it’s more virtualized, with globally dispersed points of presence, SASE’s cloud-based approach presents a significant opportunity to optimize costs. It’s one thing to get rid of physical devices; going into the cloud at the same time is huge.

So, SASE is all about cost savings?

Although SASE does enable cost savings – you’re mitigating the need for on-site dispatches, for example – there’s much more to it than that. When you put more things in the cloud, you get more orchestrated, policy-driven control. You can drive broader policy execution and provision changes across thousands of devices in minutes, rather than spending weeks or months performing physical installations.

So, yes, you can reduce costs, but SASE is also about gaining more control, creating a consistent experience and raising the speed of execution.

And more orchestrated control means more personalization for users?

Yes, absolutely. The pandemic forced organizations to rethink the work experience. SASE gives you the opportunity for end-to-end visibility, so you can focus on the analytics and insights associated with different user profiles and improve the user experience (UX).

Are you trying to add industrial IoT devices at a manufacturing site within the appropriate network segmentation? Are there people in your organization who need prioritized internet access wherever they are? Is there an application that requires zero downtime while it processes revenue-generating data? Does a traveling employee need to connect via an unsecured wireless network at an airport?

You have to consider how such use cases will securely traverse your network, and the uncompromised performance you need in order to deliver exceptional UX for your hybrid workforce. By introducing AIOps and machine learning to identify and fix UX problems before they affect your business, you are making significant leaps in the operational maturity of your organization.

Tell us more about the work with NTT’s partners.

What I find exciting – and I talked about this at the 2022 Palo Alto Networks SASE Converge panel discussion – is that our partners like Palo Alto Networks have embedded something called Autonomous Digital Experience Management (ADEM) in their solutions to provide segment-wide experience management.

Think of synthetic transaction monitoring: we are basically putting fake transactions into the network to measure its performance. We are balancing secured access, but not to the detriment of UX, whereas before, SASE was just about secure lockdown. As I said in the session conference, it’s now more about a blend of security and UX.

Can you have both security and good UX without compromising one or the other?

Well, you should never compromise security for the sake of experience, or the other way round. It needs to be a marriage. The way to do this with SASE is to cloudify things. You then get better policy controls, a better understanding and visibility of the different personas and profiles in your environment, a better understanding of the applications that touch your network, and a clearer idea of how you can transform it all.

It’s fair to say that SD-WAN is really a further abstraction of SASE. It takes many of the software-defined functions within the network and pushes them further to the edge and the cloud, and drives control that way.

Given the advantages of SASE, how do organizations go about addressing this?

It’s about building a business case and justifying the value. You are talking about transforming the way the network works, how your security is functioning and how you'll be adopting that globally as an organization. It can be about mitigating the number of risk components on the network – through zero trust network access segmentation, for example – but it can often also bring in network segmentation. This is a huge challenge for clients, and applying SASE can drive that streamlined segmentation.

Many manufacturers are looking at new access connectivity methods. Just look at the explosion of interest in private 5G. It’s a huge opportunity for organizations, but it has to be underpinned by SASE along with security controls because you’re changing the paradigm. It’s no longer just multiprotocol label switching (MPLS) – you need to have ubiquitous and uninterrupted connectivity between all the devices in an environment. So, this could be MPLS, satellite, 5G, private 5G, wireless, Wi-Fi 6 … all these require the controls within SASE to make them happen.

Tell us about NTT’s partnership with Palo Alto Networks.

We’re a global partner of Palo Alto Networks. We’ve been at Diamond Innovator level in their NextWave Partner Program for more than 10 years. We were also their most-trained partner last year. I’d say they are one of the most partner-centered organizations we work with in terms of global strategic information systems. They're extremely supportive.

They build, develop and customize go-to-market offerings. I work with about 100 salespeople here in North America, and when I partner with Palo Alto Networks, they have 600 SASE specialists in the region, too. Given the way our portfolios align, the support they offer and our long-time relationship, it’s an extremely valuable partnership for us, for them and for our clients.

What’s the next step for NTT’s clients?

To our clients, I’d say that we want to understand your drivers and help you justify your business case. Let's have a discovery discussion. In many cases, depending on your region, we have free workshops and return-on-investment tools that can help you make that business case. We'd love to identify your pain points and build a value-driven roadmap for you. Every client is going through some level of SD-WAN network modernization, SASE and cloud-enabled transformation – and we can help you get on the right path.

Read more about Managed Campus Networks with Palo Alto Networks’ Prisma SASE.