Cisco expands its SD-WAN software for wider reach, better security

Cisco has broadened the scope of Cisco SD-WAN software by growing its reach and security, and expanding its support for deploying multi-region WAN fabric.The idea behind the new features is to help manage the complexity and security of connecting to cloud resources from the edge of the network, said JP Shukla, director, product management, in Cisco’s Enterprise Cloud & SD-WAN group. “They want to connect these users as reliably and securely as these users would be in an office environment,” he said.
[ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here READ MORE HERE…

Read more

Palo Alto Networks bulks-up its SASE portfolio

Palo Alto Networks is reinforcing the security and operational features of its Prisma secure-access service edge (SASE) package.New features include the ability to adjust security settings for multiple software-as-a-service-based apps, new security capabilities, and AIOPs support. In addition the company is expanding its family of Ion SD-WAN security devices to provide additional configuration options.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here READ MORE HERE…

Read more

SASE or SSE? Don’t let hype distract from enterprise needs

Secure access service edge (SASE) has generated a buzz over the last couple of years, particularly in light of the pandemic and its associated surge in remote employees. But SASE hasn’t quite materialized in the way Gartner – which first coined the term in a 2019 white paper – initially expected. In particular, there’s been pushback around the idea that SASE should be delivered by a single vendor, as a single integrated cloud service at the network edge.The SASE model combines network security functions with WAN capabilities, delivering the security elements in the cloud and using SD-WAN at the edge or in the cloud. Key security functions include secure web gateway (SWG), zero trust network access (ZTNA), firewall as a service (FWaaS), and cloud access security broker (CASB).To read this article in full, please click here READ MORE HERE…

Read more

IP addressing could support effective network security, but would it be worth it?

Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn’t that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there’s an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we’re told is SASE without SD-WAN. In any event, what happens is that there’s pressure to add this new thing on, and that creates another layer of protection…maybe.  Complication and cost? Surely.To read this article in full, please click here READ MORE HERE…

Read more

Basing network security on IP addressing: Would it be worth it?

Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn’t that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there’s an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we’re told is SASE without SD-WAN. In any event, what happens is that there’s pressure to add this new thing on, and that creates another layer of protection…maybe.  Complication and cost? Surely.To read this article in full, please click here READ MORE HERE…

Read more

Cisco SD-WAN software gains broader application access, enhanced analytics

Cisco has tweaked its flagship SD-WAN software package to increase customer application flexibility and improve visibility into the performance of distributed resources.The company announced Cisco SD-WAN release 17.8, which adds support for new business and customized cloud applications, analytics and security features.SD-WAN buyers guide: Key questions to ask vendors
Specifically, the company upgraded the SD-WAN Cloud OnRamp for SaaS service, which links branch offices or individual remote users to cloud applications such as Cisco’s Webex, Microsoft 365, AWS, Google, Oracle, Salesforce and more.To read this article in full, please click here READ MORE HERE…

Read more

Gartner: SSE is SASE minus the SD-WAN

SASE adoption has been skyrocketing since the start of the pandemic. Secure access service edge, a term Gartner coined in 2019, combines security and networking in a single, scalable, cloud-based platform that fits well in a world in which employees work from home and mostly access cloud-based apps and services.Now Gartner is pushing a new acronym. Turns out, companies might prefer to get their SASE without the “A” — just security service edge, or SSE. Gartner this month published a Magic Quadrant for SSE (something the company never did for SASE); it’s available from vendors listed in the report (here and here, for example).To read this article in full, please click here READ MORE HERE…

Read more

Cato adds fine-grained CASB controls to SASE platform

SASE vendor Cato Networks is adding fine-grained cloud access security broker (CASB) controls to its platforms.When employees working from home or branch locations log into SaaS services such as Office 365 or Dropbox or Salesforce, a CASB gateway can track the applications employees access, where they log in from, and sometimes even what they do when using those applications.Previously, Cato only offered limited CASB controls, enabling companies to allow or prohibit the use of particular SaaS tools, says Dave Greenfield, Cato’s director of technology evangelism. Now, individual behaviors can be controlled. For example, users might be allowed to download documents from certain cloud file-sharing providers but can only upload documents to a company’s preferred platform.To read this article in full, please click here READ MORE HERE…

Read more

Aryaka broadens enterprise targets with managed SD-WAN, SASE services

Aryaka Networks is looking to target more enterprises with a new managed secure access service edge (SASE) offering and an improved, lower cost SD-WAN offerings.Aryaka is known for offering WAN and SD-WAN services over its global Layer 2 network with more than 40 points . The new services spring from that backbone to provide additional, flexible WAN services. SD-WAN buyers guide: Key questions to ask vendors
The first is based on a new iteration of Aryaka’s L2 core—the L3—which is optimized for cost and non-mission critical applications or sites that don’t require top-shelf performance. The L2 core is optimized for performance-sensitive applications.To read this article in full, please click here READ MORE HERE…

Read more

Rethinking the WAN: Zero Trust network access can play a bigger role

The WAN as initially conceived was about one simple job: the WAN was the network that “connects my sites to each other.” That is, the network connecting users in corporate sites to corporate IT resources in other corporate sites or perhaps colocation facilities. It was all inside-to-inside traffic.Over the past decade so much has changed that, just before COVID-19 work-from-home mandates took hold, only about 37% of a typical WAN’s traffic was still inside-to-inside, according to Nemertes’ “Next Generation Networks Research Study 2020-2021”. The rest touched the outside world, either originating there as with remote work against data-center systems or terminating there as with SaaS use from a company site or both as with VPNing into the network only to head back out to a SaaS app.To read this article in full, please click here READ MORE HERE…

Read more