In March 2020, as stay-at-home orders swept the U.S. in an effort to curtail the spread of the COVID-19 pandemic, many enterprises found themselves faced with an unprecedented technological challenge: enable secure, remote connectivity for millions of employees, practically overnight.
Secure Access Service Edge (SASE) provider Open Systems moved quickly to deploy more than 200 remote access entry points at the network edge, enabling 60,000 new users to connect remotely in a single two-week period.
SASE, a term coined by Gartner in 2019, refers to a cloud-based security fabric that decentralizes access to on-premises network resources and cloud services. Rather than the traditional hub-and-spoke network model, SASE provides users with secure, identity-based access to applications at the edge, without having to route through a primary data center that sits at the center of the WAN. Because it delivers scalable, on-demand security services via the cloud -- in Open Systems' case, Microsoft Azure -- analysts say SASE technology is often significantly faster and easier to deploy than traditional, hardware-based alternatives.
SearchNetworking spoke to Silvan Tschopp, head of solution architecture, to learn more about Open Systems' SASE platform -- the latest winner of TechTarget's Network Innovation Award.
Editor's note: This interview has been lightly edited for length and clarity.
What problem or challenge does Open Systems' SASE platform address?
Silvan Tschopp: Traditionally, networks have been very data center-centric and inflexible. SD-WAN [software-defined WAN] is a response to this -- it's a network model that better meets the demands of digital transformation, with easier connectivity to the cloud. But the problem is that, when you're connected to the internet, you're also suddenly exposed to all the threats out there, so we believe that you cannot attack an SD-WAN project without also having security in mind.
Traditionally, you've had to think about security only in a central data center, but suddenly, you need to execute a distributed, decentralized security posture on a global scale. That's a huge challenge. And that's where we come in, by providing a SASE platform that ties together SD-WAN with the security piece. We deliver everything as a service and support customers as they move from a data center-centric network to a future-ready network that connects users to the cloud while staying security-compliant.
How does Open Systems' SASE model offer an advantage in a global pandemic scenario, as with COVID-19?
Tschopp: Before COVID-19, being flexible and having people on the road or working from home was a hot topic. But what we typically saw was about 10% to maybe 30% of the workforce connecting remotely, with the majority of people still in corporate offices. Then, from one day to the next, companies had to change their entire business models, allowing 80% to 100% of employees to work from home. And you can't provision traditional physical hardware to enable remote work in such a short time frame. Through Open Systems' SASE platform, we were able to spin up entry points on a global scale within a couple of hours or a couple of days, depending on customer demands, delivering it through the cloud. We've had a huge uptick in demand from users that just need to dial in remotely.
Do you think COVID-19 will have a lasting impact on where we work and how we connect?
Silvan TschoppHead of solution architecture, Open Systems
Tschopp: Absolutely. I think it is as transformative as it could be. We've seen COVID-19 really change our customers' mindsets and, even our own, more than we could have imagined. For us, it just shows why SASE is the right way to move forward. You don't know what tomorrow will bring, and SASE really sets you up to be able to react to unexpected events.
What does deployment of Open Systems' SASE platform look like?
Tschopp: Our sweet-spot customers aren't the young startups that start in greenfield environments; they're large enterprises with existing, legacy networks, running 24/7 operations. For them, changing to an SD-WAN and SASE platform is like open-heart surgery. So, we work with our customers to analyze where they are today in their digital transformations and what their needs are, and we go step by step with them toward their goals.
In terms of our deployment model, we support everything from a very heavy edge to a very light edge. For a large headquarters or production facility that has a lot of people and wants the best user experience on-site, we can have all network and security functionality on premises. Or, in a light edge deployment -- say where you have only a few users in a sales office -- we can support the entire stack primarily through the cloud. We tailor deployment to what is best for the customer and their specific situation.
Do Open Systems' SASE users tend to come from particular verticals?
Tschopp: Well, the positive thing for us is that everybody needs those services. But the sweet spot of who we can really help most are large corporations in manufacturing, healthcare and biopharma -- the guys that have huge demands on their networks. They typically run global operations with 24/7 requirements and have very high requirements for network and security postures, but they don't have the resources that financial or insurance companies do to manage stuff on their own.
How do you see Open Systems' SASE evolving in the future?
Tschopp: We will make sure our customers stay agile, stay compliant and stay protected. But, as we move ahead, we think SASE analytics capabilities can start to provide predictive insights. Open Systems recently acquired a company [Sqooba] that helps bring in that know-how so we can really start to analyze the vast amount of data that our customers have. So, ultimately, we see SASE leveraging network security data to better anticipate what's coming, so the IP side of things can prepare to support the business.