This is the fifth post in our six-part series on the value of SASE and how companies are driving real business value through their security.
- Part 1: Separating Product from Philosophy
- Part 2: Protect Remote Workers Anywhere
- Part 3: Secure Data in the Cloud
- Part 4: Mitigate Threats to Data Security
- Part 5: Connect and Defemd the Network
- Part 6: Using Risk to Simplify Security Policy Enforcement
Now, onto Part 5:
Part 1 - Separating Product from Philosophy
SASE is all about making sure that people can get to and use resources safely, no matter where they are working. In many cases, that may involve connecting from a laptop at home or on the road. But, as organizations begin to bring people back into the office, they’re also looking at how those offices are connected—and how such connectivity can help automate keeping people secure when they are working there.
While many businesses and government agencies used to use private network lines from telecom providers (often referred to as MPLS links), the pandemic drove home that broadband internet connections often provide as good or better performance at a fraction of the cost. In this model, sites connect directly to the internet over business-grade DSL, cable, fiber or other technologies. This creates two needs: (1) to keep internet attackers out of the site’s local network and (2) to automatically connect traffic to the right places, where back on the ‘corporate’ network or up in the cloud.
Next-generation firewalls (NGFW) address the first issue, and many of the more advanced ones include networking capabilities (typically called software-defined wide area networking or SD-WAN) that address the second. In some cases, sites may be connected directly into internal networks and on-premises security gateways using virtual private network (VPN) technologies. However, many organizations are transitioning to a cloud-based approach in which traffic from the site is sent to the same types of cloud-based services (which increasingly go by the collective name Secure Service Edge or SSE) that are used when people are working remotely from home. What’s nice about modern ‘Secure SD-WAN’ services is that they can make this happen automatically even for unmanaged devices such as BYOD phones or tablets.
Let’s look at a few examples of how customers are using these approaches to accelerate their business:
Nexpertis: Next-Generation Firewall
Flourishing businesses need scalable resources, and that extends down to the network. Fast-growing Nexpertis understood that its success with its cloud-based service depended on building reliable access from its data center to its customers.
After reviewing the available options, Forcepoint’s Next-Generation Firewall (NGFW) stood out for its ability to ensure the security of Nexpertis’ data and its customers while in transit. The wide array of channels the NGFW extended coverage to and its reverse proxy functionality made it an easy choice.
Business Value: Two years after adopting NGFW, Nexpertis has doubled in size with key acquisitions of large customers – thanks in part to the scalability and high-availability clustering of the NGFW.
Italian Appliance Manufacturer: NGFW
International expansion for an Italian appliance manufacturer meant standing up expensive MPLS connections at all its 33 branches. In a bid to simplify its complicated infrastructure, the company turned to Forcepoint’s NGFW.
Leveraging the built in SD-WAN, the company was able to replace its MPLS in favor of the DSL links available to each site. The Forcepoint Security Management Center (SMC) enabled the IT team to centralize management and deploy future NGFWs remotely.
Business Value: Immediate cost-savings were compounded by the benefits of centralized network management for over one hundred firewalls deployed across the world.
Amidst a transition to a hybrid cloud built primarily on Office 365, BAYERNOIL felt a need to maintain better connections – a place it had struggled in the past. It upgraded its Forcepoint NGFW to gain new capabilities that would help the IT team meet its goals.
The high-availability clustering and SMC available in Forcepoint’s NGFW made the transition from the 1000 Series to the 3000 Series seamless. Installing one firewall at a time, BAYERNOIL was able to maintain consistent communications with Office 365 – an area it struggled with in the past due to Office 365 resources continuously cycling for security purposes.
Business Value: Forcepoint’s NGFW gave BAYERNOIL the network infrastructure and security it needed to transition to the hybrid cloud, while maintaining high standards for compliance.
Setting the Foundation for a Hybrid Workforce
Rapidly changing workforces call for agile network infrastructures. Forcepoint’s NGFW with SD-WAN delivers the functionality IT teams need to maintain visibility and scalability.
Learn more about the value of SD-WAN in our webcast on connecting and protecting remote offices.