Your corporate network is changed by SASE, SDP, SD-WAN, Zero Trust

Corporate networks will also shift as zero confidence protection initiatives proceed. Cloud computing will turn to authentication and network features. A “software definition” will now become the traditional WAN, and there is a chance that weight loss will advance. If convenience is increased, the operating burden is likely to be minimized at the same time.

What kind of effect will the advancement of security policies based on the principle of Zero Confidence have on the network configuration of companies?

Corporate networks today are mostly based on in-house data centers on the property. Base-based connectivity connects to on-site business applications through telecommunications carriers’ WAN (Wide Area Network) networks. For accessing cloud resources on the Internet, the setup is such that it goes through different authentication equipment located in the company’s data center instead of connecting directly to the Internet from the root.

Users that have connections to their data center remotely from outside via VPN (Virtual Private Network) using IPsec or SSL. Like users who work at the foundation, they often connect to the Internet through the company’s data center while using the cloud.

The exit to the data center is crowded.
With this setup, there are several problems. First of all, contact from the base still flows through the data center of the organization, including the Internet, so the total burden on the corporate network rises. The number of transactions between terminals and rich business apps on the cloud has dramatically grown in recent years, and the number of cases in which network efficiency is declining is growing.

Moreover, due to the spread of the latest coronavirus outbreak, the number of remotely accessible users is growing, the number of VPN link sessions is increasing, and the load on the VPN gateway is increasing.

The network at the exit (boundary portion) from the company’s data center to the Internet has become especially congested due to the above two reasons.

There is still a concern with the complexity of security controls. The types of protection devices built in data centers are growing with the complexity of attack tactics, and the difficulty of operation and maintenance is increasing. It is also important to physically adjust the equipment and network while improving security.

There are times where without warning, the IP address of cloud providers varies. It takes time to physically follow changes in the cloud with security equipment in the data center. (Net One Applications Customer Support Headquarters Security Service Department No. There are also problems such as Kenji Mizoshita, 4 project manager.

In the cloud, encryption
There has been a shift to move network and protection functionality to the cloud in order to boost scalability and manageability in light of these problems. This is the SASE concept (Secure Access Service Edge).