Cybersecurity Field Guide #3.5:
How to Effectively Implement and Operationalize SASE
In Optiv’s first SASE Field Guide (#3.0), we provided a high-level explanation for the Secure Access Service Edge (SASE) concept and critical considerations. With this SASE Field Guide (#3.5), – the next in the SASE series – we provide detailed guidance about where and how to start your SASE journey.
Click here to view other guides in the series.
Take a Look Inside
In this field guide, we break Secure Access Service Edge (SASE) program creation into digestible pieces. You’ll dig deeper into how to prepare, plan, design, implement, operate and optimize your custom program. Remember, SASE is not something that most organizations will deploy all at once. Instead, it is more of an “as-needed” approach -- with one component rolled out at a time. The reason? SASE is not a single technology but a collection of them. And your SASE program will mature over time based on how required components are deployed to satisfy business needs and address risks. Take a look.
SASE: So Many Parts. Where to Start?
First, to determine if a SASE approach is right for your organization, you must have a full understanding of where organizational assets live and from where users will connect.
If most assets and users reside in a traditional network environment, you may not gain many benefits from SASE.
But, if 50% or more of your accessible assets live in the cloud or many of your users are remote, then a SASE approach should be investigated.
Additionally, if your organization has many branch offices that need connectivity to the HQ, each other, and the Internet, then a SASE approach may be beneficial.
SASE Areas Covered
In the preparation phase, an organization defines the problems they are trying to solve or the benefits they seek to gain by adopting new technology. It’s critical to focus on business, security and technical outcomes in this phase rather than tools or methods. You may be looking for a drill – remember that what you want is a hole.
- Define goals
- Assess your current environment
SASE will increasingly unite a significant number of networking and security functions into a single cloud-delivered ecosystem. We believe five functions currently represent the core capabilities organizations should evaluate. A thorough understanding of your desired outcomes can help you avoid unwanted gaps or redundancies in security controls as you begin to architect your SASE roadmap.
- Map goals to solutions
- Evaluate your tech stack
- Define requirements
There are many nuances to implementing a SASE solution. Your SASE project team should include stakeholders from the networking, security and cloud teams (if applicable) to ensure a successful deployment.
- Assemble a SASE roadmap team
- Conduct vendor evaluations and validations
Ensure you anticipate key hurdles related to deployment, configuration, integration, testing, training, documentation etc. Just like other cloud-based services, SASE presents some unique operational challenges. Your business requirements around SASE may continue to evolve – and the SASE landscape will also continue to evolve. Diligently track these changes at regular intervals, and continuously study whether it makes sense to adjust your strategy to improve outcomes.
Field Guide Library
CYBERSECURITY FIELD GUIDE #1
What to Do When Everything Changes
COVID-19 meant an accelerated digital transformation (change, change and more change). But it won’t be the only thing that rattles your environment. Our first guide will help you navigate cybersecurity complexities in a world where innovation never stops, and small and large threats arise daily.
CYBERSECURITY FIELD GUIDE #2
How to Survive an Attack
Looking to create an effective, comprehensive response to cyber attacks? Well, this is the Field Guide for you. It looks at how – from assembling your cross-functional team to tabletop exercises and war games – to mitigation if the unthinkable happens.
CYBERSECURITY FIELD GUIDE #3
Get SASE to Accelerate Your Digital Transformation
Let's clear up SASE confusion. Optiv's third Cybersecurity Field Guide will help you better understand SASE, the promise of its future, its benefits and hurdles and includes a list of providers.
CYBERSECURITY FIELD GUIDE #3.5
How to Effectively Implement and Operationalize SASE
This guide offers advice on how to prepare, plan, design, implement, operate and optimize your custom SASE plan.