The paradigm shift in the IT infrastructure

Digital transformation has created a massive wave across every line of business, be it healthcare, banking & finance, manufacturing, or telecom. The advent of new-age technologies like cloud, AI, analytics, software-defined networks, automation, and blockchain has propelled seeking possible IT transformations that are cost-effective with minimum human intervention. The demand & supply model has raised the bar of consumer expectations that further triggered us to align our business initiatives to consumer needs, and guess what? The outcome is a win-win for both the consumers and the suppliers. 

It began with storage virtualization (vSAN), giving rise to server consolidation to fit into the new architecture model. The progression in storage and compute virtualization won’t solely suffice to accommodate the shifting IT landscape. Organizations must transform the underlying network infrastructure and elevate it to realize a full-fledged IT modernization.  The advent of virtualization and adoption of multi-cloud & hybrid cloud technology coupled with anywhere-workspace has been the early drivers for software-defined technology, be it compute, server, or network space. The software-centric approach can achieve scalability, flexibility, and adaptability that helps optimize both CapEx and OpEx savings.

Evolution of Networks over the years

Let’s take a look at the evolution of wired networks. Legacy infra was a hardware-based siloed architecture that failed to achieve customers’ dynamic business needs, rendering the overall design obsolete. It started with OTN (Optical Transport Networks) carrying voice signals giving rise to ethernet and MPLS networks carrying data and video frames.

With the exponential increase in data, IoT, and adoption of edge and cloud computing techniques, we gradually transitioned to cost-effective, scalable & vendor-agnostic software-defined networks to address the challenges witnessed by legacy infrastructure.

SD-WAN has essentially revolutionized the WAN virtualization space by decoupling the network functions from the underlying physical infrastructure. The overlay model helps establish direct connectivity to on-premises or cloud devices, unlike the traditional MPLS link connectivity that traverses through the hub site first, adding to latency and backhauling of traffic.

However, SD-WAN primarily focuses on covering wide-area connectivity with limited security functionality built on a box that fails to deliver the security aspects of Edge at the micro-level, diving deep into users, devices, and applications. This is where the concept of SASE kicks in.

Introduction to SASE

Traditionally, organizations bound security to premises with perimeter firewalls, which is no longer relevant after introducing VM & distributed workforce. A granular level of protection attached to workloads with intrinsic security at every layer of infrastructure induces the need for unified networking and security as the envisioned design approach.

Endpoint & last mile security and easy accessibility to the cloud are imperative to today’s distributed/disjointed workforce. One can define SASE, i.e., Secure Access Service Edge, as the convergence of WAN and security, consumed as a cloud service model. With the SASE approach, a secured experience for every user on-prem, cloud, branch/ DC, or remote is possible with direct onramp connectivity to the cloud. 

The local secured internet breakout for users to access SaaS applications/generic internet services is possible with the SASE framework, which would otherwise require complex firewall HW implementation at all sites.

SASE and the SD-WAN overlay model cater to a complete end-to-end portfolio of services, including virtual WAN link connectivity, secure internet access, cloud web security, and ZTNA (Zero trust network access).

One can enable security features on service edges called PoP-over-cloud or proximity to public cloud gateways.  This approach helps overcome multiple VPN mesh inter-connectivity, adding cost and network complexity. The overlay model is carrier-neutral and supports any underlying infrastructure like ethernet, MPLS, LTE, and internet.

The SASE Pitch

A potential SASE solution pitch could be any of the following:

• A distributed workforce across cloud, on-premises, and edge
• ZTNA for securing remote users, devices, and workloads
• Simplified network and secured connectivity across geographical areas

Kudos to all SASE players like VMware, Palo Alto Networks, Fortinet, Cisco, and Zscaler, for anticipating the need for top-notch security and extending their offerings during the COVID pandemic when most of the resources worked remotely. They have played a significant role in driving the business growth with minimum security breaches ensuring a hassle-free, safe environment.

SASE-The future

Network security features cannot be compromised and will continue to be the driving force to protect the overall infra, edges, and workloads.

Convergence of networks & security becomes an integral scope for end-to-end secured connectivity. SASE enhances the security capabilities manifold, ensuring a safe and protective edge. Solutions going forward must be centered around SASE to stay relevant in today’s growing distributive set-ups. If SDN is the new norm, SASE is the future. I can’t possibly think of any potential disrupters for SASE today, so I will wait and watch to see what the future unfolds after SASE.

Apurba Dutta

General Manager and Global Head for Wipro Network and Infra Security Practice, Cloud and Infrastructure Services – iCORE, Wipro Limited

Apurba has over two decades of IT experience in helping customers across the globe in transformation solutions. He has managed large business units– P&L, Sales, Delivery, and competency -- across geographies, while working with ecosystem partners to modernize the core and help enterprises create Cloud and Infrastructure foundations for their future-ready digital businesses. In his current role, he works closely with internal and external stakeholders, advisors and analysts, and startup ecosystem partners to help customers fast-track to the future.

Nisha Thoniparambil

Lead Administrator, Cloud and Infrastructure Services – iCORE, Wipro Limited

Nisha is electronics engineer with over 10 years of total experience in Network domain, sales enablement, strategic alliance management, and presales & pursuit development. She is presently working as a Lead Administrator for the Cloud and Infrastructure Services team where she enables alliance-led business growth for software-defined networks.