Network Management

Network Management
What are the greatest advantages offered by SASE?

Top Answer : Every vendor is calling themselves SASE now. The CISOs and CIOs that I speak with say, "We're working on being secure now because we're going to get SD-WAN." But it's a secure access service edge (SASE) company so it has all the security protections built-in. When you actually dig down into it, SASE is just a multiprotocol label switching (MPLS) replacement, except you can use public lines or open internet connections. So, what makes it SASE is adding Zscaler or some security tool on top of that. We had a huge discussion with a SASE industry leader recently and they fully admitted that networking really hasn't changed in the last 30-40 years. You still have your firewall, switches, routers, gateways, WiFi, etc. We just have a different way of accessing it now. Instead of a firewall you just throw in your huge SD-WAN appliance, depending on how you're setting it up, and you do all your security and network management from there. I'm not sure how that’s different, besides the internet connections and the simplicity of rolling it out.  I'm a big SD-WAN user, so I was a VeloCloud customer back in 2014 because I had offices all over the world and it didn't make any sense to pull out network stacks. I just shipped out a little VeloCloud box with some arrows and stickers that said, "Plug internet in here, plug switch in here." And we could see those come online as the receptionist plugged them in—it was simple and easy and it worked. It wasn't perfect, but it was better than waiting 90 days to get a MPLS connection and an AT&T internet connection. I could do things instantly—that's the advantage I see of SD-WAN, but I don't see any security advantages to it.

Related Tags

What's the business case for SD-WAN? What do digital leaders want to see from vendors?

Can SASE fit into an adaptive security model?

Top Answer : We’re in a dynamic, ever-moving world that requires an adaptive security model. I don't know if SASE does that. One of the things we're playing with is constantly assessing who you are, where you are, how you are. If you’re on an airplane, no, you can't look at that file now. It’s not happening.

What’s the best networking solution: Software-defined Wide Area Network (SD-WAN) or Multiprotocol Label Switching (MPLS)?

Top Answer : The advantage I got from Velocloud’s SD-WAN—which I couldn't do on Meraki or Cisco or any of my switches—was load-balancing my internet connections. I could plug two internet connections into it and if one failed, it would just failover to the other one. Or, I could tell it to use 50% of this connection and 50% of that connection. My IP addresses and stuff like that weren't affected. So, there are some cool features but I'm still trying to figure out where I get the extra security and how it makes my users safer.  You can use the load balance with the Meraki, but it doesn't work. It takes at least a half-hour to flip it. We tried to do that at a vaping company I worked at. They sold us that “automatic flipping of your connection" feature. It does flip it, but it takes 10 minutes to recognize that the internet connection is down, first of all. Because it has to keep pinging it like, "Are you sure it's down? Because if I flip this connection, it's going to cause a bunch of problems."

What are your thoughts on SaaS management platforms (SMP)?

Top Answer :

Related Tags
Business Application Development
Architecture & Strategy
Requirements & Design
Testing, Deployment & QA
Mobile Development
Selection & Implementation
Business Analysis
Applications Vendor Landscapes
Data Center
Public and Hybrid Cloud
Business Applications
Crisis Management
Data & Business Intelligence
Artificial Intelligence
Business Intelligence Strategy
Data Management
Enterprise Integration
Machine Learning
Data Lake
Big Data
Data Warehouse
Disruptive & Emerging Technologies
Virtual Reality
Digital Innovation
Augmented Reality
End-User Services & Collaboration
Collaboration solutions
End User Equipment
End-User Computing Devices
Endpoint management
Productivity tools
Document Management
End-User Computing Applications
End-User Computing Strategy
Voice & Video Management
Continuous Integration
Technical Product Management
Continuous Deployment
Quality Assurance
Customer Relationship Management
Enterprise Content Management
Customer Success
Enterprise Information Management
Enterprise Resource Planning
Marketing Solutions
Human Resource Systems
Product Recommendation
Risk Management
SOX Compliance
Governance, Risk & Compliance
Infrastructure & Operations
Cloud Strategy
I&O Finance & Budgeting
Operations Management
Network Management
DR and Business Continuity
Server Optimization
Attract & Select
Cost & Budget Management
Manage Business Relationships
Organizational Design
Program & Project Management
Train & Develop
Talent management
Performance Measurement
Organization Structure
Manage & Coach
Availability Management
Financial and Vendor Management
Service Desk
Management Tools
Enterprise Service Management
People & Process
Process Management
Asset Management
Project & Portfolio Management
Portfolio Management
Project Management Office
Confidentiality, Integrity, Availability
Secure Cloud & Network Architecture
Endpoint Security
Data Privacy
Identity and Access Management
Security Operations Center
Security Strategy & Budgeting
Security Vendor Landscapes
Threat Intelligence & Incident Response
Threat & Vulnerability Management
Vendor Management
Infrastructure Vendor Landscapes
Strategy & Operating Model
Business Continuity
Architecture Domains
Tool Recommendation
Where have you faced the most resistance when it comes to implementing zero trust policies?

Top Answer : Zero trust has been around as a concept now for 5+ years. And every single time I've tried to implement it, it’s never worked. Because every time we've reduced the footprint down to zero trust, the people who tend to be the most vulnerable always complain. The CEO’s calling you on their trip to Hong Kong saying, "I don't understand, why can't I access my email? Why can't I get access to this SharePoint site?" You’re like, "I had zero trust and you're in a new place so you have to re-authenticate yourself." But then they don’t have their dual factor and so on. Pretty quickly we get an edict not to put these measures in place for the executive team. But of course, the executive team is the most vulnerable. So how do you work around human psychology in that regard?

How are you addressing ransomware at your organization?

Top Answer : I’m not doing anything to specifically address ransomware yet. I'm addressing all of the causal factors that I perceive as reasons that I might be infected by ransomware. At the end of the day ransomware is the end state. Something bad—probably many bad things—had to happen first: either you didn't patch or somebody clicked on a phishing email. More people need to look at the earlier states. What are you doing about phishing and patching?