Cloud is changing everything – transforming how businesses process and operate. And the consumer cloud is driving an explosion in capacity, often consumed counter-cyclical to business usage. Using their gig infrastructure that was originally built for consumers, Comcast is moving into business access solutions. SD-WAN, VPN, or other overlay networking solution providers are allowing enterprises to use low-cost Internet access for business-critical operations. Now, security solutions are embracing the cloud model to deliver enhanced security to organizations, like the services provided by Cato Networks. Cloud can provide both cost-effective real-time security processing with real advantages in on-demand peak processing. Cloud can also integrate, deep analytics, machine learning and AI capabilities, potentially improving security and forensics over nodal edge solutions.
In the 2019 edition of the Gartner Hype Cycle for Enterprise Networking, a new category, Secure Access Service Edge (SASE), was identified. According to Gartner, “The secure access service edge (SASE) are emerging converged offerings combining WAN capabilities with network security functions (such as secure web gateway, CASB, and SDP) to support the needs of digital enterprises.” According to Gartner, this cloud network where all traffic is through a cloud-based service delivery model can be transformational, not just for simplicity and cost, but also for enabling a wide range of new service and security capabilities. However, Gartner sees SASE as being in the early stages or what they call the “initial innovation” of its “trigger phase,” where demonstrations and trials are primarily occurring.
Cato Networks Steps In
One company that has been pursuing and is delivering a SASE solution is Cato Networks. Their cloud network/security solution follows the SASE concept to deliver WAN/security services through the cloud. One of the benefits of a true cloud architecture is all networking, security events, and data are captured and stored in a data warehouse maintained by Cato. This data is critical in both analyzing security events and general network performance.
Cato announced last week Instant*Insight, a new toolset that enables network managers and operators to rapidly analyze a range of network or security events to find specific events or triggers. Since a SASE solution is built in the cloud, this analysis can take advantage of cloud computing, storage, and tools. In the initial release of Instant*Insight, a million records can be scanned in one second to find the critical events. The tools use a simple web-based user interface to optimize usage and outcomes. The figure below shows the interface and how information is displayed, sorted, and identified for use in analyzing connectivity issues. Cato is including Instant*Insight as a “free” capability for Cato SASE service customers.
Explaining how they use Cato Instant*Insight in the enterprise, Lars Norling, director of IT operations at airport efficiency and productivity solutions provider ADB Safegate said: “Cato Instant*Insight let us find the ‘needle in the haystack’ in minutes. We build complex queries to filter through millions of events just by clicking on values on the side of the screen.”
While some organizations may focus on the value of SASE and Cato Instant*Insight for security, these tools can be an invaluable asset in delivering quality real-time communications and collaboration experiences over a modern cloud delivery network. The availability of massive event data and sophisticated tools to analyze that data gives infrastructure delivery teams a new set of tools to assure quality experiences. With the explosion in cloud-delivered solutions and direct endpoint-to-endpoint IP-based sessions, a sophisticated toolset like this can be invaluable to resolving issues. Cato also indicated that they will be including MOS score analysis and other real-time focused capabilities in the future.
As machine learning and AI are converged in the cloud with these data gathering and storage capabilities, the ability to rapidly react and even anticipate network and operational issues will continue to improve. While there are available management platforms that can access and aggregate nodal data, they’re generally complex, expensive, and require integration, especially if there is a range of vendors in the network. While cost and simplicity of operation may be major drivers of SASE consideration, IT organizations may find the integrated event capture and analysis toolset to be one of the most significant advantages of a SASE platform. Understanding how to deploy SASE solutions and the analysis and management tools they enable should be part of any WAN/security/xCaaS strategic planning exercise.