Cisco gets SASE with its latest SD-WAN software update

Cisco has embraced the secure access service edge (SASE) model across its latest SD-WAN software release. Last year Gartner analysts coined the SASE term and positioned it as the unification of enterprise access security initiatives and WAN networking platforms, including SD-WAN.

With the 17.2 software release, Cisco has blended its Cisco Umbrella Cloud Security portfolio, which includes Cisco's secure internet gateway, with its Viptela-based SD-WAN offering.

RELATED: Cisco beefs up SD-WAN with security in the cloud

After cancelling the first virtualized edition of its flagship event a few weeks ago, Cisco Live is taking place this week. At last year's Cisco Live, Cisco said it would broaden the security of its SD-WAN by combining it with Umbrella. At the Cisco Partner Summit 2018, Cisco announced that advanced security was integrated into Cisco SD-WAN devices, from application-aware enterprise firewall and intrusion prevention, to URL filtering.

With its latest SD-WAN software, customers can extend their security to cloud firewalls with a single click for end-to-end automation from the SD-WAN service through the Umbrella secure gateway. SD-WAN customers can tap into the Umbrella capability as part of Cisco's DNA Security premium package. In order to enforce policies, the software does automatic assessments of the identity of the user and their context.

"The move to SASE, I think, is the internet becoming the new WAN," said Cisco's Muninder Sambi, vice president of product management for enterprise switching. "With the new WAN, security becomes top of mind. A lot of customers are looking to offer security at scale in a single location with a single policy enforcement. Cloud security becomes super important and super critical at this time."

Sambi said with security, customers are moving away from trust solutions toward more centric solutions that are associated with the context of the user of the device in order to enforce the correct policies and to route them efficiently for the best user experience.

Customers don't have time or the resources to stitch together all of the various cloud, SD-WAN and security technologies, according to Sambi. In the current scenario, Sambi said it takes multiple vendors and multiple technologies to provide holistic security

"We've got all of these assets within Cisco and we're now providing a full end-to-end, fully integrated stack," he said. "We can map how the applications and devices are accessing the internt. We can secure them along the way and offer a security posture in the cloud."

While Cisco has the wherewithal to create an entire ecosystem for SASE, others may argue that multiple SASE vendors that provide different components would be more desirable than relaying on a single vendor.

Several SD-WAN vendors, such as Cato Networks and Versa Networks, claim to have embraced the SASE elements of cloud, security and SD-WAN prior to Gartner coming up with the term.

“Cisco has many of the pieces that could be used in a so-called SASE implementation — cloud security tools, SD-WAN, Meraki Wifi — but the key is the integration of the management systems, which historically been a challenge," said Scott Raynovich, the founder and chief analyst of Futuriom. "We’ll have to wait to see if indeed all of these tools can be managed by one cloud interface or operating system.”

RELATED: VMware takes aim at SASE platform with major product enhancements

In a similar vein to Cisco's approach, VMware announced in April that it was aligning various elements of its portfolio in order to be a major player in the SASE sector. Cisco and VMware/VeloCloud have been among the top-two SD-WAN vendors based on revenues.

Whether it prevails in the SASE space over the long haul, Cisco's latest software update for SD-WAN will no doubt be embraced by companies that are Cisco-centric. Sambi said there has been 3,000 downloads of the software to date with 75 to 100 of them currently testing it.

"We are really excited about bringing together cloud security and network sensors, and being able to help our customers evolve or migrate to a SASE model by just making enterprises cloud first," Sambi said. " I think that's something that we're proud to bring into the market."