On a recent trip, I had a conversation with a peer. His wife had purchased him the perfect birthday present—an hour-long flight over one of the largest cities in the United States. It included a pilot who would do most of the work, but at some point, my friend would get to take the controls. As he told me the story, I could see the glimmer in his eyes and knew he was hooked.
While he now has his pilot’s license, he shared how becoming a pilot changed how he thinks about implementing new technologies: “You can’t just jump right in, and you need to run your pre-flight checklist.” When piloting an SASE or SSE project, the same rules apply. You must follow a pre-flight routine and checklist to ensure a safe and successful journey. What do you need to do before embarking on your project? Let’s explore this topic together!
1. What business problem am I looking to solve?
Perhaps the most critical aspect of the project is identifying what business challenges need to be solved. Technology is a tool. It can assist the business in increasing revenue, opening new lines of business, optimizing costs, and reducing risk exposure. The same mindset must be applied when considering frameworks like SASE and SSE. What problem are you looking to solve? Considerations include:
- How do I secure 3rd party access?
- How do enable my remote workforce with a ZTNA solution vs traditional remote access?
- Can I consolidate my security tools to a single or reduced set of vendors/products (reducing costs and operational overhead)
- Can I optimize my network for performance while also upleveling my security posture?
These are just several of the business problems these frameworks can solve. Make sure to identify yours before discussing technology with your solution providers.
2. Take inventory of the state of your identity program
Conversations about trust, security, and the distributed nature of modern IT quickly include identity—especially once you begin to explore the landscape of SASE and SSE. Nailing down identity is fundamental to the outcome of your program, and you want to take measures early on:
- Is there a source of truth? If so, does it match reality?
- What does your “move, add, delete” process look like?
- How do you onboard new employees and team members who move between departments?
- Do you have an SSO solution?
- Is MFA rolled out?
Before you dive into an extended program, understand where your gaps are and whether you can effectively close them.
3. Identify silos
Silos are a reality in modern IT. Groups of people are assigned to own technology products, including full lifecycle management and maintenance and road mapping. It is how IT has evolved and is one of the major barriers you will encounter when starting a project which spans several IT silos. Take time to understand the state of the relationships between teams which cover networking, security, operations, and identity to name a few:
- Can the teams work together?
- Will they align on what is best for the business vs. what is best for them when considering an IT product?
SASE and SSE require silos to either be torn down or jointly operate together. Success here comes down to leadership. At some point, hard decisions will need to be made—consider your options to fend off the “silo war” early on. If needed, develop a clear set of protocols for interaction or leverage an agreed-upon RACI chart to guide the project and through the operational phase of the technology lifespan.
4. Review your budget
SASE and SSE consolidate point products (a product that provides a solution to a single problem) into a dual or single-vendor solution. Examples are the migration of traditional WAN technologies to SD-WAN, replacing remote access gateways with ZTNA, and bringing together SWG, CASB, and DLP as a platform to secure threats from the internet and control SaaS applications while protecting critical data. In doing so, you need to understand your previous investments:
- Are the WAN routers you are replacing fully depreciated?
- Where are you with support agreements?
- Does it make sense to consolidate services right away or do you need to start with one service now and add the rest in 12 months to appease your finance overloads?
Do the deep dive and allow it to guide your deployment schedule based on the data you collect.
5. Find a guide
If you’ve watched Star Wars or any of the recent Disney movies, you will notice they follow the cycle of the “Hero’s Journey.” I won’t detail the entire path, I am sure you are familiar with it already, but every hero requires a guide. In the Star Wars universe, this is Obi-Wan Kenobi and Yoda. Checklist item five is to find a guide, a guru you can trust, to help you understand the vendor landscape. This will take time, but it is well worth it. Find someone you can trust and is interested in helping you solve your business challenge while aligning to your IT financial portfolio. If the guru suggests a particular vendor because they are the best ranked by a particular analyst firm, take pause.
At last count, there are over 20 discreet vendors in the SASE and SSE space. While I am not saying to interview every one of them, make sure to compare and contrast. Understand each vendor’s point of view on the space and how their technology aligns with your business objectives. A solid guru can help you wade through tech marketing and provide you insights into what options will provide you with the outcomes you require to be successful.
There you have it, the pre-flight checklist for SASE and SSE projects! If you want to learn more about HPE Aruba Networking SSE, check out this link, and if you have questions, feel free to reach me directly. Always happy to assist you on your journey to unite networking and security in harmony!
