While ICT networks appear to have undergone a seismic shift in design and operation since the COVID-19 pandemic, the changes that network managers are dealing with today have been building for several years now, including the move to managed SD-WAN services. Other changes include the accelerating transition from on-premise private networks to cloud-based private, public and hybrid models, and the move away from centralized applications.
More recently, the widescale deployment of network-attached devices in support of IoT, mobile-edge computing, etc. has emphasized the need for a more ubiquitous and robust security layer.
This is the new reality of those responsible for creating and maintaining telecom, enterprise and a variety of other public and private business networks. In a 2023 research report[i] from Futuriom, an analyst firm focused on next-generation cloud infrastructure and communications technology network managers and IT security professionals cited what they see as four key drivers of network development:
- Hybrid work patterns
- Distributed applications
- Multi-cloud connectivity
- Demand for zero-trust network access
As demand for network agility, scope, security and cloud connectivity rise, so does the difficulty of managing sprawling WAN ecosystems. Figure 1 shows further findings from the Futuriom research study that rank network complexity, a lack of expertise and knowledge, and cost concerns as the top three challenges network operators face in managing their growing WAN investments.
In addition to these trends, the rapid rise in AI workloads is also having a significant impact on network design. Fortunately, network operators and managers have a variety of tools at their disposal to help solve these and other challenges as they work to grow and evolve their networks. The two most popular are software-defined WAN (SD-WAN) and secure access service edge (SASE).
The Evolution of SD-WAN to SASE
SD-WAN represents a pivotal change in WAN management since bursting on the scene around 2014. One of its unique capabilities is the intelligent control of traffic based on service level agreements that ensures performance at the application level. It also continuously measures WAN performance to control the connectivity, management and services between telecom/enterprise networks, remote branch offices and cloud resources. SD-WAN provides a more straightforward setup, better connectivity, and centralized management as compared to traditional WANs.
As a software-based solution it is also more adaptable, scalable and easier to deploy and manage than traditional WANs. With the rapid shift to remote work as a result of lockdowns and stay at home orders during the COVID-19 pandemic, SD-WAN grew in popularity as a way of connecting remote workers. Currently, the SD-WAN market is projected to experience 65% CAGR from 2022 to 2032, going from an estimated $4 billion (US) to a staggering $800 billion (US).[ii]
Still, SD-WAN is not a panacea. Surging IoT deployments and a commiserate rise in external and internal cyber attacks have placed network security high on the list of must-haves for telco and enterprise network managers. While many SD-WAN solutions do include security protection, they typically lack robust features like secure web gateways. These potential security vulnerabilities have given rise to an evolved form of SD-WAN—secure access service edge (SASE).
SASE combines integrated network management with a robust suite of security features. Common SASE networking features include WAN optimization, content delivery network (CDN), SD-WAN and network-as-a-service. Other available network capabilities include caching, SaaS acceleration, and bandwidth aggregation.
On the security side, SASE offers a veritable alphabet soup of features: cloud-access security broker (CASB), secure web gateway, zero-trust network access/virtual private network (ZTNA/VPN) and firewall-as-a-service (FWaas).
First mentioned by Gartner in 2019, SASE has quickly evolved from a niche, security-first SD-WAN alternative into a popular WAN sector that analysts project will grow to become a $10-billion-plus market within the next couple of years.[iii]
Reducing WAN Complexity and Cost
By combining the capabilities of a robust SD-WAN solution and end-to-end, multi-layer network security, SASE enables operators to address the key challenges mentioned in the Futuriom research study, namely complexity and cost. As a unified cloud-based software system, SASE drastically reduces the amount of hardware and infrastructure that needs to be purchased, deployed, provisioned and managed. The direct benefits include lower OpEx and CapEx, reduced total cost of ownership, and a streamlined WAN infrastructure.
These same benefits are reflected on the network management side. For example, all network and security functions can now be monitored from a single dashboard, further reducing complexity and eliminating swivel-chair management. And SASE provides 100% visibility into the network and security, alerting service teams of potential issues or threats and minimizing downtime, which drives TCO even lower.
SASE network visibility can also include providing key performance data on what type of data is traversing the network, where and when bottlenecks are occurring, etc. Armed with this information, network managers can better allocate bandwidth and resources to optimize performance based on peak load times. SASE also enables network operators to reduce workloads on their already over-worked staff by offloading many networking and security tasks to the SASE vendor or provider.
If there is any downside to the technology, it’s how SASE is being deployed. While it is billed as a unified and integrated solution, there are a lot of moving parts under the hood. In many instances, individual components are provided by different vendors and may or may not be easily, or seamlessly, integrated. This is where managed solutions like Fujitsu’s SASE-as-a-Service can make a big difference.
Bringing it all Together: Fujitsu SASE-as-a-Service
As a managed network service, Fujitsu’s SASE-as-a-Service (SASEaaS) eliminates many of the barriers—cost, personnel constraints, management requirements, etc.—that prevent some networks from being able to justify a full-featured SASE solution. Because all system elements are designed for seamless integration and unified under a single end-to-end management model, it deploys quickly and scales easily, providing the WAN performance and protection today’s telecom and enterprise networks need.
Fujitsu SASEaaS combines:
- Unified threat management
- Intrusion/data loss prevention
- Managed access to all cloud and on-premises applications
- Zero-Trust Network Access (ZTNA)
- Next-generation firewall and VPN
- Wi-Fi and LTE connectivity
Secure web gateway
Delivered as a multi-tiered subscription service, Fujitsu SASEaaS eliminates the high CapEx of a self-managed solution. It replaces un-necessary deployment costs and expensive monitoring and maintenance with a predictable monthly fee that includes everything needed to design, deploy and maintain a ready-to-go, best-in-class SASE solution. Also available is continuous network monitoring from Fujitsu’s geographically redundant Network Operations Center (NOC), as well as security and fault management, software upgrades and patches, and device replacement.
Optional service enhancements include onsite WAN optimization that combines latency mitigation to improve application response times over long distances, and data reduction to eliminate transmission of redundant data. High-Availability SD-WAN Edgeutilizes two SD-WAN Edges operating in an active-active configuration to guarantee high availability. Customers can also opt for Smart Handssupport that provides onsite installation or break/fix support for troubleshooting, isolating and resolving faults.
A Less Complex, More Secure, Future-Ready WAN—at Your Service
There is no doubt that societal shifts have irrevocably changed how telecom and enterprise networks are structured and operate. Hybrid work patterns and decentralized organizations mean that network operators must find new ways to support and manage more distributed applications and multi-cloud connectivity. At the same time, the sheer volume of network connected devices—not all of which are managed by network policies—create real and credible threats to the network’s security.
However, these challenges do not automatically translate into a more complex and costly network. Deployment of software-based, cloud-native solutions like SD-WAN and SASE is showing that operators can expand and evolve their networks without sacrificing operational efficiency or data security. When these benefits are coupled with the affordability and low-risk of a managed service solution, network owners and managers have a powerful, future-ready answer to tomorrow’s WAN management challenges.
Fujitsu invites you to learn more about our Managed SASE solution
[i] SD-WAN and SASE Managed Services Survey Report; Futuriom; June 2023
[ii] Software-Defined Wide Area Network Forecast, 2023-2032; Global Insights, research report; November 2022
[iii] What is SASE? A cloud service that marries SD-WAN with security; Network World, article; December 11, 2022
