CIO Influence
Guest Authors Security

The Preflight Checklist For SASE and SSE

The Preflight Checklist For SASE and SSE

On a recent trip, I had a conversation with a peer. His wife thought she had purchased him the perfect birthday present.  An hour-long flight over one of the United States’ largest cities while learning how to fly a plane.  It included a pilot who would do most of the work but at some point, he could take the controls. As he told me the story, I could see the glimmer in his eyes. He said, once I became the pilot, I looked back at my wife. She knew at that moment, I was hooked.

A new obsession started.  While he said he now has his pilot’s license, he detailed how becoming a pilot changed how he thinks about implementing new technologies.

“You can’t just jump right in, and you need to run your pre-flight checklist.” 

When piloting an SASE or SSE project, the same rules apply. You must follow a pre-flight routine and checklist to ensure a safe and successful journey.

What do you need to do before embarking on your project?

Let’s explore this topic together!

Item 1 – What Business Problem Am I Looking To Solve?

Perhaps the most critical aspect of the project is what business challenges are you looking to solve. Technology is a tool.  It assists the business in achieving the objective of increasing revenue, opening up new lines of business, optimizing costs, or reducing risk exposure. The same mindset must be applied when considering frameworks like SASE and SSE.

What problem are you looking to solve? 

Considerations are; how do I secure 3rd party access, how do enable my remote workforce with a ZTNA solution vs traditional remote access, and can I consolidate my security tools to a single or reduced set of vendors/products (reducing costs and operational overhead) or can I optimize my network for performance while also upleveling my security posture?

These are just several of the business problems these frameworks can solve. Make sure to write them out before discussing technology with your solution providers.

Item 2 – Identity 

Conversations about trust, security, and the distributed nature of modern IT quickly include identity. You will find this out quickly once you begin to explore the landscape of SASE and SSE. Nailing down identity is fundamental to the outcome of your program. It’s an area you want to take measures of early on.

Take inventory of the state of your identity program.

Is there a source of truth? If so, does it match reality?  What does your “move, add, delete” process look like? 

How do you onboard new employees and team members who move between departments? 

Do you have an SSO solution?

Is MFA rolled out? 

Before you dive into an extended program, understand where your gaps are and whether or not you can effectively close them.

Item 3 – Silos

Silos are a reality in modern IT.  Groups of people are assigned to own technology “products”. This includes full lifecycle management as well as maintenance and road mapping.  It is how IT has evolved, and it is also one of the major barriers you will encounter when starting a project which spans several IT silos. This is another area to spend time on.  Understand the state of the relationships between teams which cover networking, security, operations, and identity to name a few.

Can they work together? 

Will they align on what is best for the business vs what is best for them when considering an IT product? 

SASE and SSE require silos to either be torn down or jointly operate together. Honestly, the success here comes down to leadership.  At some point, hard decisions will need to be made. Don’t wait until you are halfway through the project.  Consider your options to fend off the “silo war” early on.

If needed, develop a clear set of protocols for interaction or leverage an agreed upon RACI chart to guide during the project and through the operational phase of the technology lifespan.

Item 4 – Review Your Budget

SASE and SSE consolidate previously point products into a dual or single-vendor solution.

Examples are the migration of traditional WAN technologies to SDWAN, replacing remote access gateways with ZTNA, bringing together SWG, CASB, and DLP as a platform to secure threats from the Internet and control SaaS applications while protecting critical data.

In doing so, you need to understand your previous investments.

Are the WAN routers you are replacing fully depreciated? 

Where are you with support agreements? 

Does it make sense to consolidate services right away or do you need to start with one service now and add the rest in 12 months to appease your finance overloads? 

Do the deep dive and allow it to guide your deployment schedule based on the data you collect.

Item 5 – Find a Guide

If you’ve watched Star Wars or any of the recent Disney movies, you will notice they follow the cycle of the “Hero’s Journey”. I won’t detail the entire path, I am sure you are familiar with it already, but every hero requires a guide.  In the Star Wars universe, this is Obi-Wan Kenobi and Yoda.

Checklist item five is to find a guide, a guru you can trust, to help you understand the vendor landscape. This will take time, but it is well worth it.

Find someone you can trust and is interested in helping you solve your business challenge while aligned with your IT financial portfolio.  If the guru suggests a particular vendor because they are the best ranked by a particular analyst firm, take pause.

At last count, there are over 20 discreet vendors in the SASE and SSE space. While I am not saying to interview every one of them, make sure to compare and contrast.

Understand each vendor’s point of view on the space and how their technology aligns with your business objectives. A solid guru can help you wade through tech marketing and provide you insights into what options will provide you with the outcomes you require to be successful.

There you have it, the pre-flight checklist for SASE and SSE projects!

If you have questions, feel free to reach me directly. Always happy to assist you on your journey to unite networking and security in harmony!

[To share your insights with us as part of the editorial and sponsored content packages, please write to sghosh@martechseries.com]

Related posts

AttackIQ Introduces New Vanguard Managed Security Validation Service To Proactively Discover And Remediate Security Gaps Before Adversaries Mount Cyberattacks

CIO Influence News Desk

Modernization Challenges Hinder Productivity Among IT Teams, According to New Survey from Rocket Software

GlobeNewswire

HashiCorp and Cisco Expand Collaboration, Enter Into Multi-Year Commercial Agreement To Deliver Infrastructure as Code

CIO Influence News Desk