Avatar

In my previous blog posts (see links at end of this post) on SD-WAN security, we detailed how the Cisco SD-WAN solution is enhancing the security capabilities of the network fabric with specific capabilities while catering to the security needs of large enterprises in a scalable fashion. Cisco SD-WAN also enables IT to secure the network for a distributed workforce and devices from campus to branch sites by adding Secure Service Edge (SSE) services to create a holistic Secure Access Service Edge (SASE).

Since a growing percentage of the workforce is remote—at home or mobile—they also need secure access to applications hosted in public clouds, SaaS, and private data centers. This segment of the workforce increased significantly during and after the pandemic, forcing larger enterprises to move toward a hybrid workforce model. A hybrid workforce warrants a network solution that enables consistent access policies for each person and device no matter where they are located, which, in turn, increases worker productivity with improved application performance. Improved access needs delivery within the existing means of the overall IT budget while ensuring that the enterprises’ security isn’t compromised. Sounds difficult? Not really – it’s possible with the new and enhanced Cisco+ Secure Connect with Cisco SD-WAN fabric. Cisco+ Secure Connect is a unified, turnkey SASE solution that is delivered as-a-service and brings together the best of Cisco networking combined with industry-leading security, converged in a single platform to deliver a truly seamless, unified experience.

Unified SASE with Cisco+ Secure Connect
Figure 1: Unified SASE with Cisco+ Secure Connect

To support the hybrid workforce, IT needs to provide two types of access to applications:

  • People use VPNs to connect to the enterprise network to access applications in private data centers and public clouds.
  • People access applications from browsers without needing a VPN into the enterprise network.

Application experience and security are critical to remote workers, irrespective of how they connect to the network. Cisco+ Secure Connect enables secure application access through Cisco’s AnyConnect or Cisco Duo. Cisco+ Secure Connect also enforces security policies in the cloud. Depending on where the applications are hosted, traffic is routed through the Cisco SD-WAN fabric directly to the internet or to SaaS applications. The SD-WAN fabric handles the traffic for the distributed workforce and devices like any other branch traffic. This means that the innovations in the SD-WAN fabric, like segmentation, application optimization, multi-cloud integrations through SDCI, etc., become immediately available and applicable to the remote workforce traffic. In effect, the worker can access the same set of applications with the same experience regardless of whether they are on-prem or remote—directly contributing to reducing IT spending while ensuring comprehensive security.

Cisco Secure Cloud Traffic Flow
Figure 2: Cisco Secure Cloud Traffic Flow

The quality of experience for the workforce is managed from the Cisco+ Secure Connect unified dashboard that shows both Cisco and Meraki SD-WAN fabrics, as well as the status of the tunnels created from the remote site to Cisco+ Secure Connect in the cloud. IT can also use the dashboard to set up policies in the cloud enforcement point, enabling a much better experience for organizations unifying their SD-WAN and Secure Service Edge (SSE) stacks into a single SASE architecture.

Figure 3: Cisco+ Secure Connect Dashboard
Figure 3: Cisco+ Secure Connect Dashboard

Attain Greater Network and Security Resiliency with Cisco+ Secure Connect

The Cisco+ Secure Connect integration with Cisco SD-WAN and Cisco Meraki SD-WAN, along with strong on-prem security capabilities, enables a truly unified SASE fabric that only Cisco can deliver with its capabilities in on-prem and cloud assets. It helps create a superior application experience with a comprehensive security architecture that enables consistent policies for the hybrid workforce, irrespective of their location, as they access applications hosted anywhere.

 

Additional Resources:

Enforcing Zero Trust Access with Cisco SD-WAN

Cisco Secure SD-WAN Fabric is SecOps New Best Friend

Cisco Innovations Create a More Secure and Scalable SD-WAN Fabric

Dell’Oro Group on why SASE is not only a network and security solution but also a framework and product.

Keep up with the latest in networking news, subscribe to Networking Blogs email list, and get curated content from networking experts at the Networking Experiences Content Hub.



Authors

Ram Singh

Vice President of Engineering

Catalyst Engineering