B2B Tech Talk with Ingram Micro
B2B Tech Talk with Ingram Micro

Episode · 1 month ago

Realize Your SASE Vision with Security Service Edge and McAfee Enterprise

ABOUT THIS EPISODE

Secure Access Service Edge (SASE) projects in the real world have failed to live up to the original vision of a complete network-to-security integrated package.

But according to Gartner, there’s a new approach that makes designing a roadmap towards effective cloud security much easier.

Shelby Skrhak talks with Brooke Noelke, Senior Architect and Strategist - Global Channel Services Transformation at McAfee Enterprise / FireEye, about:

- The difference between SASE and SD-WAN

- What a distributed work environment means for secure web gateways

- How MVision Unified Cloud Edge addresses security service edge challenges

For more information, contact Tim Kuerzdoerfer (timothy.kuerzdoerfer@ingrammicro.com).

To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk

Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher. Or, tune in on our website.

...you're listening to B two B tech talkwith ingram Micro, the place to learn about new technology and technologicaladvances before they become mainstream. This podcast is sponsored by ingramMicro's. Imagine next, It's not about the destination, it's about goingsomeplace you never thought possible. Go to imagine next dot ingram micro dotcom. To find out more. Let's get into it. Welcome to B two B tech Talk withingram Micro. I'm your host shall be scare hawk and my guest today is BrookeGnocchi, senior architect and strategist for global channel servicestransformation at Mcafee Brooke Welcome. Thank you Shelby. Well, so today we aretalking about overcoming Sassy challenges with Mcafee enterprise, butfor soft Brooke, can we go broad and go over the difference between Sassy andSD whan. Right, so sassy or secure access service Edge was firstestablished in a Gartner white paper a couple of years ago and the idea ofsassy is inclusive of SD WAN. The challenge with implementations of Sassythough is that when a project has focused mostly on SD WAN. First, thesecurity aspects of Sassy, Sassy is also inclusive of DLP into the cloudand across these new networks, um security of the cloud itself, securityof say how your data is being stored in sas application, security of how yourusers are accessing the cloud from wherever they are accessing thosethings and that those aspects of the project, the security aspects ofprojects that focus only on SD WAN have tended not to appropriately beaddressed. And so Gartner has announced that they're recommending that Sassynot be evaluated as one monolithic thing anymore, but that instead it belooked at as the when aspects of Sassy and the security aspects of Sassy andthe new designation for the security...

...aspects of Sassy is security serviceedge, just S S. E, which will be inclusive of the previous Gartner magicquadrants for casby cloud access, security brokerage, secure web gatewayand it will also be inclusive of the technologies that do things likeprivate access or Z T N A zero trust network access and DLP across these newnetworking and cloud environments. So let me have you kind of break it down alittle bit for me. So, you know, I understand that, you know, maybe like asecure web gateway would have been good for, you know, a network that is allincluded is right there, that's you know, it's all the work force is theretogether. But now that we are distributed, that's where we're havingto bring in all of these different technologies and cybersecuritychallenge uh, solutions to be able to cover the workforce. Right, right. Sotraditional secure web gateways where appliances in an organization's datacenter and that architecture falls apart really quickly in the work fromhome, cloud based data world we live in today. It simply isn't able to protect,it causes performance challenges and it causes it just isn't effective becauseit can't see data stored in cloud services user behavior within cloudservices and it also can't see traffic that doesn't get routed back to thecorporate data center, which would be all the traffic between your homeworker user and the cloud services that you have them using. So that thatarchitecture failed. So now there's a new generation of secure web gatewaysolutions that are cloud based. These cloud based secure web gatewaysolutions like our Mcafee, secure Web Gateway enable you to apply secure webgateway controls that is see where users are going, Set controls wherethey can't go analyze some aspects of behavior. Apply basic web based DLP forunencrypted data um and some types of...

...encrypted data and better control whatusers are doing and they're accessing of websites or cloud services. Thatgeneration of secure web gateways is what's really talked about and sassynot the older generation. And that's a good place to start. You can get somegood initial controls in place with cloud based secure web gateway and youcan see what's going on elsewhere. So you can plan the rest of your securityservice, edge journey. But what it doesn't do is allow you to see how yourusers are storing data and what sorts of data they're putting in what fieldsin AWS or in Salesforce or in any of those other SAs or um customize hasapplications you have users using. You can't see you can't apply a dataprotection policy into those SAs apps with just a cloud based secure webgateway. And that's why Gartner is saying you really need a more completesecurity service, a vision that is bigger than just the secure web gateway.I'm bigger than just secure Web gateway plus a firewall or Z T N A in the cloud.This is no longer just a network security conversation. We really needto be talking about data security and application integrated security. So apiintegrated security with our cloud services. So you wrote on linkedin that,you know, sassy projects in the real world really just like you mentioned,have failed to kind of live up to that original vision of a complete network.The network to security integrated package. So I guess will you expand onthat a little bit because is this a is this a failure on sassy parts or it'sjust a, you know, the we couldn't have looked at or I guess foreseen what wascoming in our workforce, we could not have foreseen the sassy white paper waswritten right before the pandemic, who could have predicted that months later,we were all about to need the security architecture in a much faster way thanany of us had anticipated. The white...

...paper was originally a vision of course,all the vendors mcafee included jumped on that vision and wanted to say we cansell you one package that will support this. Complete vision. But thisarchitectural vision was very broad. It was inclusive of everything from howyou're going to re architect, your land networks, to how you're going to rearchitect nearly all aspects of your security architecture for this newworld where you know, at the time the white paper was written, people were alittle more slowly migrating to cloud and they had some work from homeemployees, but for most organizations, you know, it wasn't half the workforce,like it has been over the last two years, so you know, it's no one's fault.But of course everybody wanted to able to support this vision. The vision isjust broader than there was never an intention by the office of this paper.I think to say that in the very near term anybody has the whole thing, infact clear that nobody had it. Um, and there wasn't a lot of market experiencein trying to adopt this thing. So we all went off trying to do this project,whether we called it a sassy project or not because it was suddenly what thepandemic was forcing us to consider for both network and security architectures,um, without a ton of market experience to learn from. In terms of what hadworked for other organizations, we're all trying to do at the same time, it's a moment, it's unpaid territory.It's unmapped territory. Well, so when we look at some of the solutions, uh,you know, what is envision unified cloud edge and I guess how is our wisemcafee suited to address these challenges. Right, So envision unifiedCloud Edge is our security service edge play. So the security portion of sassythat Gartner is now recommending be consumed as a single platform whereverpossible. So you C. E. Was the first integrated security sassy solution. UmIt's something that we have been...

...working on for some time. We were thealready the Quadrant leader for cloud security, so were the absolute upperright hand vendor in Gartner's cloud security Magic Quadrant. And we've beena strong player for many years in the secure web gateway Magic quadrant. Butwe saw the way this was going and we've been doing development for some timetowards this kind of vision and we've been driving integration between ourcloud security products and that secure web gateway and then also integratinginto I. S. Pass, which is called for in the new S. S. E Magic Quadrant. All thevendors have responded. But the results of the first publication won't beanticipated until early next year. So we wanna be able to see at least configof custom applications. And I was passed as part of sse that's somethingwe had already done. You want to be able to deliver private access andthat's a aspect of the sse platform that we have added to. You see itwasn't part of our first, you see release but it is now a new customdeveloped solution that's part of our unified Cloud edge solution. So you CSRconsumable on a journey play in the sse space and it's not something thatcustomers Where partners have to dive into the absolute and the degree of Iwould say consuming all of security service edge at once for anorganization that doesn't have significant parts of it alreadyimplemented is really a challenging thing. And organizations that havetried to do it all at once 10 not to get any of the components implementedin a very good way, even though they're all part of one platform. So mostorganizations start with something like security gate where Cosby and thenupgrade in alignment with their real security risks towards a completesolution. But knowing that the solution is pre integrated and ready to bedeployed on a single platform with single controls for policies, that'sthe strength of our solution, you can set the DLP policy once and have itapply and your eyes past storage...

...buckets as well as your SAASapplications and on that cloud based secure web gateway for your usertraffic. And even to the end points that cut that your and customers, yourend users are using to access the cloud one place to configure uh policy. Butyou don't have to start by doing absolutely everything that's possiblein the U C E S S E solution. So before our podcast episode today we weretalking a little bit about this topic and you mentioned that therecommendation that instead of having different vendors, it be a singlevendor, will you explain that? Right? So because in this new cloud world andthis is not my recommendation, this is Gardner. And the other analysts havereally agreed that these components should be thought of as an integratedplatform and it's going to be a lot easier to deliver that if you purchaseit from one vendor who's delivering you the integration rather than trying tomanage yourself. So why, why would you want to do that? Well, one thing thecloud vendors software changes in the cloud so much faster than it did in theold world in a cloud environment, it's very possible using the tools the cloudvendors have provided us to build software in the cloud and all of oursoftware vendors are doing this now people are releasing every day. So ifyou're maintaining your own integrations to every cloud service andyou're trying to maintain consistent policies between your secure webGateway, your Cosby, your you know, cloud firewalls, your DLP dataprotection policies, it becomes really very difficult. So if you can outsourcemaintaining those integrations with cloud vendors, that's one big advantageof a platform, the consistency of policy and having one interface fromwhich to apply a policy that should be applied via each of these controlproducts is another big benefit of using one vendor and the need from acontrols perspective to see something...

...that the secure web Gateway can see butapply a control like you can only so I can see via my secure web gateway thatUser is trying to access this particular aws 10ant. And I know basedon CAsby that that is not one of the pre authorized AWS tenants that's beencontracted by my company. It must have been contracted either outside of theofficial process or by a user personally. And I want to preventaccess to that tenant, but only that tenant, that sort of control is acombination of those two technologies and requires passing data back andforth. And if you're not buying from the same vendor, both the initialimplementation and the maintenance of that sort of control capability, a sortof real risk prevention capability becomes just really a lot of work tomaintain. Yeah, definitely, definitely. Well, you know, speaking of that work,I mean technology departments are already, you know, short staffed andpulled in many different directions. So I guess uh for our partners andresellers that are looking to speak to their customers, I guess. What is thatbig selling point? What is the the key to solving their challenges? Right. Soum one people, everybody needs this, anybody who doesn't have to start thatcloud based secure web gateway and then to add on to that the ability to seewhat's going on in their SAS applications which all of us are usingtoday. They're missing basic security controls Gardner compared casby inimportance not in how the protocol works, but importance to cloud basedsolutions. It's as important as our firewalls were to our data center basedapplication solutions. And how many organizations today have most of theircritical data in the data center. It isn't most any evil. Most organizationshave most of their critical data out in the cloud. So when you don't have thebasics of these things deployed, you're missing basic security protections thatyou're, you know, there will eventually...

...be very negative impact from and that'sthat's the, you know, the need. Um and that's why there's such huge marketgrowth in these spaces. Uh the growth rates in each of these spaces and an S.S. C. As a whole are really fast, you know, like a third, again as big amarket every single year because those organizations who don't already havethese things or who have been trying to drive them with on prem controls thatjust aren't effective people are moving very quickly. So that's that's pointnumber one for our particular solution. Our customer experiences in our ratingsspeak for ourselves. Um there's a reason that were top right in the Magicquadrant for cloud security and there's a reason that we continue to get, notjust ratings based on the way that folks look at things like the Magicquadrant, which does include some talking to customers rather than reallytesting the software, but we also get Gartner for technical professionals.Real testing very strong reviews were 13 points out of 100 over the nearestcompetitor and that most recent assessment and we continue to getreally good ratings in peer reviews. Both Wolf from Gartner and other of theanalysts. And those pure reviews are what means the most to me, they meanthat our customers are successful in deploying our software and see thatthey're getting value from it. So those are some of the big ratings. We alsohave a very competitive package that we have made easy to deploy and wecontinue to drive and we have a better approach to that single policy managerbased on some of the history of Mcafee are the policy orchestration thinkingis not new to Mcafee. Um and some of that has been translated intocompletely cloud based, you know, new develop software but leveraging ourlong heritage and real enterprise security and centralization of policy.So you don't have to manage so many consoles. That's a real significantdifferentiator for us, definitely. Well, um, I understand that the combinationof Mcafee and Fireeye that was recently...

...completed and so I'm just curious whatare you as Mcafee doing with Fireeye? Fireeye, what's the uh, you know theheadline there? Right. The combined company has really got some new thingsmoving forward. We have our new ceo brian Palmer has given us awesomesupport to make sure that we are enabling our partners to deliverservices from just implementation to manage detection response and othersorts of managed services associated with these technologies and when wefocus on how a partner would deliver, we're also giving everyone customer newcapabilities that allow us to enable them to deliver in a more automated,more integrated fashion. We have huge new things planned. One of the biggesttechnical integrations that will see early in this integration will beassociated with our helix sore and sim product that came from the Fire Iacquisition. This was Fire Eyes, cloud based Helix security information andSecurity Orchestration package and integration of that with all of theMcafee tools and the Fire I tools where it already offered integrations offersand even easier to consume even broader security platform to our customers andalso supports open integrations. The thinking is very much that we are goingto assume. We do think in the area of sse in particular we make an assumptionbecause the market is moving that way already and because the analysts areall recommending this is probably a consolidated purchase but we're notgoing to assume that across our whole portfolio however, where a customerwants to do a major upgrade when a customer is buying more from ourportfolio like that Sim sir um and MDR Services for example, it's easier toimplement the first time when you're going to one neck during for supportingthose integrations and I'm managing them for you over the long term.Fireeye also brings just an awesome...

...history in network Sand boxing bringsan email security product that's in addition an augmentation of thecombined platform and a lot of great people who have a lot of energy forsolving these problems in really consumable ways well. So as we start to wrap up thisepisode, we always ask our guests where do you see technology going in the nextyear? I'm going to answer that for security technologies and I think thatwe have a lot of clean up to do in the market. The market changed so much. Wehad to adopt technologies, we weren't in front of security architecture forover the last couple of years. Fast moves to cloud, fast changes tonetworking to support workers connecting from home. And now we've gota lot of clean up to do. So I think we'll continue to see, you know, newtechnologies coming out, but I think we're going to see a lot of focusespecially in the security space on evaluating the risks and implementingthe upgrades to security architectures that will make sure what we've alreadyadopted and that we're not going to move back from being able to supporthome workers in most industries that what we've already implemented can bemanaged and maintained in a in a consumable way in a secure way. Umand I think that that means new security architecture is I think itmeans an increased focus for a lot of organizations and buying help frommanaged services providers Rather it's just kind of threat babysitting whichis a level of help that's very accessible in the market today orbigger levels of full outsourcing. I think we'll see a lot of focus in thatarea because a lot of organizations have found that they can't do theupgrades themselves much less maintain these technologies and all of that ishappening in an environment where the risks are more sophisticated thanthey've ever been. The threat actors are integrating and automating attacksat the same time that we were adopting all this new technology in ways we'venever seen before. So these things are harder to custom architect and managecompletely independently than they ever...

...have been before. Um and so coming tocoming to grips with those forces and impact of the change that we've seenover the last couple of years, both amongst the threat actors and in ouradoption of new technologies. I think we'll see a lot of focus on solutionsfor the real risks that brings forward. Fantastic. If our guests want to findout more about what we talked about today, how can they reach out? So timcurs door for ingram micro is a contact, as are your local ingram micro accountrepresentative can also connect you either with tim or with Mcafee teamthat can support ingram micro and talking about our solutions. Excellent,Well Brooke, I really appreciate all of your time and insight today. Thank youfor joining us. Thank you very much. Shall be, have a great day and thankyou listeners for tuning in and subscribing to B two B tech Talk withingram Micro. If you like this episode or have a question, please join thediscussion on twitter with the Hashtag B two B tech talk. Until next time. I'mShelby scar hawk. You've been listening to B two B tech Talk with ingram Micro.This episode was sponsored by ingram Micro's. Imagine next B two B tech Talkis a joint production with Sweet Fish Media and Anger Micro. To not miss anepisode. Subscribe today to your favorite podcast platform. Mm.

In-Stream Audio Search

NEW

Search across all episodes within this podcast

Episodes (352)