B2B Tech Talk with Ingram Micro
B2B Tech Talk with Ingram Micro

Episode · 5 months ago

Realize Your SASE Vision with Security Service Edge and McAfee Enterprise

ABOUT THIS EPISODE

Secure Access Service Edge (SASE) projects in the real world have failed to live up to the original vision of a complete network-to-security integrated package.

But according to Gartner, there’s a new approach that makes designing a roadmap towards effective cloud security much easier.

Shelby Skrhak talks with Brooke Noelke, Senior Architect and Strategist - Global Channel Services Transformation at McAfee Enterprise / FireEye, about:

- The difference between SASE and SD-WAN

- What a distributed work environment means for secure web gateways

- How MVision Unified Cloud Edge addresses security service edge challenges

For more information, contact Tim Kuerzdoerfer (timothy.kuerzdoerfer@ingrammicro.com).

To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk

Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher. Or, tune in on our website.

...you're listening to B two B tech talk with ingram Micro, the place to learn about new technology and technological advances before they become mainstream. This podcast is sponsored by ingram Micro's. Imagine next, It's not about the destination, it's about going someplace you never thought possible. Go to imagine next dot ingram micro dot com. To find out more. Let's get into it. Welcome to B two B tech Talk with ingram Micro. I'm your host shall be scare hawk and my guest today is Brooke Gnocchi, senior architect and strategist for global channel services transformation at Mcafee Brooke Welcome. Thank you Shelby. Well, so today we are talking about overcoming Sassy challenges with Mcafee enterprise, but for soft Brooke, can we go broad and go over the difference between Sassy and SD whan. Right, so sassy or secure access service Edge was first established in a Gartner white paper a couple of years ago and the idea of sassy is inclusive of SD WAN. The challenge with implementations of Sassy though is that when a project has focused mostly on SD WAN. First, the security aspects of Sassy, Sassy is also inclusive of DLP into the cloud and across these new networks, um security of the cloud itself, security of say how your data is being stored in sas application, security of how your users are accessing the cloud from wherever they are accessing those things and that those aspects of the project, the security aspects of projects that focus only on SD WAN have tended not to appropriately be addressed. And so Gartner has announced that they're recommending that Sassy not be evaluated as one monolithic thing anymore, but that instead it be looked at as the when aspects of Sassy and the security aspects of Sassy and the new designation for the security...

...aspects of Sassy is security service edge, just S S. E, which will be inclusive of the previous Gartner magic quadrants for casby cloud access, security brokerage, secure web gateway and it will also be inclusive of the technologies that do things like private access or Z T N A zero trust network access and DLP across these new networking and cloud environments. So let me have you kind of break it down a little bit for me. So, you know, I understand that, you know, maybe like a secure web gateway would have been good for, you know, a network that is all included is right there, that's you know, it's all the work force is there together. But now that we are distributed, that's where we're having to bring in all of these different technologies and cybersecurity challenge uh, solutions to be able to cover the workforce. Right, right. So traditional secure web gateways where appliances in an organization's data center and that architecture falls apart really quickly in the work from home, cloud based data world we live in today. It simply isn't able to protect, it causes performance challenges and it causes it just isn't effective because it can't see data stored in cloud services user behavior within cloud services and it also can't see traffic that doesn't get routed back to the corporate data center, which would be all the traffic between your home worker user and the cloud services that you have them using. So that that architecture failed. So now there's a new generation of secure web gateway solutions that are cloud based. These cloud based secure web gateway solutions like our Mcafee, secure Web Gateway enable you to apply secure web gateway controls that is see where users are going, Set controls where they can't go analyze some aspects of behavior. Apply basic web based DLP for unencrypted data um and some types of...

...encrypted data and better control what users are doing and they're accessing of websites or cloud services. That generation of secure web gateways is what's really talked about and sassy not the older generation. And that's a good place to start. You can get some good initial controls in place with cloud based secure web gateway and you can see what's going on elsewhere. So you can plan the rest of your security service, edge journey. But what it doesn't do is allow you to see how your users are storing data and what sorts of data they're putting in what fields in AWS or in Salesforce or in any of those other SAs or um customize has applications you have users using. You can't see you can't apply a data protection policy into those SAs apps with just a cloud based secure web gateway. And that's why Gartner is saying you really need a more complete security service, a vision that is bigger than just the secure web gateway. I'm bigger than just secure Web gateway plus a firewall or Z T N A in the cloud. This is no longer just a network security conversation. We really need to be talking about data security and application integrated security. So api integrated security with our cloud services. So you wrote on linkedin that, you know, sassy projects in the real world really just like you mentioned, have failed to kind of live up to that original vision of a complete network. The network to security integrated package. So I guess will you expand on that a little bit because is this a is this a failure on sassy parts or it's just a, you know, the we couldn't have looked at or I guess foreseen what was coming in our workforce, we could not have foreseen the sassy white paper was written right before the pandemic, who could have predicted that months later, we were all about to need the security architecture in a much faster way than any of us had anticipated. The white...

...paper was originally a vision of course, all the vendors mcafee included jumped on that vision and wanted to say we can sell you one package that will support this. Complete vision. But this architectural vision was very broad. It was inclusive of everything from how you're going to re architect, your land networks, to how you're going to re architect nearly all aspects of your security architecture for this new world where you know, at the time the white paper was written, people were a little more slowly migrating to cloud and they had some work from home employees, but for most organizations, you know, it wasn't half the workforce, like it has been over the last two years, so you know, it's no one's fault. But of course everybody wanted to able to support this vision. The vision is just broader than there was never an intention by the office of this paper. I think to say that in the very near term anybody has the whole thing, in fact clear that nobody had it. Um, and there wasn't a lot of market experience in trying to adopt this thing. So we all went off trying to do this project, whether we called it a sassy project or not because it was suddenly what the pandemic was forcing us to consider for both network and security architectures, um, without a ton of market experience to learn from. In terms of what had worked for other organizations, we're all trying to do at the same time, it's a moment, it's unpaid territory. It's unmapped territory. Well, so when we look at some of the solutions, uh, you know, what is envision unified cloud edge and I guess how is our wise mcafee suited to address these challenges. Right, So envision unified Cloud Edge is our security service edge play. So the security portion of sassy that Gartner is now recommending be consumed as a single platform wherever possible. So you C. E. Was the first integrated security sassy solution. Um It's something that we have been...

...working on for some time. We were the already the Quadrant leader for cloud security, so were the absolute upper right hand vendor in Gartner's cloud security Magic Quadrant. And we've been a strong player for many years in the secure web gateway Magic quadrant. But we saw the way this was going and we've been doing development for some time towards this kind of vision and we've been driving integration between our cloud security products and that secure web gateway and then also integrating into I. S. Pass, which is called for in the new S. S. E Magic Quadrant. All the vendors have responded. But the results of the first publication won't be anticipated until early next year. So we wanna be able to see at least config of custom applications. And I was passed as part of sse that's something we had already done. You want to be able to deliver private access and that's a aspect of the sse platform that we have added to. You see it wasn't part of our first, you see release but it is now a new custom developed solution that's part of our unified Cloud edge solution. So you CSR consumable on a journey play in the sse space and it's not something that customers Where partners have to dive into the absolute and the degree of I would say consuming all of security service edge at once for an organization that doesn't have significant parts of it already implemented is really a challenging thing. And organizations that have tried to do it all at once 10 not to get any of the components implemented in a very good way, even though they're all part of one platform. So most organizations start with something like security gate where Cosby and then upgrade in alignment with their real security risks towards a complete solution. But knowing that the solution is pre integrated and ready to be deployed on a single platform with single controls for policies, that's the strength of our solution, you can set the DLP policy once and have it apply and your eyes past storage...

...buckets as well as your SAAS applications and on that cloud based secure web gateway for your user traffic. And even to the end points that cut that your and customers, your end users are using to access the cloud one place to configure uh policy. But you don't have to start by doing absolutely everything that's possible in the U C E S S E solution. So before our podcast episode today we were talking a little bit about this topic and you mentioned that the recommendation that instead of having different vendors, it be a single vendor, will you explain that? Right? So because in this new cloud world and this is not my recommendation, this is Gardner. And the other analysts have really agreed that these components should be thought of as an integrated platform and it's going to be a lot easier to deliver that if you purchase it from one vendor who's delivering you the integration rather than trying to manage yourself. So why, why would you want to do that? Well, one thing the cloud vendors software changes in the cloud so much faster than it did in the old world in a cloud environment, it's very possible using the tools the cloud vendors have provided us to build software in the cloud and all of our software vendors are doing this now people are releasing every day. So if you're maintaining your own integrations to every cloud service and you're trying to maintain consistent policies between your secure web Gateway, your Cosby, your you know, cloud firewalls, your DLP data protection policies, it becomes really very difficult. So if you can outsource maintaining those integrations with cloud vendors, that's one big advantage of a platform, the consistency of policy and having one interface from which to apply a policy that should be applied via each of these control products is another big benefit of using one vendor and the need from a controls perspective to see something...

...that the secure web Gateway can see but apply a control like you can only so I can see via my secure web gateway that User is trying to access this particular aws 10ant. And I know based on CAsby that that is not one of the pre authorized AWS tenants that's been contracted by my company. It must have been contracted either outside of the official process or by a user personally. And I want to prevent access to that tenant, but only that tenant, that sort of control is a combination of those two technologies and requires passing data back and forth. And if you're not buying from the same vendor, both the initial implementation and the maintenance of that sort of control capability, a sort of real risk prevention capability becomes just really a lot of work to maintain. Yeah, definitely, definitely. Well, you know, speaking of that work, I mean technology departments are already, you know, short staffed and pulled in many different directions. So I guess uh for our partners and resellers that are looking to speak to their customers, I guess. What is that big selling point? What is the the key to solving their challenges? Right. So um one people, everybody needs this, anybody who doesn't have to start that cloud based secure web gateway and then to add on to that the ability to see what's going on in their SAS applications which all of us are using today. They're missing basic security controls Gardner compared casby in importance not in how the protocol works, but importance to cloud based solutions. It's as important as our firewalls were to our data center based application solutions. And how many organizations today have most of their critical data in the data center. It isn't most any evil. Most organizations have most of their critical data out in the cloud. So when you don't have the basics of these things deployed, you're missing basic security protections that you're, you know, there will eventually...

...be very negative impact from and that's that's the, you know, the need. Um and that's why there's such huge market growth in these spaces. Uh the growth rates in each of these spaces and an S. S. C. As a whole are really fast, you know, like a third, again as big a market every single year because those organizations who don't already have these things or who have been trying to drive them with on prem controls that just aren't effective people are moving very quickly. So that's that's point number one for our particular solution. Our customer experiences in our ratings speak for ourselves. Um there's a reason that were top right in the Magic quadrant for cloud security and there's a reason that we continue to get, not just ratings based on the way that folks look at things like the Magic quadrant, which does include some talking to customers rather than really testing the software, but we also get Gartner for technical professionals. Real testing very strong reviews were 13 points out of 100 over the nearest competitor and that most recent assessment and we continue to get really good ratings in peer reviews. Both Wolf from Gartner and other of the analysts. And those pure reviews are what means the most to me, they mean that our customers are successful in deploying our software and see that they're getting value from it. So those are some of the big ratings. We also have a very competitive package that we have made easy to deploy and we continue to drive and we have a better approach to that single policy manager based on some of the history of Mcafee are the policy orchestration thinking is not new to Mcafee. Um and some of that has been translated into completely cloud based, you know, new develop software but leveraging our long heritage and real enterprise security and centralization of policy. So you don't have to manage so many consoles. That's a real significant differentiator for us, definitely. Well, um, I understand that the combination of Mcafee and Fireeye that was recently...

...completed and so I'm just curious what are you as Mcafee doing with Fireeye? Fireeye, what's the uh, you know the headline there? Right. The combined company has really got some new things moving forward. We have our new ceo brian Palmer has given us awesome support to make sure that we are enabling our partners to deliver services from just implementation to manage detection response and other sorts of managed services associated with these technologies and when we focus on how a partner would deliver, we're also giving everyone customer new capabilities that allow us to enable them to deliver in a more automated, more integrated fashion. We have huge new things planned. One of the biggest technical integrations that will see early in this integration will be associated with our helix sore and sim product that came from the Fire I acquisition. This was Fire Eyes, cloud based Helix security information and Security Orchestration package and integration of that with all of the Mcafee tools and the Fire I tools where it already offered integrations offers and even easier to consume even broader security platform to our customers and also supports open integrations. The thinking is very much that we are going to assume. We do think in the area of sse in particular we make an assumption because the market is moving that way already and because the analysts are all recommending this is probably a consolidated purchase but we're not going to assume that across our whole portfolio however, where a customer wants to do a major upgrade when a customer is buying more from our portfolio like that Sim sir um and MDR Services for example, it's easier to implement the first time when you're going to one neck during for supporting those integrations and I'm managing them for you over the long term. Fireeye also brings just an awesome...

...history in network Sand boxing brings an email security product that's in addition an augmentation of the combined platform and a lot of great people who have a lot of energy for solving these problems in really consumable ways well. So as we start to wrap up this episode, we always ask our guests where do you see technology going in the next year? I'm going to answer that for security technologies and I think that we have a lot of clean up to do in the market. The market changed so much. We had to adopt technologies, we weren't in front of security architecture for over the last couple of years. Fast moves to cloud, fast changes to networking to support workers connecting from home. And now we've got a lot of clean up to do. So I think we'll continue to see, you know, new technologies coming out, but I think we're going to see a lot of focus especially in the security space on evaluating the risks and implementing the upgrades to security architectures that will make sure what we've already adopted and that we're not going to move back from being able to support home workers in most industries that what we've already implemented can be managed and maintained in a in a consumable way in a secure way. Um and I think that that means new security architecture is I think it means an increased focus for a lot of organizations and buying help from managed services providers Rather it's just kind of threat babysitting which is a level of help that's very accessible in the market today or bigger levels of full outsourcing. I think we'll see a lot of focus in that area because a lot of organizations have found that they can't do the upgrades themselves much less maintain these technologies and all of that is happening in an environment where the risks are more sophisticated than they've ever been. The threat actors are integrating and automating attacks at the same time that we were adopting all this new technology in ways we've never seen before. So these things are harder to custom architect and manage completely independently than they ever...

...have been before. Um and so coming to coming to grips with those forces and impact of the change that we've seen over the last couple of years, both amongst the threat actors and in our adoption of new technologies. I think we'll see a lot of focus on solutions for the real risks that brings forward. Fantastic. If our guests want to find out more about what we talked about today, how can they reach out? So tim curs door for ingram micro is a contact, as are your local ingram micro account representative can also connect you either with tim or with Mcafee team that can support ingram micro and talking about our solutions. Excellent, Well Brooke, I really appreciate all of your time and insight today. Thank you for joining us. Thank you very much. Shall be, have a great day and thank you listeners for tuning in and subscribing to B two B tech Talk with ingram Micro. If you like this episode or have a question, please join the discussion on twitter with the Hashtag B two B tech talk. Until next time. I'm Shelby scar hawk. You've been listening to B two B tech Talk with ingram Micro. This episode was sponsored by ingram Micro's. Imagine next B two B tech Talk is a joint production with Sweet Fish Media and Anger Micro. To not miss an episode. Subscribe today to your favorite podcast platform. Mm.

In-Stream Audio Search

NEW

Search across all episodes within this podcast

Episodes (395)