Cisco launches new, expanded SASE architecture

Cisco launches a new, expanded Secure Access Service Edge (SASE) offer. This is the next important step in Cisco’s journey to radically simplify enterprise networking and security by helping network operations (NetOps) and security operations (SecOps) teams securely connect users to applications. Additionally, today Cisco announces enhancements to its cloud-native platform, SecureX to more quickly and effectively manage new and emerging and advanced threats.

Work is no longer a location but an experience, and the global events of the last year have made working from anywhere the norm. At the same time, this trend increased the complexity of managing networks and security across an expanding attack surface of users, devices, applications, and data. As the hub shifts from the data center to the user, a SASE architecture has emerged as a top organizational priority to provide seamless connection to applications.

Cisco SASE Today and in the Future

Today, Cisco introduces the ability to purchase all core SASE product components in a single offer with the flexibility to easily transition to a single subscription service in the future, enabling organizations to start using Cisco’s integrated architecture immediately. Cisco provides all the building blocks of a SASE architecture, including best-in-class networking, remote access, cloud security, zero trust network access, and observability. Cisco’s vision is to combine these capabilities into a single subscription service, and deliver seamless, secure access to any application, over any network or cloud, anywhere users work.

“As the workforce is increasingly hybrid, traditional network and security frameworks can no longer keep pace with this new way of doing business. There has never been a more critical time to deliver something radically different, as every customer is unique and needs flexibility when determining how a SASE architecture fits into their environment. When it comes to transformation, there is no one-size-fits-all approach and moving to a SASE framework is no different,” said Osama Al-Zoubi, CTO, Cisco Middle East and Africa. “Today’s announcement enables organizations to start using all of the core building blocks of a SASE architecture immediately, making it simpler than ever to continue your journey to SASE.”

In addition, Cisco continues to rapidly deliver features that unlock new SASE use cases, including:

• Data Loss Prevention: Cisco Umbrella data loss prevention (DLP) enables organizations to discover and block sensitive data being transmitted to unwanted destinations, while preventing data exfiltration and supporting compliance mandates.
• Remote Browser Isolation: Cisco Umbrellaremote browser isolation enables users to safely browse websites while protecting end user devices and corporate networks from browser-based exploits. 
• Cloud Malware Detection: Cisco Umbrella cloud malware detection finds and removes malware from cloud-based file storage applications. As more organizations move business-critical data to cloud-based applications, they need to ensure that users can access them, even from unmanaged devices, and that those cloud applications are safe.
• Expanding Cisco SD-WAN Cloud Onramp: The release of SD-WAN 17.5 powered by Viptela expands cloud onramp capabilities for predictable and secure application experiences. Cisco expands beyond AWS and Azure to now add new cloud integrations including Google Cloud and Megaport. In addition, Cisco SD-WAN powered by Meraki further extends connectivity from branch sites to resources in public cloud environments such as AWS, Azure, Alibaba Cloud.
• New SD-WAN and Cloud Security Integration: Expanding our current networking and security integrations, Cisco SD-WAN powered by Meraki and Umbrella now integrates with Cisco Umbrella to speed cloud-native security deployments across distributed locations with simplified Internet Protocol Security (IPSec) tunnel connectivity.
• Observability: Part of the new SASE offer, ThousandEyes’ internet and cloud intelligence continues to enable organizations’ visibility and actionable insights into every network, from any user to any application, so they can remediate incidents quickly and maintain reliable connectivity and digital experience.
• Passwordless Authentication: Today Duo unveiled infrastructure agnostic, passwordless authentication, available for public preview this summer. The vision is to enable zero trust with a frictionless login experience, ensuring that enterprises can seamlessly protect a mix of cloud and on-premises applications without requiring multiple authentication products or leaving critical security gaps.

Continued SecureX Innovation to Radically Simplify Security

In addition to simplifying the SASE journey for customers, Cisco is also on a mission to further simplify and protect against emerging threats. Today, Cisco is delivering complete protection from endpoint to the cloud with SecureX platform enhancements that reduce dwell time for SecOps and automate tasks involved with detecting and remediating threats. New automated workflows include SolarWinds supply chain attack, phishing investigations and threat investigations using latest intel from Cisco Talos, one of the largest commercial threat intelligence teams in the world. These enhancements reduce time to detect threats by 95 percent, and time to remediate by 85 percent. Building on the numerous Cisco technology integrations in SecureX ranging from Cisco Secure Endpoint to Cisco Umbrella, the open platform also provides turnkey configuration with more than 35 third-party technologies including Google, ServiceNow, Splunk, and more.

On top of adding simplicity at the platform level, Cisco is also announcing integration and automation at the endpoint. Cisco Secure Client, a newly integrated connector for Cisco Secure Endpoint, AnyConnect, and Umbrella, simplifies deployment and management for greater efficiency and efficacy. Cisco Secure Client serves as a local control point and early warning system for advanced threats in solutions such as SASE, Zero Trust, and Extended Detection and Response (XDR).