WEBVTT

1
00:00:00.120 --> 00:00:05.440
<v Speaker 1>Welcome to the deep dive. Today, we're jumping into enterprise cybersecurity, which,

2
00:00:05.639 --> 00:00:07.839
<v Speaker 1>let's be honest, feels like trying to hit a moving

3
00:00:07.879 --> 00:00:08.800
<v Speaker 1>target sometimes.

4
00:00:09.080 --> 00:00:12.960
<v Speaker 2>Absolutely. The threats are just getting well smarter, more spread out,

5
00:00:13.080 --> 00:00:15.199
<v Speaker 2>hitting from all angles. It's relentless.

6
00:00:15.240 --> 00:00:17.600
<v Speaker 1>And it's not just the threats changing, right, the way

7
00:00:17.640 --> 00:00:20.280
<v Speaker 1>we work is totally different completely.

8
00:00:20.399 --> 00:00:25.719
<v Speaker 2>Clouds, sauce, apps everywhere, people working from home, coffee shops, anywhere.

9
00:00:25.800 --> 00:00:30.679
<v Speaker 1>Yeah, so you've got this massive explosion of apps and users,

10
00:00:30.719 --> 00:00:34.200
<v Speaker 1>but also deeper security holes opening up because.

11
00:00:33.920 --> 00:00:36.240
<v Speaker 2>Of it exactly, And that old idea of a secure

12
00:00:36.840 --> 00:00:40.359
<v Speaker 2>walled garden, you know, the corporate network gone pretty much dissolved.

13
00:00:40.439 --> 00:00:40.600
<v Speaker 1>Yep.

14
00:00:40.719 --> 00:00:44.840
<v Speaker 2>It's now this amorphous edge. It's fluid, it's everywhere, and

15
00:00:44.920 --> 00:00:47.600
<v Speaker 2>companies are frankly struggling to keep up security wise.

16
00:00:47.640 --> 00:00:49.799
<v Speaker 1>The old ways just don't cut it anymore, not at all.

17
00:00:49.679 --> 00:00:52.280
<v Speaker 2>Which brings us to saw Secure Access service edge.

18
00:00:52.320 --> 00:00:55.399
<v Speaker 1>Okay, sauce, we hear that term a lot Gartner coined it.

19
00:00:55.840 --> 00:00:58.479
<v Speaker 2>They did. It's basically an architectural framework, a new way

20
00:00:58.520 --> 00:01:01.560
<v Speaker 2>of thinking designed specific for this client to cloud world

21
00:01:01.600 --> 00:01:01.920
<v Speaker 2>we're in.

22
00:01:01.880 --> 00:01:04.920
<v Speaker 1>Now, So not just another buzzword, hopefully definitely not.

23
00:01:05.239 --> 00:01:08.000
<v Speaker 2>It's it's really a necessary shift.

24
00:01:08.200 --> 00:01:10.400
<v Speaker 1>So our mission today on this deep.

25
00:01:10.200 --> 00:01:14.079
<v Speaker 2>Dive is to really unpack sauces for you. What's actually

26
00:01:14.120 --> 00:01:16.439
<v Speaker 2>in it, why does it matter so much now, how

27
00:01:16.439 --> 00:01:17.079
<v Speaker 2>does it work?

28
00:01:17.120 --> 00:01:19.519
<v Speaker 1>And maybe what should you look for if you're considering it.

29
00:01:19.760 --> 00:01:23.879
<v Speaker 2>Exactly. We're drawing insights from Sasize for Dummies versus Networks

30
00:01:23.959 --> 00:01:28.079
<v Speaker 2>Special Edition. The goal is you walk away feeling like

31
00:01:28.120 --> 00:01:29.599
<v Speaker 2>you've got a solid handle on it.

32
00:01:29.640 --> 00:01:32.319
<v Speaker 1>Great, let's start with that perimeter shift because that really

33
00:01:32.319 --> 00:01:33.040
<v Speaker 1>sets the scene.

34
00:01:33.120 --> 00:01:35.879
<v Speaker 2>Yeah. Absolutely, So the old model.

35
00:01:36.120 --> 00:01:38.760
<v Speaker 1>Everyone's in the office right connected to the company data.

36
00:01:38.599 --> 00:01:43.719
<v Speaker 2>Center, uh, using those private secure MPLS networks mostly.

37
00:01:43.719 --> 00:01:47.200
<v Speaker 1>And the security was basically just being inside the walls

38
00:01:47.439 --> 00:01:48.000
<v Speaker 1>pretty much.

39
00:01:48.079 --> 00:01:50.560
<v Speaker 2>It was private fixed. If you were in, you were

40
00:01:50.599 --> 00:01:53.079
<v Speaker 2>generally trusted. Simple. Maybe a bit too.

41
00:01:53.000 --> 00:01:55.439
<v Speaker 1>Simple now, okay, so what changed? Everything you mentioned work

42
00:01:55.480 --> 00:01:56.519
<v Speaker 1>from anywhere.

43
00:01:56.200 --> 00:02:00.000
<v Speaker 2>That was huge, plus everyone adopting sauce apps like Salesforce

44
00:02:00.159 --> 00:02:01.680
<v Speaker 2>Office three sixty five, you.

45
00:02:01.680 --> 00:02:05.480
<v Speaker 1>Name it, and moving workloads to different clouds right aws

46
00:02:05.560 --> 00:02:07.000
<v Speaker 1>Azure exactly.

47
00:02:07.239 --> 00:02:10.439
<v Speaker 2>So suddenly you've got more people, more data, more everything

48
00:02:10.479 --> 00:02:12.240
<v Speaker 2>outside the old walls than inside.

49
00:02:12.319 --> 00:02:14.319
<v Speaker 1>So the perimeter isn't a place anymore.

50
00:02:14.599 --> 00:02:18.560
<v Speaker 2>Not really, it's like software defined now. It pops up

51
00:02:18.599 --> 00:02:22.759
<v Speaker 2>transiently around the user, the device, the app, wherever.

52
00:02:22.439 --> 00:02:24.439
<v Speaker 1>They are individual virtual perimeters.

53
00:02:24.479 --> 00:02:26.719
<v Speaker 2>That's the concept, yeh, a fundamental shift.

54
00:02:26.759 --> 00:02:29.240
<v Speaker 1>And those old WANs, the NPLS networks that must be

55
00:02:29.280 --> 00:02:30.240
<v Speaker 1>groaning under the strain.

56
00:02:30.520 --> 00:02:34.560
<v Speaker 2>Oh yeah, major pain points, super complex to manage it.

57
00:02:34.639 --> 00:02:38.520
<v Speaker 1>Every branch expensive too, right, MPLS bandwidth isn't cheap, not.

58
00:02:38.560 --> 00:02:42.960
<v Speaker 2>At all, and you often lack visibility agility. Plus that

59
00:02:43.120 --> 00:02:48.120
<v Speaker 2>whole model of backhauling all Internet traffic to a central point, like.

60
00:02:48.240 --> 00:02:51.400
<v Speaker 1>Forcing all international slites through one airport.

61
00:02:51.120 --> 00:02:55.840
<v Speaker 2>Exactly, huge bottleneck doesn't work for distributed users needing cloud apps.

62
00:02:56.080 --> 00:02:58.159
<v Speaker 1>Okay, so the old walls are down, the old roads

63
00:02:58.159 --> 00:03:00.439
<v Speaker 1>are jammed. Enter SASE. You said it's not one thing

64
00:03:00.560 --> 00:03:02.120
<v Speaker 1>but a package.

65
00:03:01.800 --> 00:03:05.080
<v Speaker 2>Right, think of it as an integrated framework, a bundle

66
00:03:05.120 --> 00:03:08.000
<v Speaker 2>of technologies designed to work together from the start, not.

67
00:03:08.159 --> 00:03:10.960
<v Speaker 1>Just like duct taping different security tools.

68
00:03:11.319 --> 00:03:14.439
<v Speaker 2>Now, that's the key difference. The integration is where the

69
00:03:14.439 --> 00:03:15.240
<v Speaker 2>power comes from.

70
00:03:15.400 --> 00:03:17.719
<v Speaker 1>So what's in this ASE toolkit?

71
00:03:17.879 --> 00:03:22.520
<v Speaker 2>Okay? At the foundation you've got SD one software defined.

72
00:03:22.199 --> 00:03:24.800
<v Speaker 1>Wants, right, we've heard of that, yeah.

73
00:03:24.520 --> 00:03:26.719
<v Speaker 2>But it's evolved it's not just about saving money on

74
00:03:26.719 --> 00:03:31.240
<v Speaker 2>connections anymore. It's full networking, smart traffic steering, even security

75
00:03:31.240 --> 00:03:35.080
<v Speaker 2>built in, allowing direct Internet access safely from branches.

76
00:03:35.360 --> 00:03:39.080
<v Speaker 1>Okay, so that's the network foundation. What about the security layers?

77
00:03:39.400 --> 00:03:43.719
<v Speaker 2>Then you later on things like SWGs secure web gateways.

78
00:03:43.280 --> 00:03:45.599
<v Speaker 1>Protecting users browsing the Internet.

79
00:03:45.319 --> 00:03:49.639
<v Speaker 2>Exactly, filtering URLs, blocking malware, preventing data loss for those

80
00:03:49.680 --> 00:03:54.759
<v Speaker 2>remote users. And closely related are casbs Cloud Access Security

81
00:03:54.800 --> 00:03:56.039
<v Speaker 2>Brokers cafsbs.

82
00:03:56.319 --> 00:03:58.080
<v Speaker 1>They handle the cloud app side.

83
00:03:58.159 --> 00:04:00.360
<v Speaker 2>Yeah, they give you visibility and controller or how your

84
00:04:00.360 --> 00:04:04.039
<v Speaker 2>sasaps are being used. Crucially, they help secure your data

85
00:04:04.120 --> 00:04:06.120
<v Speaker 2>even when it's sitting in someone else's cloud system.

86
00:04:06.199 --> 00:04:07.680
<v Speaker 1>That's important. Okay, what else?

87
00:04:07.759 --> 00:04:11.840
<v Speaker 2>And a really big piece ZTNA zero trust network.

88
00:04:11.479 --> 00:04:14.400
<v Speaker 1>Access, zero trust trusts nothing pretty much.

89
00:04:14.840 --> 00:04:17.920
<v Speaker 2>It's not about building walls, it's about putting a bouncer

90
00:04:18.000 --> 00:04:23.399
<v Speaker 2>at every single door inside. It constantly verifies identity, device

91
00:04:23.480 --> 00:04:28.160
<v Speaker 2>health context before letting anyone access anything, so you.

92
00:04:28.079 --> 00:04:30.920
<v Speaker 1>Only get access to exactly what you need and nothing more.

93
00:04:31.040 --> 00:04:35.319
<v Speaker 2>Precisely, it hides applications from view unless you're explicitly allowed,

94
00:04:36.040 --> 00:04:39.160
<v Speaker 2>massively reduces the attack surface if someone does get in

95
00:04:39.199 --> 00:04:40.360
<v Speaker 2>they can't just wander around.

96
00:04:40.519 --> 00:04:43.279
<v Speaker 1>Okay, that makes sense, limits the blast radius totally.

97
00:04:43.720 --> 00:04:47.000
<v Speaker 2>And finally, you integrate f waws firewall as a service,

98
00:04:47.199 --> 00:04:49.639
<v Speaker 2>often using ngngfw's next gen firewalls.

99
00:04:49.720 --> 00:04:52.839
<v Speaker 1>So advanced firewalling but delivered from the cloud.

100
00:04:52.639 --> 00:04:56.879
<v Speaker 2>YEP, deep packet inspection, understanding applications, preventing intrusions, all that

101
00:04:56.920 --> 00:04:59.439
<v Speaker 2>good stuff, but integrated into the safety fabric.

102
00:04:59.480 --> 00:05:04.079
<v Speaker 1>Wow. So it's SD one, swgcasb Z ten A flaws

103
00:05:04.160 --> 00:05:05.120
<v Speaker 1>all rolled into one.

104
00:05:05.279 --> 00:05:07.439
<v Speaker 2>But the real magic, like you said, isn't just having

105
00:05:07.439 --> 00:05:09.079
<v Speaker 2>the pieces, it's that they're.

106
00:05:08.879 --> 00:05:11.639
<v Speaker 1>Integrated, designed to work together from the ground up exactly.

107
00:05:11.639 --> 00:05:15.319
<v Speaker 2>It's a single cohesive system, not of Frankenstein's monster of

108
00:05:15.319 --> 00:05:19.759
<v Speaker 2>different security boxes. That integration makes it faster, smarter, more comprehensive.

109
00:05:20.040 --> 00:05:22.519
<v Speaker 1>Okay, So to make this all work smoothly, there must

110
00:05:22.560 --> 00:05:25.680
<v Speaker 1>be some core principles, right, some architectural must haves.

111
00:05:26.000 --> 00:05:29.759
<v Speaker 2>Absolutely, there's a kind of secret sauce to doing SaaS

112
00:05:29.800 --> 00:05:31.720
<v Speaker 2>properly for performance and security.

113
00:05:31.839 --> 00:05:32.800
<v Speaker 1>Give us the ingredients.

114
00:05:33.040 --> 00:05:37.800
<v Speaker 2>First off, hardware neutrality, moving away from needing specific proprietary

115
00:05:37.839 --> 00:05:38.480
<v Speaker 2>boxes for.

116
00:05:38.439 --> 00:05:42.000
<v Speaker 1>Everything, ah, avoiding appliance sprawl exactly.

117
00:05:42.120 --> 00:05:44.560
<v Speaker 2>I think flexible software. You can run on standard hardware,

118
00:05:44.680 --> 00:05:49.720
<v Speaker 2>VMS containers, one integrated stack, handling, routing, security optimization, everything

119
00:05:50.079 --> 00:05:51.319
<v Speaker 2>much simpler, less.

120
00:05:51.120 --> 00:05:53.079
<v Speaker 1>Costly, okay, flexibility, what else?

121
00:05:53.120 --> 00:05:57.560
<v Speaker 2>Performance is key? So single pass execution this is crucial.

122
00:05:57.720 --> 00:06:02.240
<v Speaker 2>Single pass Yeah. Instead of a data packet being stopped, unpacked, inspected, repacked,

123
00:06:02.439 --> 00:06:03.959
<v Speaker 2>then sent to the next box to do.

124
00:06:03.879 --> 00:06:06.240
<v Speaker 1>It all again, which sounds slow, very.

125
00:06:06.480 --> 00:06:09.360
<v Speaker 2>With single pass, the packet is unpacked once all the

126
00:06:09.399 --> 00:06:14.279
<v Speaker 2>security engines, firewall, IPS, malware detection inspected in parallel. Then

127
00:06:14.319 --> 00:06:15.120
<v Speaker 2>it's a repacked and.

128
00:06:15.079 --> 00:06:18.439
<v Speaker 1>Sent on like an efficient assembly line versus separate workshops.

129
00:06:18.480 --> 00:06:22.000
<v Speaker 2>Perfect analogy, dramatically lower latency, much better performance.

130
00:06:22.079 --> 00:06:24.759
<v Speaker 1>Makes sense. What about scaling? Needs change?

131
00:06:24.959 --> 00:06:27.920
<v Speaker 2>Right, So you need elastic scale out and a design

132
00:06:28.399 --> 00:06:32.000
<v Speaker 2>using containers and micro services. Think lego blocks instead of

133
00:06:32.000 --> 00:06:32.680
<v Speaker 2>a solid.

134
00:06:32.439 --> 00:06:35.720
<v Speaker 1>Statue, easy to add a remove capacity exactly.

135
00:06:35.720 --> 00:06:40.040
<v Speaker 2>Spin up resources, scale horizontally, deploy temporary branches in the

136
00:06:40.079 --> 00:06:43.199
<v Speaker 2>cloud almost instantly, super agile and resilient.

137
00:06:43.480 --> 00:06:47.199
<v Speaker 1>It's cloud native thinking and for users everywhere.

138
00:06:46.680 --> 00:06:50.120
<v Speaker 2>Global distribution is vital. You need SaaS points of presence

139
00:06:50.240 --> 00:06:53.040
<v Speaker 2>or pops spread around the world close to your users.

140
00:06:53.240 --> 00:06:55.600
<v Speaker 2>Reduces latency, improves their experience.

141
00:06:55.680 --> 00:06:57.519
<v Speaker 1>Local access basically.

142
00:06:57.120 --> 00:07:00.680
<v Speaker 2>YEP, and related to security in line encryption, SaaS has

143
00:07:00.680 --> 00:07:03.879
<v Speaker 2>to be able to handle encrypted traffic, decrypt, inspect based

144
00:07:03.920 --> 00:07:07.360
<v Speaker 2>on policy, then re encrypted scale without needing special hardware.

145
00:07:07.480 --> 00:07:10.199
<v Speaker 1>Can't let threats hide in encrypted tunnels precisely.

146
00:07:10.720 --> 00:07:14.680
<v Speaker 2>And finally, segmentation with multi tenancy, SAS needs to isolate

147
00:07:14.720 --> 00:07:18.759
<v Speaker 2>traffic internally and for service providers, multi tenancy allows them

148
00:07:18.759 --> 00:07:23.399
<v Speaker 2>to securely serve multiple customers on shared infrastructure, keeping everyone separate.

149
00:07:23.519 --> 00:07:26.240
<v Speaker 1>Okay, that's a solid foundation. Now let's talk more about

150
00:07:26.240 --> 00:07:29.480
<v Speaker 1>the security capabilities. How does SAS actually make things more

151
00:07:29.519 --> 00:07:30.480
<v Speaker 1>secure day to day?

152
00:07:30.680 --> 00:07:34.560
<v Speaker 2>It brings advanced tools together intelligently take advanced threat protection,

153
00:07:35.319 --> 00:07:38.600
<v Speaker 2>the integrated IDPs, intrusion detection and prevention.

154
00:07:38.360 --> 00:07:41.759
<v Speaker 1>Systems, so not just spotting attacks, but stopping them.

155
00:07:41.639 --> 00:07:46.000
<v Speaker 2>Right using everything from known attack signatures to anomaly detection,

156
00:07:46.120 --> 00:07:52.160
<v Speaker 2>behavioral analysis, sandboxing suspicious files, all working together, and crucially

157
00:07:52.319 --> 00:07:54.879
<v Speaker 2>being able to decrypt TLS traffic to see.

158
00:07:54.639 --> 00:07:57.360
<v Speaker 1>Inside because so much traffic is encrypted.

159
00:07:57.040 --> 00:07:59.120
<v Speaker 2>Now exactly, you can't protect what you can't see.

160
00:07:59.160 --> 00:08:03.399
<v Speaker 1>What about protecting basic things like browsing or DNAs aocin enhances.

161
00:08:03.040 --> 00:08:07.480
<v Speaker 2>That too, DNA security features like dns sec filtering known

162
00:08:07.560 --> 00:08:11.240
<v Speaker 2>bad domains help prevent basic hijacking and fishing. And then

163
00:08:11.279 --> 00:08:13.959
<v Speaker 2>there's remote browser isolation or RBI.

164
00:08:14.199 --> 00:08:16.160
<v Speaker 1>RBI that sounds interesting. How does that work?

165
00:08:16.240 --> 00:08:18.800
<v Speaker 2>It's pretty clever. Instead of your browser directly loading a

166
00:08:18.839 --> 00:08:21.879
<v Speaker 2>web page, the browsing happens on a remote, isolated server

167
00:08:21.959 --> 00:08:24.360
<v Speaker 2>in the cloud. Only a safe image of the page

168
00:08:24.439 --> 00:08:25.800
<v Speaker 2>is streamed to your device.

169
00:08:25.879 --> 00:08:28.399
<v Speaker 1>So if there's malware on the web page.

170
00:08:28.120 --> 00:08:31.199
<v Speaker 2>It detonates harmlessly in that isolated cloud container, not on

171
00:08:31.240 --> 00:08:33.159
<v Speaker 2>your machine. Your endpoint stays clean.

172
00:08:33.360 --> 00:08:37.919
<v Speaker 1>Nitt trick. Okay. What about controlling data and understanding user actions.

173
00:08:38.039 --> 00:08:41.440
<v Speaker 2>That's where ueboor it comes in. User and entity behavior analytics.

174
00:08:41.480 --> 00:08:42.480
<v Speaker 1>Behavior analytics.

175
00:08:42.559 --> 00:08:45.519
<v Speaker 2>Yeah, it learns what's normal activity for users and devices,

176
00:08:45.720 --> 00:08:49.639
<v Speaker 2>then flags anomalies so you can spot compromised accounts or

177
00:08:49.679 --> 00:08:52.120
<v Speaker 2>insider threats based on weird behavior.

178
00:08:52.240 --> 00:08:56.039
<v Speaker 1>Not just static rules, more context aware security exactly.

179
00:08:56.159 --> 00:08:59.679
<v Speaker 2>Yeah, which ties into sensitive data protection. Says can understand

180
00:08:59.679 --> 00:09:02.720
<v Speaker 2>the content text of data, is it sensitive, who's accessing it,

181
00:09:02.799 --> 00:09:06.840
<v Speaker 2>where is it going, and apply policies automatically block uploads,

182
00:09:06.879 --> 00:09:09.480
<v Speaker 2>force encryption, watermark files based on risk.

183
00:09:09.600 --> 00:09:13.200
<v Speaker 1>And this all falls under that UTM umbrella. Sometimes unified

184
00:09:13.240 --> 00:09:14.440
<v Speaker 1>threat management often.

185
00:09:14.519 --> 00:09:16.519
<v Speaker 2>Yeah, UTM is just a way of saying, you've got

186
00:09:16.519 --> 00:09:21.559
<v Speaker 2>a comprehensive suite firewall, IPS, malware protection, DLP, the works

187
00:09:21.639 --> 00:09:22.360
<v Speaker 2>all integrated.

188
00:09:22.480 --> 00:09:25.799
<v Speaker 1>Got it, so a very layered, integrated defense. How does

189
00:09:25.840 --> 00:09:28.720
<v Speaker 1>all this tech actually help businesses transform? Though? What's the

190
00:09:28.759 --> 00:09:29.799
<v Speaker 1>link to bigger goals?

191
00:09:29.879 --> 00:09:33.039
<v Speaker 2>It's a massive enabler. Think about multi cloud, it's complex

192
00:09:33.080 --> 00:09:38.320
<v Speaker 2>connecting securely to aws, asure Google Cloud, maybe private clouds nightmare.

193
00:09:38.360 --> 00:09:42.720
<v Speaker 2>Sometimes SACY simplifies that traumatically. You can automatically discover and

194
00:09:42.759 --> 00:09:45.799
<v Speaker 2>set up secure connections, managing both the data path and

195
00:09:45.840 --> 00:09:46.759
<v Speaker 2>the control signals.

196
00:09:46.840 --> 00:09:48.720
<v Speaker 1>So it smooths out multi.

197
00:09:48.399 --> 00:09:52.759
<v Speaker 2>Cloud adoption definitely. And it brings cloud dated flexibility, automatic

198
00:09:52.799 --> 00:09:57.879
<v Speaker 2>resource provisioning, consistent user experience wherever they are, simpler IT management.

199
00:09:58.360 --> 00:10:00.639
<v Speaker 2>It just fits the modern way way of operating.

200
00:10:00.720 --> 00:10:04.080
<v Speaker 1>So you get multi cloud readiness, built in security, better routing,

201
00:10:04.200 --> 00:10:05.879
<v Speaker 1>smart traffic steerings.

202
00:10:05.399 --> 00:10:10.799
<v Speaker 2>Sophisticated visibility analytics. Yeah, all those modern capabilities bundle together.

203
00:10:10.879 --> 00:10:14.120
<v Speaker 1>Okay, talk about simplification for the IT teams out there

204
00:10:14.159 --> 00:10:18.320
<v Speaker 1>feeling buried. How does SAC help with management and crucially

205
00:10:18.440 --> 00:10:20.440
<v Speaker 1>the budget huge impact here.

206
00:10:20.639 --> 00:10:24.200
<v Speaker 2>Faster administration and deployment is a big one. Automation handles

207
00:10:24.240 --> 00:10:28.039
<v Speaker 2>a lot of the setup and monitoring policies are consistent everywhere.

208
00:10:27.600 --> 00:10:30.000
<v Speaker 1>Less manual tinkering at each site wayless.

209
00:10:30.480 --> 00:10:33.480
<v Speaker 2>And then there's single pain visibility. This is gold one

210
00:10:33.559 --> 00:10:37.879
<v Speaker 2>dashboard to see everything, network performance, security events, user activity

211
00:10:37.919 --> 00:10:41.799
<v Speaker 2>across your entire estate, offices, clouds, remote users.

212
00:10:41.919 --> 00:10:45.960
<v Speaker 1>Moving from managing boxes to managing the user experience exactly.

213
00:10:45.639 --> 00:10:48.279
<v Speaker 2>Which gives you complete control. You see issues instantly, you

214
00:10:48.279 --> 00:10:51.519
<v Speaker 2>can change policies quickly, and this all drives down costs.

215
00:10:51.879 --> 00:10:55.320
<v Speaker 2>How so well, Capital costs drop because you ditch most

216
00:10:55.360 --> 00:10:59.080
<v Speaker 2>of that hardware appliance sprawl. Bandwidth costs often decrease using

217
00:10:59.080 --> 00:11:03.200
<v Speaker 2>direct Internet acts instead of expensive mpls everywhere it. Staff

218
00:11:03.240 --> 00:11:05.879
<v Speaker 2>costs go down thanks to automation and easier management.

219
00:11:05.919 --> 00:11:08.720
<v Speaker 1>And fewer security breaches must save money too.

220
00:11:08.960 --> 00:11:12.759
<v Speaker 2>Absolutely, Fewer breaches plus ZT and A shrinks the attack

221
00:11:12.799 --> 00:11:17.840
<v Speaker 2>surface dramatically, and finally scalability costs. Need a new branch

222
00:11:17.960 --> 00:11:20.600
<v Speaker 2>office or connect new cloud resource. Spin it up quickly

223
00:11:20.639 --> 00:11:23.320
<v Speaker 2>and easily in the SAT cloud, much cheaper and faster.

224
00:11:23.519 --> 00:11:25.879
<v Speaker 1>Let's make it concrete. Tell us about Acmebank. They had

225
00:11:25.879 --> 00:11:26.559
<v Speaker 1>the old setup.

226
00:11:26.679 --> 00:11:31.039
<v Speaker 2>Yep, Traditional Wan struggling with mobile banking demands, adopting cloud apps,

227
00:11:31.279 --> 00:11:36.279
<v Speaker 2>supporting work from home. The usual story needed better security, performance, visibility,

228
00:11:36.440 --> 00:11:39.080
<v Speaker 2>and less reliance on old telco lines. So they went

229
00:11:39.159 --> 00:11:42.360
<v Speaker 2>SaaS they did to play a single platform, integrating everything,

230
00:11:42.639 --> 00:11:48.399
<v Speaker 2>routing sd WAN security layers like Firewall, swgcsp DLP, even

231
00:11:48.519 --> 00:11:51.279
<v Speaker 2>RBI and UEBA all delivered as a cloud native service

232
00:11:51.320 --> 00:11:54.799
<v Speaker 2>and the result much simpler infrastructure. They could rapidly roll

233
00:11:54.840 --> 00:11:59.960
<v Speaker 2>out secure access to home offices, temporary locations. Security was stronger,

234
00:12:00.120 --> 00:12:04.799
<v Speaker 2>application performance improved, failover was better. Users got a consistent

235
00:12:04.840 --> 00:12:07.519
<v Speaker 2>experience everywhere. It solved their core problems.

236
00:12:07.600 --> 00:12:10.399
<v Speaker 1>That really illustrates the benefits. So if an organization is

237
00:12:10.440 --> 00:12:13.039
<v Speaker 1>looking at SaaS, what are the key things to focus

238
00:12:13.080 --> 00:12:14.399
<v Speaker 1>on best practices?

239
00:12:14.919 --> 00:12:18.159
<v Speaker 2>Critically? Look for a true single software stack. Was it

240
00:12:18.200 --> 00:12:20.559
<v Speaker 2>built integrated from day one or is it just different

241
00:12:20.600 --> 00:12:21.600
<v Speaker 2>products stitched together?

242
00:12:21.720 --> 00:12:22.960
<v Speaker 1>Why does that matter so much?

243
00:12:23.039 --> 00:12:27.879
<v Speaker 2>Performance usually and fewer potential security gaps between the components.

244
00:12:28.320 --> 00:12:31.080
<v Speaker 2>Easier management too. A ground up design.

245
00:12:30.799 --> 00:12:33.440
<v Speaker 1>Is generally better, Okay, unified architecture, what else?

246
00:12:33.559 --> 00:12:36.720
<v Speaker 2>Focus on contextual security and access? How well does it

247
00:12:36.799 --> 00:12:40.759
<v Speaker 2>use identity, device posture, location, maybe even UiB insights to

248
00:12:40.799 --> 00:12:45.320
<v Speaker 2>make access decisions that Role based access control RBAC needs

249
00:12:45.320 --> 00:12:47.000
<v Speaker 2>to be really granular.

250
00:12:46.519 --> 00:12:49.200
<v Speaker 1>And dynamic adaptive security right, and.

251
00:12:49.159 --> 00:12:52.879
<v Speaker 2>Think about the future scalability for new technologies. Is the

252
00:12:52.919 --> 00:12:57.039
<v Speaker 2>platform ready for IoT five G, whatever comes next? These

253
00:12:57.080 --> 00:13:01.279
<v Speaker 2>things demand huge processing power and flexible secure. It needs

254
00:13:01.279 --> 00:13:02.200
<v Speaker 2>to be future proof.

255
00:13:02.279 --> 00:13:05.240
<v Speaker 1>Good point, So boiling it all down, what's the checklist

256
00:13:05.279 --> 00:13:06.320
<v Speaker 1>for a good SaaS solution?

257
00:13:06.480 --> 00:13:11.279
<v Speaker 2>Okay, key things flexible delivery, cloud on prem hybrid, check

258
00:13:11.440 --> 00:13:16.519
<v Speaker 2>single pass architecture for performance, check global pops for low latency.

259
00:13:16.279 --> 00:13:18.440
<v Speaker 1>Check single management console.

260
00:13:18.200 --> 00:13:23.000
<v Speaker 2>Essential, future proof design, yes, elastic, scalable pricing important. Does

261
00:13:23.080 --> 00:13:28.080
<v Speaker 2>it have integrated DLP UBR RBI. Look for those advanced features.

262
00:13:27.639 --> 00:13:29.080
<v Speaker 1>And independence crucial.

263
00:13:29.399 --> 00:13:32.679
<v Speaker 2>Needs to be independent of specific cloud providers, hardware vendors

264
00:13:32.799 --> 00:13:36.200
<v Speaker 2>or network transports. Gives you freedom and avoids lock in.

265
00:13:36.440 --> 00:13:39.519
<v Speaker 1>Fantastic. It really feels like SaaS isn't just incremental, It's

266
00:13:39.559 --> 00:13:40.759
<v Speaker 1>a fundamental rething.

267
00:13:40.919 --> 00:13:44.080
<v Speaker 2>It really is. It tackles the reality of today's distributed

268
00:13:44.279 --> 00:13:48.399
<v Speaker 2>cloud first world head on by merging networking insecurity into

269
00:13:48.480 --> 00:13:49.879
<v Speaker 2>one cloud native service.

270
00:13:49.960 --> 00:13:51.960
<v Speaker 1>So we've covered a lot. AS is clearly here to

271
00:13:52.000 --> 00:13:54.559
<v Speaker 1>stay and essential for modern enterprises.

272
00:13:54.159 --> 00:13:57.840
<v Speaker 2>No doubt. It addresses the core security and connectivity challenges we.

273
00:13:57.879 --> 00:14:00.639
<v Speaker 1>Face now, which leads to a final thought. As tech

274
00:14:00.720 --> 00:14:04.919
<v Speaker 1>keeps blurring boundaries, think quantum computing, breaking encryption, or maybe

275
00:14:04.919 --> 00:14:06.480
<v Speaker 1>fully immersive metaverses.

276
00:14:06.600 --> 00:14:09.200
<v Speaker 2>Yeah, whole new frontiers or edges.

277
00:14:09.519 --> 00:14:13.639
<v Speaker 1>Exactly how does this trust nothing idea evolve beyond sas?

278
00:14:13.840 --> 00:14:15.679
<v Speaker 1>What new edges are going to pop up that we

279
00:14:15.720 --> 00:14:17.919
<v Speaker 1>haven't even imagined yet that will need securing?

280
00:14:18.320 --> 00:14:21.200
<v Speaker 2>That's the multi billion dollar question. Isn't it something for

281
00:14:21.240 --> 00:14:23.440
<v Speaker 2>everyone to ponder as they look at securing their own

282
00:14:23.480 --> 00:14:27.720
<v Speaker 2>digital landscape today and tomorrow. SaaS is the path now,

283
00:14:28.279 --> 00:14:29.600
<v Speaker 2>but the evolution won't stop.

284
00:14:29.600 --> 00:14:32.000
<v Speaker 1>There a lot to think about. That wraps up this

285
00:14:32.039 --> 00:14:34.360
<v Speaker 1>deep dive on SASE. We hope this gave you a

286
00:14:34.440 --> 00:14:38.759
<v Speaker 1>clear view of this critical technology. Until next time, stay curious.