How Secure Access Service Edge Advances Ongoing Government Modernization


The modernization of government computing has occurred these days during a time of increasingly sophisticated cyber threats and a dramatic expansion of government cyber defense operations.

Government organizations, like many large enterprises, are experiencing significant changes in the way users expect to access information and services. At the same time, government organizations are adopting new service delivery models. As a result of these changes, there is a need to upgrade security architectures to provide cyber defenders with the enhanced capabilities they need for their assigned missions of protecting users and private government information.

Civilian agencies meet network security requirements primarily through the Trusted Internet Connection (TIC) program. Enterprise-level capabilities are implemented at each branch’s connections to the Internet and essentially create a trusted branch zone connected to an untrusted zone (the Internet).

The Department of Defense has implemented a security architecture that aligns with the organization’s cyber defense roles and responsibilities, providing a robust set of capabilities for every cyber defense organization. The DoD embeds cyber defenses at every critical edge position, and security policies and sensor data are aligned with the organization’s responsibility to defend every part of the network.

In both agency models, the government supports user access and service delivery changes by creating forced network flows (backhaul) and setting additional limits – for areas such as access to the cloud – which provide a secure boundary connecting DoD or civilian agency networks to commercial clouds and mobility gateways. This traditional approach gives cyber defenders the capabilities and visibility they need when modernizing mobile and multi-cloud services, but it slows the path to modernization and introduces operational inefficiencies, operational complexities, costs and high risks. Indeed, the government’s traditional centralized security approach leverages complex networks and security stacks comprised of a multitude of vendors (JRSS in the DoD and ICT 2.0 architectures in civilian agencies) with disparate management systems, difficult to integrate and exploit. The solutions chosen are usually hardware-based, which increases costs and forces government customers to depend on a particular hardware stack. Often, as requirements change (such as moving to cloud-based storage, expanded remote access, or cloud-based backup), hardware becomes obsolete before deployment, wasting valuable budgets. A software stack that runs on general-purpose x86 technology delivers speed, agility, and cost savings.

Three forces – changing user expectations, changing service delivery models and increasing cyber threats – combine in difficult ways for government organizations. As users shift to more remote and mobile access, services are shifting to a multi-cloud model with mission-critical and sensitive services distributed across traditional data centers, on-premises, and commercial clouds. For example, the challenges of implementing comprehensive client-cloud security solutions arise as government agencies transition to multi-cloud environments and need to provide increasing support to remote employees.

In addition to supporting and enabling a wide range of government modernization efforts, there are some related challenges that need to be addressed with the traditional approach to delivering cyber defense capabilities. For a highly regulated industry where any breach can lead to national security and compliance issues, security is clearly one of the biggest concerns in the government sector. A compromised device within the network can quickly infect other devices, rendering them inoperable and unsafe to use, and possibly creating a public safety issue. This increases the risk of critical records being stolen or rendered inaccessible, and even facility shutdowns as a precaution.

When organizations decide to expand to new geographic locations by opening new branch offices, the role of IT is critical to onboarding a new location quickly. Centralized SD-WAN administration and console makes it easy to activate new services and locations, and adjust policies remotely for immediate results, without having to worry about the costs, resources, and logistics associated with setting up a new IT infrastructure at a new location.

A new approach to integrating security and networking into a single solution called Secure Access Service Edge (SASE) enables government IT teams to proactively configure application transport policies and network routes to make in the face of traffic spikes, instead of having to upgrade circuits and bandwidth. It tightly integrates security features into networking and SD-WAN capabilities, while adding analytics. When government organizations can take advantage of low-cost broadband, SASE helps them by making it more secure and business-ready. SASE helps government vendors prepare for the event of a natural disaster or pandemic, while protecting government information that should remain private and secure.

SASE creates a secure bridge between the access and the service edge (the cloud, the data center, the network, the Internet). It relies on the identity of an individual, device, application or service for safe and secure access. Simply put, SASE’s goal is to provide secure anywhere user access to all applications and data, regardless of where the user is. It combines the functionality of SD-WAN and network security through the cloud so that government organizations can more effectively manage security at the edge.

Government agencies and federal and state organizations are arguably some of the most information technology intensive sectors in the world, and the opportunities to leverage advanced technologies to improve service quality, achieve affordability and improve user experience are wide open. SASE and SD-WAN enable government IT managers to create a more robust, reliable, and dependable network infrastructure to operate efficiently and securely. By creating the perfect balance of network security, manageability, efficiency and operational performance, government IT managers and groups can deliver affordable, world-class services to workers to ensure government mobility and security. data security.

Ed Elmore is Director of Federal Markets for Versa Networks.


Comments are closed.