How important is policy management when selecting the right Unified SASE solution?

Is a high performant SD-WAN the most important step in a successful secure network access transformation journey? Maybe but maybe not. Clearly the network is critical; it is the foundation of your whole SASE architecture and so I could argue it is the MOST IMPORTANT thing to get right. It is the most obvious thing to get right and likely why so many companies put this as their number one requirement. Would you build a million-dollar home on a poor foundation?

What is not so obvious is policy management and that is the reason behind this blog.  Most people do not look at the long-term implications and impact of policy management.  They don’t consider the underlying architecture and what the hidden costs are. What appears simple on the surface might get complicated very quickly and what appears complicated at first might end up having incredible business value. Let me explain.

Policy Management Plays a Crucial Role 

Problem #1: Many companies architect SASE and try and simplify things by having only one policy table to update. On the surface one policy table is easier than many, right?  What could be wrong with that I hear you ask?  Well, nothing when you first start but what happens as your policy table grows?  You add more users, more branches with their own security needs….  This equals more and more variations in the policies.   More rules and more “What if’s”.  The policy table grows and grows.  Nothing gets deleted as administrators fear a mistake and so over the years it becomes more and more unmanageable, and the expertise required to understand all the policies means only experts can manage the policy table.  If you are familiar with spaghetti code when developing applications, then exact the same thing happens here.  This sounds overly complex and over the years it is – it gets worse and worse.  Not only is this complex for administrators but it impacts performance as well.  The bigger the policy table, the longer it takes to process and so the more likely application performance deteriorates. You must watch out for this.

Another problem I hear about is Problem #2 – it is the opposite. Let’s say you implemented Hybrid (aka 3rd party) SASE. What happens if you support a combination of firewalls? Edge-based firewalls in some locations and cloud-based security in other locations. That means different policy tables, different set up and complex management. This adds time, effort, and security risks as there is more opportunities to make mistakes. Vendors might have different point products for edge and cloud and might not have unified controls to manage policies in a uniform manner. A single unified control plane for policy orchestration and change management can be very advantageous to simplifying IT and/or InfoSec’s responsibilities. (For a quick overview about the difference between Hybrid versus Unified SASE, watch episode 3 of our Get SASE in 5 series.)

Aryaka Unified SASE as a Service Simplifies Policy Management

Hopefully these two different problems highlight why policy management needs to be SIMPLE. Not only does it need to be simple, but it needs to be efficient as well. Security must not slow down performance. Our engineer’s realized this as we were building our Unified SASE as a Service and so we can prove we have the simplest and most efficient policy management architecture in the industry. In a recent internal meeting, we got a salesperson to create 3 policies in 30 minutes with very little training. It is a game changer and when you hear how it works and when you see how simple it is you will be impressed.

If after reading this you want to learn more, I will get one of our solution engineers to contact you.  No obligations – we are committed to being thought leaders and educating people about SASE.  It can be overly complex and what first appears simple is not.  Please reach out and talk to us by clicking the link below.

Book a Demo

About the author

Ryan Livesay

Ryan Livesay stands at the intersection of technology and sales, driving results as the Senior Vice President (SVP) of Solution Engineering at Aryaka. Known for seamlessly blending technical depth with savvy sales insights, Ryan's impact was particularly evident during his three-year tenure as Aryaka's SVP of Sales. At the core of his leadership style is a genuine dedication to empowering global teams. These teams, under his guidance, consistently prioritize the evolving needs of customers and partners, delivering solutions that are both innovative and efficient. Before his time at Aryaka, Ryan held key leadership positions at Interface Security and Earthlink, further cementing his reputation in the industry.