The rise of today’s mobile workforce and the shift to software-as-a-service solutions have made it critical for federal agencies to fortify security controls at the edge of their networks. That effort — and the growing need for Secure Access Service Edge (SASE) solutions — has gained added importance at federal agencies in light of federal zero trust mandates, say security specialists in a new FedScoop interview.
“At its core, there are really three things driving SASE,” says Drew Epperson, vice president for federal engineering at Palo Alto Networks.
“The first thing is, SASE implementations are really meant to drive consistency — on any app, on any device, for any user, anywhere in the world. The second is user experience… (by improving) application performance. The third is SASE provides for continuous integration and a continuous delivery mechanism to drive new features and functionalities on demand through cloud infrastructure.”
The ability to dramatically improve performance and security has been proven at the Department of Education, confirms Wayne Rodgers, the department’s Zero Trust lead and program manager.
“Once we migrated to SASE, we no longer had to ‘split-tunnel’ traffic to inspect certain types of traffic because of bandwidth constraints. We were able to not just maintain but significantly increase performance while breaking and inspecting all traffic — which is a very important capability. Otherwise, you’re not going to be able to see what’s coming in at Layer 7 — at the application layer,” he explains.
After implementing SASE, Rogers says he saw the speed of data delivery increase up to 10-fold compared to what he normally saw working on Wi-Fi at home. “We’ve gotten praised all the way up from deputy secretary on down, and all the senior leaders basically saying the performance is much better on SASE than on our old VPN,” he says.
The speed with which the Education Department implemented SASE also earned praise from experts like Epperson at Palo Alto Networks and Joe Kim, CTO and executive vice president for engineering Squadra Solutions, which helped execute the department’s migration to SASE.
Rogers credited the rollout to a combination of senior leadership’s commitment to tackling Zero Trust mandates, success in tapping the federal Technology Modernization Fund, and a strategy involving a dozen internal working groups and holding daily lunch-and-learn sessions with typically 70 to 80 users a day.
Bringing in the right combination of networking and security experts, coming up with a clear-cut requirements list and truly understanding what kind of traffic was going through the Education Department’s IT environment were also critical to implementing SASE, adds Kim.
All three executives offer respective lessons learned and recommendations on supporting the adoption of a SASE platform at federal agencies. Kim, in particular, noted the importance of comparing solutions in the commercial space today, not just what’s provided through FedRAMP, the government program that provides standardized security solutions.
This video panel discussion was produced by Scoop News Group, for FedScoop and underwritten by Palo Alto Network and Squadra Solutions.