Global Pharmaceutical Company Accelerates Comparison of SASE Solutions
In This Case Study
Mergers, acquisitions and divestitures have become an increasingly common use case for secure access service edge (SASE). Whether absorbing a company or spinning off a new one, organizations must ensure their networks can facilitate a smooth transition. By putting more services at the cloud edge, organizations can support changing traffic patterns and apply universal security policies.
A global pharmaceutical company knew that a SASE solution could help it deliver a consistent, secure user experience across IT and OT networks ahead of a large divestiture. SASE could also eliminate technical debt by consolidating competing networking and security tools, as well as better support its mobile workforce and further its goal of increasing the organization's cloud presence overall.
Although the company understood the benefits of SASE, it needed help evaluating the many components of SASE and changing vendor landscape to land on a solution that best met its business and technical requirements.
The company turned to WWT to provide vendor-independent guidance, an accelerated understanding of the SASE market and a way to compare different solutions in short order.
The company was interested in learning more about six SASE solutions: Palo Alto Prisma Access, Zscaler, Cisco Umbrella, Netskope, Akamai and Fortinet FortiSASE. To accelerate its understanding of the solutions, we prepared a paper proof of concept (POC) that scored solutions based on evaluation criteria most requested by our customers. Criteria included: operational simplicity; analytics, visibility and telemetry; cloud access security broker (CASB); advanced security capabilities; remote access as a service (RAaaS); and completeness of SASE vision.
After presenting the paper to perimeter security and networking teams, stakeholders wanted to explore four of the six solutions: Palo Alto Prisma Access, Zscaler, Cisco Umbrella and Netskope. With labs for each technology already in our Advanced Technology Center (ATC), we were able to quickly set up a product comparison proof of concept.
It was important for the company to gain hands-on experience with each solution outside the influence of a particular vendor, especially given that the company already had certain vendors within its environments. At a high-level, this meant the customer wanted to see how each solution:
- Delivered a consistent user experience.
- Facilitated a zero trust network architecture.
- Provided a homogenous security platform.
- Reduced redundant toolsets.
- Shrunk its physical footprint.
At a low-level, this manifested in testing:
- Threat prevention.
- SSL/Decryption functionality and processing.
- In-line and OOB CASB.
- CSPM and SSPM.
- RAaaS (both on-prem and IaaS).
- Load sharing (ECMP) and network convergence.
- Standards-based IPSec/BGP routing.
- Integrations like Splunk, MDM, third-party security tools and IDP.
Performing like-for-like comparisons of these many components required us to leverage multiple testing tools, data centers, branch sites and cloud connectivity in the ATC. The lab environment included more than 70 devices under test and more than 70 test cases for each solution. It also included live ATC internet connectivity to each SASE solution with an AWS infrastructure-as-a-platform environment similar to the company's.
The company is still analyzing results from the product comparison POC but has ample time to select and implement a solution ahead of its divestiture. And it is able to do so without the cost- and time-intensive process of procuring vendor equipment.
Further, the company will be armed with data outside of a vendor's influence. Different vendors possess different strengths, weaknesses and approaches to networking and security. Vendor-led POCs and pilots will highlight a solution's strength and deemphasize areas where a solution might still be developing capabilities.
SASE will play an integral part in a smooth divestiture, increasing the company's cloud adoption, simplifying the implementation of security policies and guaranteeing a consistent user experience as the business continues to innovate.