Security vendor NetMotion recently announced the general availability of its new secure access service edge (SASE) platform as a cloud-hosted offering.  Enterprises using the solution can take advantage of its software-defined perimeter (SDP/ZTNA), enterprise VPN and experience monitoring solution as a SaaS subscription.  The company has also made it available on Microsoft Azure.

To find out more, VMblog reached out to NetMotion's Chief Marketing Officer, Joel Windels.

VMblog:  Tell us a little bit about NetMotion's new SASE solution.

Joel Windels:  Launched publicly in early December, our new SASE solution is designed to give customers with an increasingly distributed workforce greater flexibility in the way they extend their security perimeters. The SASE architecture has become increasingly popular with mid-market companies and enterprises, where threats against mobile and remote workers are increasing, as millions say they never plan to permanently return to their office. 

Our SASE solution builds on our world-class security platform, which is available as a SaaS security solution offering integrated transport and web proxies, distributed firewalls, network access control (NAC), a zero-trust-based software-defined perimeter (SDP), a VPN highly optimized for mobile access, and a highly customizable policy engine with machine learning and risk analysis capabilities.

VMblog:  What are the advantages of SASE vs. traditional network security architectures?

Windels:  Cloud services themselves have become a way of life for many IT teams tasked with implementing new technology. The benefits of cloud-hosted services like NetMotion's SASE solution are clear - including fluid scalability, implementation simplicity, a reduction in maintenance and more powerful security controls. Unlike traditional network security architectures, with a cloud-first SASE approach, IT teams don't have to worry about hardware failures, operating system patches or software updates. It's all taken care of on the backend.

In addition, SASE allows companies to adopt a zero trust approach to remote access, extending the security perimeter to the mobile edge and allowing IT to set strict security protocols. These limit access to only those that need it at the right time and place, while also reducing the risk of lateral movement within the network.

VMblog:  How does NetMotion differentiate its SASE solution from others in the market?

Windels:  First off, we built our SASE solution from the ground up to support both mobile and 5G environments, leveraging decades of experience in the enterprise VPN marketplace. The solution was designed to evolve and scale with our customers' organizations, and to provide the best, most secure remote user experience.

Our SASE solution works by gathering a variety of data about the application being used, the location of the device, the condition and trustworthiness of the network it is connected to and much more. It then uses this real-time data to build a unique risk profile for each individual resource request, evaluating it on its individual merits and determining whether the user should be granted access.

In addition, NetMotion's platform is offered as a cloud-based subscription, allowing setup in just a few minutes, with built-in digital experience monitoring of end users. This technology offers huge added value for IT teams, who say the events of 2020 have made them more likely to invest in digital experience monitoring as a result of the events of 2020.

VMblog:  Why leverage Microsoft Azure when building NetMotion's SASE solution?

Windels:  We chose Microsoft Azure due its extremely robust infrastructure with presence in 60+ global regions, making it a great match for our international customer base. We also felt like Microsoft clearly understands our vision to help customers transition to a cloud-first approach that emphasizes the user experience without sacrificing security or productivity. In addition, as a fellow Seattle-based company, we're longtime partners with Microsoft in providing seamless and secure remote access, so leveraging Microsoft Azure's cloud compute background offered its own unique integration benefits for customers, especially those using Endpoint Manager, Intune or Office 365 applications.

VMblog:  Is it just remote work that's driving increased adoption of zero trust?  Or are there other factors at play?

Windels:  Providing secure remote access in a frictionless way is essential for an increasingly distributed and remote workforce. However, it's not just remote work that's driving increased adoption of the zero trust approach to network security. The increase in cloud migration - as part of organizations' digital transformation - requires organizations to reconsider their approach to network security. In addition, many legacy VPN tools used at the enterprise level were not designed for remote access, and unfortunately degrade the user experience. While some customers may have learned to put up with that in the past, they no longer need to settle for a second-rate experience just to fit the needs of their security and IT teams. Zero trust tools eliminate the need to throttle or scale back remote connections by giving individual users the access that they need at the right time, according to pre-set conditions and rules.

VMblog:  For companies looking to adopt a zero trust approach to remote access, where should they start?

Windels:  The shift to zero trust isn't expected to happen overnight. A good first step for any organization is to ensure that all of its resources can be accessed securely, regardless of location. In addition, logging and inspecting all traffic via end-point based network security allows companies to "always verify" and set up mechanisms for enforcement beyond access controls. 

VMblog:  Is SDP and other forms of zero trust making the VPN obsolete?  Or are there instances where VPNs will still be important going into 2021?

Windels:  To be sure, 2020 has been a breakout year for increased adoption of zero trust. Many consider the traditional model of ‘one to all' too risky for a workforce now operating mostly remotely. Put another way, the idea of using user credentials and nothing more to grant access to the entire corporate network is no longer thought to be a sensible approach. Even with multi factor authentication (MFA), the structure of legacy VPNs - which grants full access to anyone holding the correct credentials - simply puts organizations at greater risk of attacks.

However, a recent NetMotion survey found that 98% of companies today continue to rely on at least one on-premise application. For that reason, many legacy organizations continue to use VPNs in some capacity, and a phased adoption of zero trust - leveraging a cloud option together with a VPN - may be necessary. But for organizations with the opportunity to build out their infrastructure from a clean slate or for organizations further along on their transition to the cloud, the advantages of zero trust over VPNs are clear.

VMblog:  As we wrap up, is there anything else you'd like to add?

Windels:  Remote working isn't going away any time soon, which means companies need to do more to address the increased risks associated with remote work. Zero trust - and SASE solutions in particular - offer a secure, scalable and frictionless way to do just that.

##