Ziyi Lu , Senior Vice President (CTO) of NOVA Technology: SASE—a new network security architecture in the digital era


In the era of digital economy, the demand for cloud migration, mobile office, and overseas expansion among enterprises has surged. Various digital application scenarios are emerging in endlessly. The boundaries of business access are expanding infinitely around the world. Enterprises and even the entire world are connected in more ways than ever before. All are more complex, which undoubtedly poses higher requirements and challenges to network information security. How to provide enterprises with more flexible and convenient cloud network security integration solutions has become the focus of market attention.

In the process of digital transformation, enterprises face many difficulties, ICT management has become increasingly complex, and security threats can be seen everywhere. From an enterprise perspective, improving flexibility, security, and reliability while reducing costs is an urgent need in the process of enterprise transformation. As a transformative technology in the field of network security, SASE emerged as the times require, solving the access challenges caused by blurred network boundaries and business resource integration, and meeting the security needs of enterprises in their transformation and upgrading.

ICT digitalization faces three major dilemmas:

Digital transformation can become an important means to improve the operational resilience of small and medium-sized enterprises, and can help small and medium-sized enterprises optimize operating efficiency, expand business coverage, and enhance competitiveness. Therefore, we can see that companies are either in the process of digital transformation or on the road to transformation. However, the transformation path is not as easy as imagined.

First, more and more enterprises are moving applications from traditional data centers to the cloud, such as distributed deployment in SaaS, public clouds and even hybrid clouds. Secondly, access to enterprise applications by remote office and mobile office is decentralized, breaking the The traditional security boundary has been broken, and security threats can be seen everywhere; third, network and security are provided by multiple suppliers, and network services and security services are separated and cannot interact.

To solve these thorny problems, on the one hand, an innovative architecture is needed. No matter where the applications and resources are distributed, users and devices can ensure that their access paths are optimized through the innovative architecture, while a unified security policy ensures a consistent user experience. ; On the other hand, the integration of network services and security services improves efficiency and responds quickly.

"NOVACLOUD SASE" protects enterprises:

"NOVACLOUD SASE" is this innovative network and security integration architecture. "NOVACLOUD SASE" launched by NOVA Technology integrates the company's "cloud, network, and security" resource pool to provide simple, scalable, flexible, low-latency and ubiquitous security capabilities, and provides customers with a subscription-based model A one-stop high-efficiency and highly intelligent solution.

"NOVACLOUD SASE" can not only embed security capabilities into the gateway of the customer's office, but also further deploy security capabilities to the POP nodes of NOVA Technology's edge computing, turning security capabilities into cloud-native services. As long as users connect to the nearest SASE POP point, they can enjoy cloud-native security capabilities while obtaining global high-quality WAN services.

NOVA Technology has always advocated security as a service. Enterprises only need to tell us their security needs. There is no need to buy security equipment, firewalls, or too much labor cost. We can design and implement according to customer needs to help customers be flexible and convenient. Complete a complete life cycle of operation and maintenance and iterative upgrades.

"NOVACLOUD SASE" has three application scenarios:

1. In terms of SD-WAN security, "NOVACLOUD SASE" embeds security functions into the box of the enterprise site, and realizes the on-demand combination of SD-WAN network components and security components at the corporate headquarters or branch site to protect enterprise security nearby. It also supports modular addition of security components and flexible subscription.

2. In terms of cloud native security, "NOVACLOUD SASE" can deploy cloud native security components on the network nodes of the backbone network to form a POP node with security functions - SASE POP. By connecting to SASE POP, enterprises can obtain network and security capabilities at the same time and relieve site pressure. At present, NOVA Technology's POP points covering the world have been upgraded to SASE POP.

3. In terms of zero trust solutions, "NOVACLOUD SASE" performs security management and control on clients to achieve network security protection for multiple terminals such as computers and mobile phones. Drive network behavior with identity, dynamic verification, and continuous protection. It has strong compatibility and is easy to install.

The emergence of SASE means that enterprises have changed from investing in hardware equipment for border protection to elastic purchasing of security capabilities from the cloud in a subscription model, which means a shift from multiple suppliers to a single supplier.

NOVA Technology will continue to adhere to self-research, continue to gain insights into the market and customer needs, and add functions to the NOVACLOUD SASE platform that are more suitable for customer needs. In addition, it is possible to make greater investments in protecting data privacy and security, and introduce machine learning and other capabilities to improve operation and maintenance efficiency, respond to security threats faster, and bring better and more extreme results to customers. service experience.