Asia’s financial services market is quite sophisticated. Policy makers, regulators and customers have pushed banks, even the most traditional ones, to constantly optimize their digital infrastructure and securely deliver better experiences. In the past year, the pace of change in the digital space has been significant and has forced leaders to rethink their network architectures entirely.
Today, employees demand flexibility in where they work, what network and devices they use, and which applications they leverage. Customers demand better digital experiences in their phones, on their desktops, and in nearby kiosks and branches. These demands have led banks to realize that a wholesale move to the cloud is inevitable. Of course, bankers know that the cloud isn’t a destination, it’s a journey to a more flexible, scalable, agile digital future-state.
To realize the full benefits of that future-state, banks need to do two things. First, they need to upgrade their network, and second, they need to transform their security capabilities, which today, involves deploying SASE. One of our customers – a leading bank in Asia – decided to embark on a journey to do both of these things simultaneously.
Our client has a large number of employees. In the corporate offices and in branches, employees not only use secure banking applications but also personal devices and consumer applications. Aside from this, staff also use a lot of video – for collaboration, learning, and even entertainment. In branch and kiosks, customers need access to the internet.
All this raises not only concerns about the security of critical banking applications, but also the overall experience as usage spikes might result in bandwidth issues. And this is just the tip of the iceberg. We haven’t even started talking about the security concerns raised by remote workers or the need for observability and automation in the grand scheme of things as the organization inches closer to cloud success.
Fortunately, the client wasn’t daunted by all this. They resolved to stay focused on the cloud and achieving the future-state they envisioned.
The big picture: Converge to win with SASE
SASE stands for Secure Access Service Edge and is made up of SD-WAN and cloud-native network security components such as CASB (Cloud Access Security Broker), FWaaS (Firewall as-a-Service), ZTNA (Zero Trust Network Access), and so on. Gartner came up with the definition for SASE in 2019 and shared a vision for security that is fit for the cloud-era – and as organizations put together these components, they realize that winning with SASE requires big picture thinking.
Simply put, while various security solutions can work together to provide a good defense theoretically – stitching them all together didn’t work in the real-world and resulted in significant delays in identifying and responding to threats.
The way to win, then, isn’t to deploy SASE piece-by-piece. Instead, organizations must find a partner who can provide solutions across the spectrum and offer a platform to tie everything together in a way that not only provides observability across the network but also the ability to automate maintenance across the length and breadth of the architecture. This is especially true for organizations looking to accelerate their journey to a digital, cloud-first, application-driven future.
At Cisco, we refer to this as ‘converge’ and believe that organizations that set out on their SASE journey with this big picture in mind have an advantage over others. I shared this concept in a recent blogpost and am really excited to see not only client organizations thinking about this but also telco leaders who are beginning to explore the value they can bring as a partner to this transformation.
In fact, the Asian banking client we mentioned earlier, found that working with a telco partner to drive their SASE deployment was what really helped add momentum to their project while keeping their investment in control.
A results-oriented approach to security
The challenges that the bank faced were significant but the solution that was deployed was quite simple – and that’s where the beauty of the engagement lies.
With Cisco and a telco leader as its partners, the bank first rolled out SD-WAN across nearly 1,500 branches and its corporate office. Doing so enabled the team to boost bandwidth to serve staff and customers irrespective of how much their needs grew. In addition, thanks to SD-WAN, they were able to augment their network to supplement their MPLS network with consumer internet for better bandwidth and site availability and reduced downtime.
Next, once connected, they deployed a series of security solutions from Cisco’s portfolio that enabled them to control their network and secure it in a meaningful way. Finally, they pulled the ‘converge’ lever to pull everything together on a single platform provided by us which allowed them to not just gain end-to-end visibility across its applications and services but also enable automations that save time with maintenance as well as defense (reducing mean time to respond to threats).
Given the extensive network of branches the customer had, the automation offered by this deployment saved them many headaches – there was no need to code each local router manually as settings could be implemented as policies with just a few clicks.
Since banks operate in a regulated environment, this was a big win for the client who wanted to avoid human errors during the rapid roll-out of SD-WAN across the organization.
From a security perspective, since all the components are supplied by Cisco, everything works smoothly together and can be controlled effectively – providing the full protection of SASE as promised to business leaders.
It’s worth mentioning here that while the client could have achieved the same result by deploying the network and security solutions themselves, working with a telco allowed them to enter into a ‘Managed Service Level Agreement – Enterprise Agreement (MSLA-EA) Match’ which made the entire project more cost effective and scalable as the telco takes on the responsibility for license management and bandwidth.
Ultimately, the bank was able to modernize its network and deliver on staff and customer expectations as far as experience and security are concerned. This project, of course, gave the organization significant mileage in terms of its cloud vision and helped it reach a future-state where it is not only more dynamic but also more resilient and prepared to win in the digital era.
To learn how you can get started with SASE Convergence and leverage it to take your network and security to the next level, take a look at Gartner 2021 Strategic Roadmap for SASE Convergence.