The Role and Benefits of a Hybrid Approach to Secure Web Gateway (SWG)
A hybrid approach allows organizations to make their journey to the cloud at their own pace
At Symantec, a division of Broadcom, securing the future of the enterprise is not a binary choice. Although many organizations are under pressure to think so, it is not a matter of either “only on-premises” or “all-in” with cloud. The reality is that the migration to a cloud-based future is a spectrum that every enterprise is on. It is not just a one-time event, it’s a journey.
It has become almost cliché to call out that the pandemic is accelerating digital transformation. Driving much of that momentum is a shift to remote work so profound it turned the world upside down. Now that shift is showing every sign of becoming permanent. A recent survey by ESG Research confirms that more than 70 percent of organizations are now in favor of supporting work from home for at least some of their employees.
The reality is that the migration to a cloud-based future is a spectrum that every enterprise is on. It is not just a one-time event, it’s a journey.
At the same time, however, that same ESG report reveals that nearly half of all organizations would like to continue using their office locations on a hybrid basis. The challenge for these organizations is how to secure and manage both office and remote work locations while moving forward with digital transformation. Adding to the pressure is a near-incessant drumbeat from cloud vendors calling on them to move ever faster with their cloud strategies.
It’s not a binary choice between office and work from home. It’s not an either/or scenario.
Moving to SASE
“Whether due to compliance concerns, network complexity, or simply preference,” says ESG Senior Analyst, John Grady, in a recent ESG White Paper entitled, The Role of a Hybrid Approach on the Journey to a Cloud-delivered Secure Web Gateway, “many organizations will continue to manage on-premises secure web gateways as part of a hybrid approach, while progressing to the cloud over time.” This requires the associated network and security infrastructure to support their office locations and workers.
The dilemma is that there are challenges with network security tools in hybrid environments that can make doing both these things too quickly a recipe for disaster. Among these issues are:
- Inconsistent management across physical, cloud or virtual environments.
- Performance issues that negatively impact the user experience.
- Too many disparate tools.
- Implementation and management complexity
- Lack of scalability as the solutions have problems keeping up with the pace and rate of change.
The need to address these challenges is why the pendulum is swinging towards the new vision for network security called Secure Access Service Edge (SASE). SASE is a comprehensive architecture for network security based on the principles of Zero Trust. It calls for a convergence of the network security services and infrastructure for on-premises, cloud, and edge architectures into one single, cloud-delivered service model.
But just as the work environment is not a binary choice, the journey to SASE is also not an either/or scenario.
No Security Tool Operates in a Silo
Despite the accelerating migration to cloud, a majority of organizations are looking for a solution that offers options. Nearly 70 percent of enterprises surveyed in the ESG report anticipated that half or fewer of their network security tools will be cloud-delivered. A third of the organizations surveyed went further to rank support for hybrid architectures as one of the top three attributes of SASE.
What the vast majority of enterprises are coming to realize is that digital transformation is a multi-year process. Move too quickly and the pain may very well exceed a temporary gain. A “lift and shift” scenario is just not that easy.
No security tool operates in a silo and secure web gateways are no exception. Many integrate with 3rd party vendor solutions. Reconstructing those integrations is a heavy lift and may include such critical enterprise security tools as:
- Advanced Threat Protection, Data Loss Prevention (DLP)
- Intelligence Services
- Cloud Access Security Broker (CASB)
- Network Detection and Response (NDR)
As well as the necessity to adhere to new compliance rules and regulations surrounding data privacy and protection and sovereignty that are easier to comply with using on-premises tools than cloud-based.
Hybrid Solution Best Practices
A hybrid solution, such as that offered by Symantec Web Protection Suite, allows organizations to integrate different on-prem appliances, virtual appliances, cloud-delivered and SaaS components, and provide the capability to scale with the organization as needs change. This best practices hybrid solution includes:
- Industry-leading proxy-based secure web gateway (on prem or in the cloud)
- Centralized management and reporting and support analytics
- Broad, consistent functionality with advanced capabilities such as dynamic sandboxing and web browser isolation to protect against “zero day” threats.
- Flexibility to allow organizations to migrate to cloud at the pace that’s right for them with subscriptions that are transferable from hardware on-prem to SaaS deployments and cloud licenses for all employees.
A hybrid approach from a single vendor can support you on your journey to cloud and to a comprehensive SASE network security future at the pace that’s right for your organization. Remember it is a journey and one Symantec is prepared to make with you.
A Hybrid Approach on Your Journey Towards Cloud-delivered Secure Web Gateway
Join the discussion with security analyst firm, ESG and Symantec, a Division of Broadcom on how an "all-or-nothing" approach isn't the only option and how a hybrid approach to an effective SWG might be the approach for you.
We encourage you to share your thoughts on your favorite social platform.