Coming to me in the form of Sonicwall’s Cloud Secure Edge (at a monthly, per-user cost), I understand the basics of what they say it’s going to do, but I also have been doing this long enough to understand when someone’s using a lot of buzzwords and scare tactics to hype a much simpler concept that I feel I am not as much up on. I would welcome any and all comments from those of you with any experience in implementing/utilizing/understanding SSE. Thanks in advance!
My take is only valid for my environment, I think 😅 What’s your environment and threat model? Are you feeling that your current defenses are insufficient, is there an actual or potential increase in attacks? Are you finding yourself struggling to manage and secure company infrastructure with everyone’s personal devices connecting to it? Are your users frustrated with the security you do have in place? Or, are you looking to add new layers to address a deficiency?
IMO cloud services like this are either overpriced now or will get overpriced in the future; they usually work fine until there’s an outage or until they get compromised. But, I haven’t had to run a large corporate environment yet, and I could see the allure of offloading all the security onto an external vendor that we can blame (and sue) if things go wrong down the track.
edit: reading u/False’s comment it does sound like it’s at least a decent user experience, at least if they’re using the Sonicwall product you’re looking at. You can almost certainly build an equivalent service internally with FOSS tools, but will the user experience be as good/seamless? That’s a lot less certain.
My customer is a mid-large size environment with not a lot of tech-savvy folk who are always frustrated with additional security, so anything that would decrease the number of MFA pushes passwords they have to remember would be a win. For that matter, decreasing the number of hours spent admin-ing those things is also desireable. Currently, we’re just using simple SSL VPN to access on-prem file/print services.