Enterprise Network Transformation: What You Need to Know Right Now

#1. Edge Cloud Exchange Point (CXP) Architecture 

Due to mergers and acquisitions or profit and loss region decisions, networks are often cobbled together at the edge using MPLS, SD-WAN, and firewalls. Additionally, cloud expansion has made it challenging to provide routing and security between clouds and back-to-edge tenancies, whether corporate or client.   

Now we’re starting to see the emergence of cloud networking. These solutions use their proximity to clouds (Azure/AWS/GCP) and being agnostic to the edge (tunnel or SD-WAN VM) to allow for a completely agnostic union of technologies between branches and clouds.    

Edge CXP architecture allows for the quick assimilation of disparate technologies on the edge and reduces the complexity of security and routing policy within the cloud instances. It also makes it easy to provide segregation for multi-tenant use cases and companies that deliver services over an agnostic infrastructure, unlike the old way, which was dedicated services that cost more and didn’t scale well and weren’t built for cloud integration. 

#2. Service Chaining MSPs and Multi-Disciplined MSPs 

Another thing we’re starting to see with enterprise network transformation is Managed Service Providers (MSPs) with embedded middleware orchestration that reduces the complexity of service chaining.  
 
MSPs have recognized that some clients want a best-of-breed solution, so they support multi-disciplined technologies using APIs, automation, and AI to deliver a more robust service delivery and support experience. 

Also, MSPs are taking a multi-disciplined approach and supporting full-stack Secure Access Service Edge (SASE) across multiple technologies, such as supporting Cato, Fortinet, and Versa. This approach enables them to design based on functional, technical, and security needs rather than a defined technology.  

Ultimately, these MSPs can focus on the customer’s business needs and overall experience by evolving solutions to address their specific requirements. The MSP can then bring it together into a single pane of glass to deliver, manage and monitor their network.  

#3. The Evolution of Access Control 

As the migration to work from home has continued to evolve, we are seeing an intense focus on Service Secure Edge (SSE) to deliver forensic access and policy provided on a global scale.  

Additionally, all forms of access, from privileged user access to network access (USB, Ethernet, Wi-Fi), are being re-examined as these types of breaches are most common but are more complex to protect against and manage.  
 
We now see new MSP initiatives to help design, architect, and manage access security.  These solutions typically are built around Network Access Control (NAC), Privileged Access Management (PAM)) and Zero Trust Network Access ( ZTNA) solutions.  

Another facet of Access Control relating to enterprise network transformation is acquisitions by MSPs of smaller organizations that may have focused on more discreet access control technologies to round out a more complete “Managed Access” portfolio.  

#4. Full SASE Architecture 

SASE continues to rise in popularity, focusing more on full SASE architecture. This approach is ideal for the client who is comfortable with co-management and is tasked with managing multiple technologies with limited expertise and staff.  
 
The critical advantage of full-stack SASE is that you can change the capital footprint and reduce administrative complexity radically. This improves TCO and simplifies policy across all network edges and access points. 
 
Full SASE architecture offers a unified global routing and security policy that’s easy to manage and maintain. Also, it delivers tightly integrated visibility with full context and inspection of all traffic flows from all endpoints, which leads to shorter identification and remediation of events.