Issue link: https://insights.oneneck.com/i/1469039
36 Secure Access Service Edge (SASE) For Dummies, Cisco Special Edition These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. DIA Is the New Normal With the advent of the cloud era, network architectures designed to provide robust connectivity to a corporate data center are now obsolete and must evolve. The majority of network traffic today occurs either within the data center itself (East-West traffic) or from an organization's various locations to the cloud via the Internet (North-South traffic). As a result, backhauling network traffic from remote or branch locations over multiprotocol label switching (MPLS) wide-area network (WAN) links, or roaming user traffic over virtual private network (VPN) connections, is no longer an efficient or viable option. Organizations are increas- ingly providing direct Internet access (DIA) broadband links for their remote, branch, and roaming users to access their software as a service (SaaS) applications without the slow performance and latency associated with backhauling traffic to a corporate office with a single security stack. SaaS Apps Are Taking Over Once limited to personal apps that employees downloaded to their smartphones, SaaS apps have now become core business apps supporting critical business functions in the modern digi- tal workplace. Salesforce enables customer relationship man- agement (CRM), Workday delivers payroll services, and Concur provides expense management. Other apps such as Office 365 provide email and collaboration, and still other apps such as Box, Dropbox, Google Drive, and OneDrive provide file storage and management. Of course, part of the allure of SaaS apps is ease of use. To deliver this convenient user experience, many SaaS apps provide only weak access control and security mechanisms — or none at all. Others have robust access control and security, but at the cost of convenience. A multi-function, cloud-native security solution can provide cloud access security broker (CASB) services to ensure robust and consistent security and access control policies are applied to all apps — for example by enabling single sign-on (SSO) and inte- grated threat intelligence.