Masergy beefs up SD-WAN security with Fortinet cloud firewalls
Masergy is adding security muscle to its SD-WAN service with cloud firewalls from Fortinet and CASB technology from Bitglass.
Jay Barbour, director of security product management for the managed service provider, says Masergy now provides Fortinet FortiGate cloud firewalls across Africa, Asia, Australia, Europe, North America and South America, as well as throughout its global PoPs. Barbour says the cloud firewall is easier and faster for companies with smaller offices to deploy, but Masergy also continues to offer appliance-based firewalls, which are ideal for larger enterprises.
Zeus Kerravala, founder and principal analyst for ZK Research, says Fortinet is a solid choice for this security expansion since the company is "a leading firewall vendor."
"It gives the customer the benefit of the best-of-breed security partner, but takes the complexity out of it where they don't have to try and tile it together themselves – Masergy does that for them," says Kerravala. "I think we'll see a pretty big uptake in managed services for SD-WAN and SASE."
Historically, the use of managed WAN services by business customers has been around 25-30%, explains Kerravala. In a recent survey he conducted of 500 IT professionals, Kerravala says "the appetite for managed services for SD-WAN – for either fully or co-managed services – was about 60%."
By 2024, Gartner predicts that 60% of enterprises will utilize SD-WAN, versus less than 20% in 2019.
In addition to the firewalls, which protect network traffic at a packet level, Masergy is providing customers with Fortinet's secure web gateway (SWG) service for IP traffic protection at the application level in the cloud and on-premises.
By adding additional security features to its SD-WAN service, Masergy aims to expand its SASE strategy as well.
"SASE is a security and networking architecture, and a design strategy that unifies multiple network-related security capabilities into a single service," says Barbour. A unified platform provides the customer with "improved performance for better user experience, and increased agility so instead of trying to provision and integrate multiple vendors, you have only one to deal with, which is what Masergy does with its unified SASE platform."
Masergy is also bringing in Cloud Access Security Broker services from Bitglass to protect cloud and SaaS applications. Barbour says the CASB tool will provide visibility into cloud applications used in Shadow IT circumstances where users access cloud apps that haven't been pre-approved by the IT team, and protect against external risks such as phishing attempts. The CASB service will also integrate with Masergy's Shadow IT Discovery platform – a network visibility and security tool launched in January that scans customers' networks for all cloud-based SaaS applications and categorizes them as "known" or "unknown" (to the customer).
Next year, Masergy plans to launch a Zero Trust Network Access (ZTNA) service. Barbour says ZTNA will heighten network security by requiring that "every system must be authenticated to every other system."
Done correctly, deploying a ZTNA service can be time-consuming, explains Kerravala. "It isn't simple – you need a lot of network data to do that and a lot of analytics tools in place … in order to do zero trust, you have to understand what should talk to what, and what shouldn't talk to what," he says. "I'd rather [Masergy] take their time rolling it out rather than rushing it."
- Masergy, VMware spruce up SD-WAN with secure remote access
- Security is top concern for enterprises deploying SD-WAN – report
- Masergy overhauls SD-WAN, boards SASE train
- Podcast: Remote access rundown with Omdia's Rik Turner
— Kelsey Kusterer Ziser, Senior Editor, Light Reading