Don’t be Fooled – SASE for Endpoint Devices can’t be Done with Legacy Solutions
By Colleen LeCount, Mobolize | Chief Revenue Officer
Secure Access Security Edge (SASE), including Zero Trust Network Access (ZTNA) and Software-Defined Wide Area Networks (SD-WAN), are key to modern enterprise security deployments. Yet SASE deployments on endpoints such as phones, tablets and PCs often use legacy technology that have security and performance challenges, resulting in poor adoption. Traditional IPSec VPNs and Cloud Access Security Broker (CASB) solutions just don’t cut it.
The challenge for enabling SASE on endpoints is managing data traffic. This includes both enterprise and employee personal traffic, especially for unmanaged ‘Bring Your Own Device’ (BYOD) deployments which are increasingly becoming the standard. One of the problems is that VPNs tunnel all data traffic off endpoint devices to cloud servers. Not only does that add cost and impact performance like battery, application (app) compatibility and latency, but it also includes employees’ personal data creating privacy concerns which is a big issue for BYOD.
In addition to the problems noted above, legacy VPN technology provides a large attack surface and scalability challenges. It can only split route-based IP ranges, not by domains or apps. And lacks modern authentication. As a result, they are often turned off by frustrated users resulting in no security for company or end users.
And Cloud Access Security Broker (CASB), a browser-based clientless solution, only works with browsers which means no coverage for other apps. Since 90% of mobile activity is apps, CASB protects only 10% of data. Plus, it only supports HTTP/S traffic and doesn’t have device posture and continuous verification. That’s far from secure.
Security is key for endpoints. So, how do enterprises enable SASE on employee devices? The smart solution is to use a client that intelligently enables secure access and routes traffic on the device.
The Mobolize Data Management Engine with SmartVPN® technology does exactly that. Deployed as an app, it enables precision access and routing on the service edge for all endpoints on any network – Wi-Fi and cellular – used on or off the corporate network. And it does this for both managed (MDM) and unmanaged BYOD devices. The result is near 100% app compatibility with support for Domain Name System (DNS) security, Secure Web Gateway (SWG) and ZTNA. It uses a single unified client architecture for all operating systems – Windows, macOS, iOS, Android, Chrome and Linux – which delivers feature parity and makes maintenance and feature upgrades easier, faster and more manageable. Customized to our partner requirements, it’s delivered as an SDK or a private-labeled app.
The result: high-performance SASE security on the endpoint. Don’t be fooled by other claims. Smart Mobolize security is the only way to ensure secure devices with high performance for MDM and BYOD.