Barracuda has just launched its new Secure Access Service Edge (SASE) platform, called Barracuda SecureEdge. Maybe you have some questions about it. I did. So, I sat down with Stefan Schachinger, Barracuda’s Senior Product Manager for Network Security.
Stefan’s been involved in the development of SecureEdge from the beginning, so I figured he would be able to explain what SecureEdge is, why it’s needed now, and how it fits into today’s overall threat landscape and developments driving change in the cybersecurity industry. I was not disappointed. Here is our conversation.
Understanding Barracuda’s new SASE platform offering
To start with, can you explain what exactly SecureEdge is?
Well, to put it briefly, SecureEdge is a platform that combines the features and capabilities of several of our existing solutions for optimizing and securing networks. So, it provides SD-WAN, network firewall, Zero Trust Access, web filtering, IoT security, and more. With SecureEdge, customers can effectively implement a modern SASE infrastructure with a single-vendor platform solution, rather than having to assemble their own SASE system from a variety of different solutions.
Basically, it eliminates a lot of complexity from network security and optimization. You can manage the whole thing through a single, easy-to-use cloud portal. And your admins don’t need weeks of intensive training to get it set up and running.
Does that mean that SecureEdge is going to be a replacement for our existing network security products?
No, and this is an important point. Barracuda CloudGen Firewall, CloudGen Access, and our other network security products will continue to be offered for sale, supported, and updated. So customers who have those products now — or who want to purchase them going forward — can feel confident that they will not be required to upgrade to SecureEdge.
But I should add that if you already have some of these products and you do want to upgrade to SecureEdge, that is going to be a very simple and seamless transition.
Can you explain what makes SecureEdge a true platform rather than merely a bundle?
Well, Barracuda is in the enviable position of having a very broad and comprehensive portfolio of products and services. And we got here through a combination of in-house development and strategic acquisitions. Now, one of our strengths is the interoperability of our offerings. What that means is that when we gain a new offering through acquisition, we don’t just rebrand it and put it out there. Instead, we do a lot of engineering first to make sure that the new offering works seamlessly and shares data transparently with our other related products. In other words, we don’t sell it until it is genuinely a Barracuda product.
As a result, we’ve gotten quite good at integrating multiple capabilities and features across different products. And SecureEdge represents in many ways the next step along a trajectory that we’ve been following for a long time. When I say that SecureEdge combines the capabilities of various existing products, that’s a useful shorthand for conveying some of what it can do. But it doesn’t mean that it’s a bundle containing those products. Rather, it is a new and distinct product that fully integrates a comprehensive set of capabilities. And because it is a platform, it is ready to very easily integrate new capabilities and features as we develop them.
Who needs SecureEdge, or rather, who can get the most benefit from it?
SecureEdge is primarily intended for mid-market organizations, although it can certainly scale to meet the needs of very large global enterprises.
In terms of use cases, we focus on the current landscape in which the massive shift to remote work and the widespread adoption of cloud-delivered SaaS solutions has both expanded and altered the attack surface.
So, for organizations that have a distributed, remote workforce, SecureEdge makes it easy to ensure that workers can securely access only those resources that they are authorized to access, including in-house data and applications as well as SaaS applications. In addition, it automatically blocks access to sites and services that are known to be malicious or corrupted, and of course admins can configure their own blocklists based on their needs.
Of course, it’s not only workers who have moved out of the traditional central office. In addition, the applications we access have also scattered. Most of the tools we use at work are now delivered via the cloud, but a few are still hosted on-prem. In this new hybrid world, where traditional offices and datacenters still exist, in addition to remote workforces and SaaS applications, the challenge is how to establish secure connectivity in an architecture where people working anywhere access resources running anywhere else. All the locations we must cover, sometimes also including dispersed IoT devices that need access to centralized workloads, require scalable and cost-efficient connectivity and security directly at the edge. And a SASE implementation like SecureEdge is the best way to address that challenge.
For a more detailed discussion of some of the core SASE use cases, I would refer you to a couple of my recent blog posts, here and here.
What is involved in deploying SecureEdge and getting it up and running? What will admins and users actually have to do once their organization has purchased a subscription?
That depends on the intended use case, but to begin you will need an account on the cloud portal, called SecureEdge Manager, and a SecureEdge Service as the central security hub. For admins, setting up the cloud services is quite intuitive. The built-in default configuration makes it really easy to start using the service. Many features, like Zero Trust Access and secure internet access, work out of the box or are configured quickly using a wizard that gathers needed information and automatically configures SecureEdge based on that input.
In terms of hardware, there are physical and virtual appliances that can be installed at each location to provide SD-WAN and Firewall-as-a-Service functionality. Thanks to our advanced Zero-Touch Deployment, this is extremely simple and doesn’t require any IT personnel on-site. When the appliance arrives at the site, simply plug it into a power source and to an internet connection, and that’s it. The appliance will identify itself to the cloud service, and it will automatically download and install the appropriate configuration files.
And for users, the process is almost completely transparent; they will simply need to be informed about new login procedures resulting from the transition from a VPN connection to the Zero Trust Access model provided by SecureEdge.
Stefan, I want to thank you for taking the time to answer these questions. There’s a lot of information here. I’m sure, too, that some of our readers will have more questions about this new platform-based approach to network security and connectivity. Where can they go to get more information?
A good place to start is the main SecureEdge page on our website, where there’s a lot of information.
Also we’ve got a live webinar coming up very soon, where we’ll be able to answer your questions and go into greater detail about some of these topics. That will include a live demo so that people can get a really good idea of how SecureEdge works. You can register for that here.
And finally, of course, you can get in touch with your Barracuda reseller or MSP, or directly with your Barracuda sales representative.
Loads of good information – will be interesting to see the demos and rollout!
Signed up for the webinar, looking forward to learning more
Sounds like an interesting product offering.
sounds interesting, looking forward to the demo and seeing the features
Sounds like a new great product. Looking forward to the webinar!
Looking forward to a demo!