Techzine Talks on Tour
Techzine Talks on Tour is a podcast series recorded on location at the events Coen and Sander attend all over the world. A spin-off of the successful Dutch series Techzine Talks, this new English series aims to reach new audiences.
Each episode is an approximately 30-minute discussion that Coen or Sander has with a high-level executive of a technology company. The episodes are single-take affairs, and we don't (or hardly) edit them afterwards, apart from polishing the audio up a bit of course. This way, you get an honest, open discussion where everyone speaks their mind on the topic at hand.
These topics vary greatly, as Coen and Sander attend a total of 50 to 60 events each year, ranging from open-source events like KubeCon to events hosted by Cisco, IBM, Salesforce and ServiceNow, to name only a few. With a lot of experience in many walks of IT life, Coen and Sander always manage to produce an engaging, in-depth discussion on general trends, but also on technology itself.
So follow Techzine Talks on Tour and stay in the know. We might just tell you a thing or two you didn't know yet, but which might be very important for your next project or for your organization in general. Stay tuned and follow Techzine Talks on Tour.
Techzine Talks on Tour
After SASE and Unified SASE, there's Sovereign SASE: what is that?
Sovereign SASE emerges as the new frontier in secure access solutions, addressing the critical balance between cloud convenience and regulatory compliance. Nirav Shah, SVP Products and Solutions at Fortinet, unveils how this innovation allows organizations to maintain control over their sensitive data while still benefiting from the operational simplicity that made SASE attractive in the first place.
The journey from traditional SASE through unified SASE to today's sovereign model reflects a market responding to real customer needs, particularly in highly regulated industries. Financial services, healthcare providers, and government entities can now implement modern security frameworks while keeping their data under strict governance. "Sovereign SASE brings the simplicity that SASE solutions provide, but gives customers control over where the data is," explains Shah.
What makes this approach particularly powerful is its hybrid architecture. Organizations maintain control of the data plane through their own points of presence, conducting security inspection and data storage according to their specific requirements, while vendors manage the control plane to reduce operational complexity. This creates a perfect bridge for companies previously unable to adopt cloud security models due to compliance restrictions. For service providers, it offers a strategic opportunity to capture higher-margin business by maintaining infrastructure control while leveraging vendor expertise.
Ready to explore how Sovereign SASE might transform your security posture while addressing your regulatory requirements? Discover how this technology can provide the flexibility your organization needs while keeping your sensitive data under your control.
Hi and welcome to this new episode of Techzine Talks on Tour. I'm at Mobile World Congress. I'm at the Fortinet booth at the moment with Nirav Shah, SVP Products and Solutions. Welcome to the show.
Speaker 2:Yeah, glad to be here.
Speaker 1:Yeah, I hear you have this thing called Sovereign SASE. So I mean, it's been a while since SASE appeared on the market, on the world stage, and it was a very big thing. A lot of players were immediately very active in the space. Now, with Sovereign Sassy, it seems to get a new dimension, so I would like to talk about that a little more. So let's start with the state of Sassy, because there's maybe a bit of confusion maybe even about what it used to be.
Speaker 1:And then we got unified SASE and then now we have sovereign SASE. Let's talk through all the different kind of forms of SASE, maybe.
Speaker 2:Yeah, look, you're so right If you look at today's market post pandemic. Sase as a term came in to bring the conversions together of networking and security and especially ST-WAN on the networking side, converging to SSE, which is secure web gateway, casb and lot of other component, and for a long time it was about having different, dual or sometimes three vendors to provide SASE solution. Very quickly, a lot of customers and service providers realized that the importance of SASE needs to be unified. Can a single vendor provide all the 15 core capabilities in one solution? That is what going to make it simple At the same time having that simple remote access for all application. That's where the unified SASE came in.
Speaker 1:And then there was also this brief period where SSE was suddenly very popular, which is also, basically, it's part of SASE as well, right? And then that got a bit confusing as well, at least from my perspective.
Speaker 2:The markets are out there. There is an S SSE market, there is a SASE market, but if you look at all the forecasts and predictions and interest from the customer, customers are looking for simple, single vendor. Sase, which is converged vendors have organically built, ai is built in and not something that are stitched together from different vendors.
Speaker 1:Do you still hear a lot of questions about what exactly is SASE? Because I remember from the beginning there was this very some companies were very focusing on the definition of SASE. So if you couldn't offer it as a cloud solution, for example, it wasn't allowed to be called SASE because that wasn't according to the definition. We've moved past that stage right, so we're in that in a kind of kind of definition word game anymore yeah, it's for us.
Speaker 2:Sase, at the end of the day, needs to be provide flexibility in remote access. There are multiple ways to do it. You're right in the beginning, sase was a cloud delivered service SASE. We, when we call it 4D SASE, it is a cloud delivered service on ourASE. We, when we call it 4D SASE, it is a cloud delivered service on our own global network. But then there are different ways we are seeing that SASE can be implemented for our customers, who has a lot of requirements, and our regulations data sensitivity and that's where we are now going to the next phase of SASE.
Speaker 1:Yeah, so that's called sovereign SASE, correct? I mean, a lot of companies are bombarded nowadays by Sovereign stuff, right? So you have Sovereign Cloud and now we have Sovereign SASE. So, if you have to define it in one sense of elevator pitch what is Sovereign SASE?
Speaker 2:At the highest level. The Sovereign SASE brings a lot of simplicity that SASE solution provides, but give customers a control where the data is and how can they make sure that the data and the regulation remains in their control. That's it. That's really the power of sovereign SASE.
Speaker 1:So underneath it it's still unified SASE right, so it builds on top of it. It's a policy layer on top of unified SASE, to a certain extent Exactly, I mean typically in a sovereign SASE.
Speaker 2:What we want to do is for a large enterprise or a service provider. They can control the data plane, so they have their own point of presence where they can implement the data plane model, where they can do the security inspection, they can do the data sensitivity and data storage over there, but the entire control plane could be managed by us, and that's where a lot of customers can find that good balance of not worrying about operational complexity but at the same time, data stays with them operational complexity, but at the same time, data stays with them and a competition.
Speaker 1:You also must get the question why should I organize this at the SASE layer? Because a lot of companies already have lots of policies in place for where data can go, where it can go and all these things. Why should you do it in that layer, not not somewhere else? Because I'm pretty sure they can do it somewhere else as well if they wanted to. Right.
Speaker 2:Yeah, that's where it goes back to, from which vertical these customers are deploying it. I talked to a lot of customers who are in financial and healthcare vertical where the data is extremely important and sensitive. They want to make sure the data stays in their control. Look at the service provider Service provider. When they look at the SaaS, it's not just about the data. They also see that they are not getting the higher growth margin business, so they want to control that and provide that.
Speaker 1:Is this also a way for companies who were originally, or maybe historically, not allowed to do anything or maybe a lot of things in the cloud with SaaS solutions and all that stuff, to actually go ahead and use it now because they can do it in a way that actually is allowed?
Speaker 2:Exactly right. In today's space, every vendor should and must provide the flexibility. And that's where SaaS is going, because earlier, if you just tell everybody to go to vendors' cloud must provide the flexibility. And that's where SASE is going, because earlier, if you just tell everybody to go to vendors cloud, sure it, you can do that for certain use cases, certain vertical, but it does not work out. There are customers who also want to customize the SASE solution to their fit. They want to make it more private to their fit and that's where the sovereign SASE helps them.
Speaker 1:And I imagine, if you're a company and you want to start using for I don't know Salesforce, which runs obviously in a cloud and you may not be able to or allowed to do that Now, you can demonstrate that you're actually using it in a sovereign kind of way, right? So is that also one of the applications of how you can do this?
Speaker 2:Yeah, more than a SaaS application, it's a private application. What we have seen is for certain enterprises there are private applications which are built on their private data center and to access those private applications they want the inspection in their data center control. So they do that. But for sure, even the sales, for example you gave if they wanted to do that in a SAS based model we can make sure that the data, the compliance regulation framework, all stays with customer is there any, because usually sassy works with pops right with points of presence or the more you have the.
Speaker 1:The faster it is, the better. It is right. It does the same hold for the sovereign part of it. So if you have a pop in one place, it will always also have a sovereign component to that pop.
Speaker 2:So it is complete in all the different pops that you have it, the sovereign sassy, make sure that customers are getting that across all their pops. You know, today at Mobile World Congress I just met a very large service provider and they asked me the same thing. They have already invested into several points of presence which they manage. What they want is they want the sovereign SASE which they can control. So now they're going to use the newly announced sovereign SASE and have it under their control for data and compliance and then bring that to their customers.
Speaker 1:How do you make sure that you don't make this too complicated? Because one of the reasons for going for unified SASE is that it's actually a very easy at least between quotation marks, maybe. I mean, nothing is ever really easy, obviously, but but it's a relatively easy way of doing so. You don't have to depend on applications and solutions from three or four different vendors. But now you're actually giving control back to a certain extent to the customers, so you run the risk of making it more complicated, more complex again. What do you hear from? What are your thoughts on that?
Speaker 2:You are talking about simplicity, right, and the over last 25 years, fortinet has invested into 40OS, which is the convergence, and 40OS brings the entire SASE stack into one offering. So when it was STUN, or or when it became unified SASE for us, we already had those capabilities that customers can use. So now the software in SASE, in the backend, customers are still using those same 40 OS, which is their control. One thing that, though, we are doing which is important is the control plane of sovereign sassy. How do you manage users? How do you manage the, the policies? We want to make sure that that layer we can simplify to make sure they get that value and they can't break the sassy by by by maybe doing something that that they shouldn't do.
Speaker 1:Because I can imagine if, if you want to offer sassy and you want to offer secure access from everywhere which is basically what you're doing, right and if your policy is so strict that you can't really get access anymore, then those things don't really match right. So there must be some sort of constraints in there that you can't do that.
Speaker 2:And that's where what we are doing is. As I mentioned, over the last five to six years, fortinet has spent a lot of innovation in FortiSassy, which is a unified Sassy. So in Sovereign Sassy we are basically utilizing the best practices that we did for FortiSassy for a control plane, and that's a great way right. We do not at Fortinet. We do not want to build multiple products. Rather, we want to use the core foundation technologies and provide to the customers to provide the flexibility. And that's where Unified SASE, fordy SASE, sovereign SASE they're all related.
Speaker 1:But Sovereign SASE must also be a reaction to maybe new regulation coming up and all the stuff that we hear around NISTU DORA, you name it, all those things. It's helping you probably getting the message across, I would imagine.
Speaker 2:It definitely. I mean a lot of things at Fortinet which we do are actually coming from direct real-world customer requirements and over the last two years we have seen growing regulation requirements. More customers want to do SASE but they do not want to send traffic to vendors SASE point of presence, and that's where we started looking into developing this turnkey solution which is customizable and the customers can use it but it is.
Speaker 1:I mean, it is to a certain extent a niche first for certain verticals, right? So you don't do you expect this to be become popular across the your, your sassy install base?
Speaker 2:we do think that when we look at the service provider market and telco market, this could be a game-changing, because today they do not like just using a vendor sassy solution and do that. So this is going to be huge for them. But you, you're right, for large enterprise, whether it's a government entity or a financial or healthcare, this is a use case For some specific regulated companies or countries. You will see them using it more, but it is going to be an evolution.
Speaker 1:For example, big multinationals who are present all over the place anyway and have shared cloud space across nations anyway. Maybe that's less of a Obvious target audience.
Speaker 2:For yeah, as long as they're okay with that. I mean, we, and that's where we have as part of our 40 sassy, we have built a 150 plus point of presence Specifically for that multinational example, you gave right. If the data is point of presence specifically for that multinational example, you gave right. If the data is, security in terms of where the data resides is not an issue, sure, they can just use the 4D SASE, but then we are giving flexibility for those customers who have those as a requirement.
Speaker 1:And finally I mentioned it earlier as well lots of Sovereign stuff going on. What's the relation between something like so SASE and the push for sovereign cloud that we've seen, especially in Europe, over the past years?
Speaker 2:There is a direct relationship. We have seen that more and more those requirements are important. I mean, you can take a look at any of the large multi cloud AWS, google and more who are also actively investing into that concept, and that's where we realize that Fortinet. Ultimately, our goal is to provide cyber security everywhere using AI, using convergence. We want to be at the forefront in this innovation and make sure that sovereign concept is also available to our product, into our, and there is no better example than starting with Sovereign SASE.
Speaker 1:Yeah, so it's a logical step in the sovereign kind of way of thinking.
Speaker 2:Exactly. Well, that's interesting.
Speaker 1:Well, I think we're already out of time. Like I said, I have an appointment in a couple of minutes, but I think this was a very interesting chat, very well explained. I think I understand now what it is and what it isn't and I hope the listeners understand it as well. So thank you very much for joining. Thank you, I appreciate that.