A multinational corporation has shifted its workforce to a primarily remote model and migrated most of its business applications to various cloud providers. The Chief Information Security Officer (CISO) is concerned about the high latency and security gaps created by backhauling all user traffic to a central on-premises data center for inspection. The goal is to provide users with direct, secure, and high-performance access to cloud resources regardless of their location.
Which of the following solutions BEST addresses the company's requirements?
Deploying a Secure Access Service Edge (SASE) architecture.
Hardening the on-premises firewalls and increasing internet bandwidth.
Implementing a traditional VPN concentrator at the main data center.
Using a Cloud Access Security Broker (CASB) to monitor all cloud traffic.
A Secure Access Service Edge (SASE) architecture is the best solution for this scenario. SASE combines networking capabilities, specifically SD-WAN, with a suite of cloud-native security services (like SWG, CASB, ZTNA, and FWaaS) into a single, unified platform. This model moves security enforcement to the cloud edge, allowing remote users to connect directly to cloud resources securely and efficiently without needing to route traffic back through a central data center. A traditional VPN would still backhaul traffic, a CASB alone only addresses cloud application security without the networking component, and simply hardening on-premises firewalls does not solve the inefficient traffic routing issue.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.