BizTech BizTech Podcasts

95. Is the SASE Revolution going to empower networks, and secure the future? With Brinton Gundersen

November 15, 2023

Subscribe to the Next Level BizTech podcast, so you don’t miss an episode!
Amazon Music | Apple Podcasts | Listen on Spotify | Watch on YouTube

Listen in today as we have Telarus West Engineer Brinton Gunderson in the studio to talk SDWAN and SASE. Brinton dives into how we see SASE and Security overall converging into the networks of the future. Not only will we get into the weeds on what’s all in the tech stack of this offering, but we’ll uncover some not-so-well-known information about a professional athlete we may have on staff. Don’t miss this one!

Everybody, welcome here to another special episode live in the studio with our guest who we’ll get to in a second. But today we’re going to talk about SASE Revolution. And if you don’t know what that is, that’s okay, because we’ve got somebody super smart here who’s going to explain it to you. This is about the SASE Revolution and is that the future of how to empower networks and secure everything? So with that here today with us, we’ve got Mr. Brinton Gundersen engineer extraordinaire from Telarus here right in our backyard, man. Welcome. Hey, Josh, glad to be here. Thanks for having me in. This place is awesome. Fun stuff, huh? Let’s jump in, man. First off, I want to hear about your backstory. For anybody that doesn’t know you, how did you get into this space? Were you destined for tech? Did you used to wash boats or pump up basketballs for a living? What did you get here, man?

You know, I knew you were going to ask that, so I’ve been thinking about how this all came about. But right after high school, I worked for a little company called AOL, and I was there right when they had the boom. So I think they hit just like 20 million users right at the time. It was AOL 7.0 or something. But it was a crazy time there because I had some friends that were literally retiring because of their options that they had been given over the last couple of years. And so they had millions of dollars of options. I was just in the call center for a couple of years, but that was my first get into technology. I wasn’t fully set to be in tech yet, but that was my first job out of high school. After that, I had a job at a computer store. I needed some flexibility to travel. I was a professional athlete at the time.

So we’re coming back to that. Yep, well, eventually.

But yeah, I needed something that was, you know, could work with my schedule. And I worked for a small computer store and built computers and did some system admin work and did managed IT for Dennis.

And yeah, it was pretty chill. But then a few years later, my brother-in-law worked for a company, Echelon. And at Echelon, they had an opening for a sales position for PBX sales. And Scott Forbush was the hiring manager. And number 74, all great people from the channel, come from Integra. Go ahead.

So, yeah, so I went in, I had an interview with Forbush, and you know, we’re talking, and it must have gone well because at the end of the interview, he’s like, “Okay, yeah, I think we can probably do something, but I’ve got a question for you. Do you remember me?” And I was like, “No, what do you mean? I was like, “No, I don’t remember you.” And he’s like, “Well, you did a rollerblade competition at Play It Again Sports.” So he was a manager at Play It Again Sports up across the Wasatch Front. And when I was 16, me and a couple of friends had like a crew of rollerbladers, and we put together a competition, and we held it in the parking lot of Play It Again Sports. So I must have done something okay then or during the interview. – Made an impact. – But he hired me, and it was awesome. But Rob Julian was my engineer back then, Forbush, and I’m sure I drove them crazy because I asked so many questions, just so many questions. I had to know how it worked, and I just loved it. – I love it. Okay, we’re going to come back to this whole SASE thing in just a second because that’s important, and it is the title of this track. But can you, I know everybody’s dying to know, can you give us a little bit of backstory? There’s a gap here. I was interviewing, I was a professional athlete. Can you give us just a couple-minute spiel on your story to fame as a professional athlete? – Yeah, yeah.

So there’s a, I was a professional athlete in two kind of niche sports. So in skating, I skated a board called a snake board or a street board. And I was on the global team for Snakeboard USA. So there was about 30 of us that were on this team, and we traveled together. And I won world championships. So I was a world champion in 97 when I was 19. And after that, I just had a travel budget. I got to cruise all over the world and have a good time, go off jumps and meet friends. And it was fantastic. – But there’s a part of this story somewhere, I know I’ve heard pieces of this, where you didn’t set out to go skate in the X Games and join the X Games. How did that, there was a question that was asked. – So, okay, so the X Games story is crazy.

It’s like a movie, honestly. But so I was doing the summer sports snakeboarding and traveling and going off jumps for that. And I was part of a team here in Salt Lake at a skate park.

There was a guy in town that was giving some skis away and looking for people to ski on these new skis. And there are twin to really short skis called ski boards.

And so me being a part of that team, I was the recipient to a couple of passes to Brighton and a couple of pairs of skis. And just to go try them because it was a new company. And so me and a friend went up, we went and rode for a day or two, did some 540s, did some jumps and came back and I talked to the guy. And he goes, “Yeah, you have a good time. Was it fun?” “Yeah, it was awesome.”

“Yeah, it was great. We did all sorts of tricks.” And he said, “Okay, well, what are you doing next week?” I was like, “Well, yeah, nothing.” “Well, you want to go to a contest in Vermont?”

And I was like, “Well, you want me to go to Vermont?” I skied two days. I didn’t ski at the time. I snowboarded growing up. And he said, “Oh, well, Mark.” And this is the guy that owned the skate park. He said, “Mark said you’re going to be great.”

“No problem. Let’s make it happen.” “Okay, yeah, I’ll go to a contest. What contest is it?” And he was like, “Oh, it’s X Games qualifiers.”

“No big deal.” “No big deal. You’ve only skied two days. You can go out there and rock it.” And so here’s a couple more passes and I’ll see out there. I’ll see you in Vermont. So I skied five more days, flew out to Vermont, and I skied in the competition. There were 70 people in the competition. And I couldn’t ski, really, but I could go off jumps pretty well. And I went off, you know, did the competition. I got fourth out of 70 people and qualified for X Games. So two weeks after that, I was literally in the X Games. So over a month period, I went from not skiing to being in the X Games. Love it. I traveled all over the world, did all kinds of tours, and had a lot of fun doing that. Good stuff. In the winter on skis, in the summer on a snake board. Love it. Having a great time. Love it. All right. I don’t know who’s going to top that next, but all right. Good stuff.

Let’s get back to the tech side. Let’s get back talking about, lay it down for us. Before we get into a little bit about what SASE is, for anybody that’s listening to this, we expect there’s some sort of foundational element of SD-WAN. But give us a quick 30-second primer on SD-WAN and kind of where we’re at and really break it down. What does SASE mean and where are we now?

Yeah. So I think it’s important to realize where SD-WAN came from. So SD-WAN’s really not a new technology, but what it is, is a collaboration of all these very difficult protocols to implement into a software layer that makes that simple. It’s kind of like having a CCIE or a very technical network admin on your team that can implement something very difficult to do. But it does it with software. It automates it. And so the deployment is one part, but also that software component, all the analytics you get out of it, all of the knowledge, troubleshooting ability, just out of SD-WAN. So that’s really what SD-WAN is, is that highly technical component and a software layer that’s combined.

So the second part is, what is SASE and how does that… First of all, I’m going to get yelled at if I don’t call this out, but what does SASE stand for? Secure Access Service Edge. There we go. All right. Man, glad I read that yesterday.

So we’ve laid this foundation that over the past, however many years, we’ve decoupled the branches, we’ve got rid of this hub-and-spoke architecture that we used to all be beholden to. We’ve given visibility into the network, we’ve given resiliency into the network, we’ve given all those things, right? So it’s what you mentioned now as a software decision. So now you’re talking Secure Access Service Edge. So what is that next evolution and why are we looking at so much of this for SASE for the future? Well, it’s a collapse of technologies that need to come together. I mean, really what it comes out of is there’s an absolute huge deficit of security roles in the environment. There’s, you know, 5,000 roles in Utah alone that need to get filled. And so SASE is driven out of that economy. There’s a need to really stretch the resources that every company has and give better intel, getting software that can make decisions easier and just wrap that security around more components and make better use of the network resources and the resources, staff, etc. that you have available to you. But there’s a collapse of this firewall component into that SD-WAN that’s super, super important. And then also, of course, the ZTNA, you know, securing all communication between to and from and have that all identity-based. So why now, though? Why not?

I know you’ve got a lot of great search. You’ve got some awesome Cisco networking. You understand this, right, better than most. Why not years ago, right? I mean, I can at least share my experience was when we tried to approach people five, ten years ago about, you know, let’s make your security managed. Let’s give it into this box. Let’s give you visibility. There was a lot of, you know, hey, no, I want that box here. I want to manage that. I want some hands on to that. But it seems like we’re having a lot of success now from a deployment perspective with SASE What is it? Is it just that job shortage and the tech shortage? And tech is so difficult, but customers and businesses want the tech. Why now?

Well, I don’t think it has to be entirely now. You still have a separation even of this SD-WAN and this SSE. SSE is a subdivision of SASE where you have to have two groups inside of an organization, a network and a security team both make decisions to come to a full SASE deployment. And so that’s actually one struggle I think people and salespeople and organizations also have and struggle with is they’ve had these two silos, this network team and a security team that have to work together for a good collaborative network. But it really takes that strong connection between the two to have a very good posture and security. That’s one of the components why that’s important. You need all of the elements talking to each other to have a good focus on the network, what’s happening and the security elements that are all involved.

So what is it then? And obviously I know we’ve got a little bit of a bias here because we’ve got vendors that we’re having great success with that can support this. But why is it that or maybe what is it about this type of network architecture that customers just can’t always do on their own?

Well, you know, the biggest value that some of the SASE companies can provide is that MPLS replacement plus the security and DLP availability and decryption of all elements. You know, it’s quite difficult to employ firewalls everywhere that you need them. If it’s, you know, that local land firewall from host to host, or if it’s from branch to branch or branch to internet, just having firewalls in every location that you have to have them, that’s very expensive. There’s a scalability problem and that shared environment where you can have a managed infrastructure that’s basically leased to you and you can be a part of that ecosystem. You don’t have to pay for that global backbone. The global features that only, you know, very, very large corporations could take advantage of previously. Now that where I see SASE impacting the most is that mid-markets arena, you know, that kind of upper, upper small business, mid-markets and enterprise. The really large enterprises have had some of those functions in the past, but now it’s kind of coming down market a little bit. So I’m going to come to you, try to bring this all full circle with an example here or ask for an example here in just a second.

But can you, for the partners listening, right, generally when we talk to partners, I’m listening to this podcast because I’m not in this area at all and I want to figure out how to get here or maybe I’m in an adjacent technology and I want to start bringing these types of things to my customers or to my prospects, people that I’m trying to chase down. Can you maybe just break a few of the key products that are in this area because I’m, you know, you mentioned questions, right, asking all the questions. There’s no dumb question at all and I encourage everybody ask these questions all day long. But to help the partners quantify what products, what problems, could you maybe break it down of really what, you know, we talked about what SD-WAN is, but what is that the rest of that SASE give them exposure, the ability to do, and how could they draw that out in a conversation with a customer or a prospect?

Yeah, I mean, there’s so many layers to that and that’s one of the struggles is SASE is a pretty wide stack.

You know, from an SD-WAN perspective, just understanding what resiliency, what reporting, what decisions they need to make. You know, from an example, I have a regional bank that I did a project with. They had 10 locations and they were having issues with some of the legacy routing protocols and they needed to simplify that. SD-WAN was able to kind of layer in and give them that. The SASE components were able to do that CASB or watch all the applications that are going out to the internet. And a lot of that, they didn’t know, you know, people were using one software that they didn’t want their staff to use. So having more control, asking the questions about, you know, what’s in the environment? What do they want to see? What type of decisions do they need to make out of the data that they’re going to see?

But what are they going to lose if something happens? So, for example, you know, if we’re talking about network resiliency, if the SIP services that overlay on top of the SD-WAN network go down, you know, what are you losing from that? What’s the daily cost of failure?

And then getting into, of course, all the ransomware components or deep-pack inspection that SASE can offer.

That whole security track and making sure that it fits into a framework that the customer is using, if that’s NIST or some other framework.

The CASB one, before we get too far past that, I think that’s an important call. I don’t think a lot of people understand what CASB is.

Acronym-wise, cloud access, security broker. Can you, what is that? So, cloud access, security broker is another version of a firewall. And this is the ability to look at the traffic that’s going out to the internet and identifying which applications they are. And that’s the first element, is getting the intel that you need to know on your network. And then second, being able to block that. Or if you need to educate your staff, “Hey, we’re not using XYZ storage, we’re going to use Dropbox,” for example.

Whatever it may be, just to have that control and that intel and that view into the network. So you can kind of wrangle in that shadow IT component. But CASB is really designed around that shadow IT and making sure there’s good control around it. So it’s really more, “Okay, we’ve got an application sprawl.” And I think the theme out of this of the “why” is the convergence, it’s the collapsing of tech, it’s the making use of one tool that can unify everything and make up for some of that shortfall, maybe that you don’t have from a personnel perspective. But it seems to me like CASB just extends that into saying, “Well, let’s pull all the applications and those other pieces going in and out.” And then pull that and look at all that telemetry together. Is that fair? Yeah, a strong reporting package around all of your SaaS applications. Fair. Okay. Okay, so let’s go into a little bit about an example. I want to hear something that’s got SD-WAN, something that’s got SaaS-y to that component in it, or any pieces of those components. How did you get brought in and kind of what was that environment like? What were some of those struggles on how did SD-WAN and SaaS-y ultimately solve that? Yeah, so one customer that I had was a regional bank, about 10 sites. They were really struggling with reporting, first of all, also routing. They had some routing issues and resiliency within their network. So they had just recently deployed toUCaaS and they were struggling with the quality of service of that and just understanding what was on their network from a WAN perspective. And so the first component was deploying an SD-WAN platform that could do single IP failover so they could have QoS out to the internet because their UCaaS provider was out on the internet.

And after that was deployed, they were able to see what applications, and they were able to configure the policy-based routing or the QoS for internet-based services and just have a much better realization of what their network looked like. The security components, at the time it was firewall-based Fortinet’s that they had deployed. And so from the edge security perspective, they were in good hands, but they didn’t really know some of the applications that were going out to SaaS. So coming back to a CASB perspective really gave them an idea of how their employees weren’t using the applications that were condoned by their company. And so they had to build some policies around what that was, and it really took some education from their IT staff to the employees to pull them forward into the correct contracts, the correct applications for their company.

Love it. Good. Yeah, I mean there’s a lot there. There’s a lot to unpack, but at the end of the day it sounds like visibility, being able to see who’s using what applications and just pulling it all together. And again, it seems like a telemetry conversation and reporting, yeah? Yeah. Okay, last couple thoughts here.

So I’m again a big fan of questions. So if I’m a partner, I’m listening to this. I’ve got customers. I’ve maybe sold them SD-WAN before, or maybe I haven’t approached them with this conversation. Either or, right? Sky’s the limit here. What’s a couple questions? What kind of talk track would you give the partners out there to uncover some of these opportunities or push it a step further and stepping into SASE and anything else that we’ve talked about?

Well, I mean there’s some really simple ones. You can ask about the firewalls or the tactical things. How old is your firewall? What are you doing from that perspective? But really, from a business challenge perspective, do you have the reporting that you need to see into your network? Are you able to make the decisions about your network and the applications that you have that are available to you? What are you doing from a security perspective? Do you feel like your ZTNA or your remote users are well protected? Is your network protected from your remote users? So bring your own device that’s out there. That’s a big challenge for these IT folks.

We talk to IT directors all the time that are really just in a barrage of technology.

A lot of the times, there are system admins and there are system admin IT guys that have maybe grown in their position organically, and now they need to be the network admin. They need to be a security admin, and their sprawl are just IT sprawl in general. That’s not a server sprawl or anything like that. This is just technology sprawl, and the scope from an IT director sprawl is huge. These guys have to take on so much, and they need every tool they can within their grasp to try to do a good job for their business. So trying to make them look like champions in their role, that’s big. And from the business perspective, giving the business enough tools and analytics to make the decisions without a lot of effort. In a legacy MPLS environment, it was really difficult to extrapolate the information you needed to tell how much an application was taking up of your network. Now with a good SASE platform or an SD-WAN platform, that’s like a snap, right? So there’s been a big shift in technology and software from deploying little buckets of technology here and trying to collect logs. Now everything’s kind of clumping and coagulating into these bigger technology groups. And we need to provide that value to these guys, to these IT folks, so they can look good. That’s what it comes back to. Love it. Make it look good. Business decisions. What’s driving it? Great stuff. Good questions in there.

Okay, so let’s think out, as we wrap this up, let’s think about the future here. So maybe not too far out past 12 months because this stuff changes too quick to look farther than that. Any thoughts that, you know, for partners listening out there that you want them to pay attention to, what are we going to see from SD-WAN and SASE evolution over the next 12 months? Anything different or just a continued course? You know, I have a hope for SASE, that it’s going to become a more competitive space. The vendors that are out there pulling in more and more features, and a tighter, you know, a seamless infrastructure between that security and SD-WAN component, even extending out to maybe some of the further away security features. But as that comes in tighter, that’s going to become more competitive. But there’s so much future in SASE. It’s just a great kind of space to watch and look at. So there’s a lot of hope there and expansion that I think is going to happen. Yeah, I would argue probably a really great space to be in as a vendor because as the technology gets harder, as more people need security, as more people collapse to what you’re talking about, great spot for the vendor saying, “Hey, I’m here. We do this. We can help.” It doesn’t matter that you can’t find people, our tools, our tech. We can give you the, you know, one person can be the power of 10, right? Yep. Well, and it’s a great space for our customers to be in. If they can learn these platforms, they do more with less. I mean, it’s not more simple than that. They can do more with less. Beautiful. There you go. Okay. Mr.Brinton Gundersen thanks for coming into the studio today, my man. Good stuff. Thank you. It was awesome. Awesome. All right, everybody. That wraps us up. I’m your host, Josh Lupresto SVP of Sales Engineering. Mr.Brinton Gundersen here, engineering extraordinaire at Telarus Until next week, this is SASE and Empowering the Networks of the Future.