How GlobalNet Unified Cloud Networking and Security with SASE: A Case Study
Executive Summary / Key Results
GlobalNet, a multinational financial services firm, faced escalating complexity and security risks from fragmented networking and security solutions. By deploying a Secure Access Service Edge (SASE) architecture, they achieved:
- 40% reduction in latency for global cloud application access
- 60% decrease in security incidents related to remote access
- 35% lower total cost of ownership (TCO) over three years
- 100% adoption of Zero Trust across all users and devices
- $1.2M annual savings in cloud breach costs (see How CSPM Automated Remediation Saved FinServe $1.2M)
Background / Challenge
GlobalNet operated a traditional hub-and-spoke VPN model with separate security appliances at each data center. Their workforce had grown 200% in three years, with remote employees accessing cloud SaaS and IaaS resources directly. This created:
- Latency issues: Backhauling traffic through central data centers caused delays of up to 500ms for cloud apps.
- Security gaps: Inconsistent policy enforcement across branch offices and remote users led to frequent misconfigurations.
- Operational overhead: Managing disparate firewalls, SD-WAN, and cloud security tools required a dedicated team of 15 engineers.
“We were spending more time on infrastructure maintenance than on strategic security initiatives,” said CISO Jane Doe. “We needed a unified approach that could scale with our cloud-first strategy.”
Solution / Approach
After evaluating vendors, GlobalNet chose a cloud-native SASE platform that converged SD-WAN, SWG, CASB, ZTNA, and FWaaS into a single service. The solution offered:
- Global Points of Presence (PoPs): 200+ edge locations for local internet breakout
- Identity-driven security: Policies based on user identity and device posture
- Integrated cloud security posture management (CSPM): Continuous monitoring and automated remediation of misconfigurations
The implementation followed a phased approach:
- Pilot: 50 users in two branch offices
- Rollout: All 5,000 employees over six months
- Optimization: Tuning policies using AI-driven analytics
Implementation
GlobalNet migrated from their legacy MPLS/VPN setup to SASE without disrupting operations. Key steps included:
- Replacing hardware SD-WAN appliances with software agents on existing routers
- Integrating with existing identity provider (Okta) for seamless SSO
- Deploying Zero Trust Architecture: All access required authentication and device compliance
- Configuring cloud data protection: Encryption and tokenization for sensitive financial data
The migration was completed on time and under budget, thanks to the SASE provider’s professional services and automated tools.
Results with specific metrics
| Metric | Before SASE | After SASE | Improvement |
|---|---|---|---|
| Average cloud app latency | 300ms | 180ms | 40% reduction |
| Security incidents per quarter | 25 | 10 | 60% decrease |
| Network management team size | 15 FTE | 6 FTE | 60% reduction in effort |
| Time to deploy new branch | 4 weeks | 1 day | 96% faster |
| Annual cloud breach costs | $2.0M | $0.8M | $1.2M savings |
Additionally, GlobalNet reduced their carbon footprint by 30% by decommissioning on-premises hardware.
Mini-Case: Remote Sales Team
A sales team in Asia-Pacific experienced 500ms latency when accessing Salesforce and Office 365. After SASE, latency dropped to 80ms, improving productivity by 25% and reducing VPN drop-offs.
Key Takeaways
- SASE simplifies security and networking into a single, policy-driven framework.
- Adopting Zero Trust is essential for modern cloud environments.
- Automated remediation (CSPM) can significantly reduce breach costs.
For organizations still using legacy VPNs, the transition to SASE is a strategic imperative for agility and security.
About GlobalNet
GlobalNet is a top-10 financial services firm with 5,000 employees across 20 countries, managing $500B in assets. Their cloud-first strategy relies on SaaS applications and multi-cloud IaaS.
For more on securing cloud networks, read Cloud Security: The Definitive Guide for 2024.




