Why secure SD-WAN is the future of edge security

Hubert da Costa, SVP and GM EMEA at Cybera, outlines the security benefits of SD-WAN deployments over traditional Virtual Private Networks (VPNs) for distributed enterprises.

Traditional virtual private networks (VPNs) have long been the ‘go-to’ approach for distributed enterprises looking to connect remote locations and/or deploy new applications in a cost-effective manner.  

However, in recent years, evolving business practices and needs have seen the appeal of VPNs greatly diminished.

New technologies such as the cloud, IoT and big data are expanding perimeters far beyond previous limits, making VPNs increasingly costly and complex to maintain, two words that no IT department or CEO likes to hear.

As a result, organisations are now struggling to extend robust security measures to remote sites with the limited resources at their disposal, leaving them more vulnerable to cyber-attacks and breaches. 

The arrival of secure SD-WAN (an acronym for software-defined networking in a wide area network) is changing this.

Purpose built to address modern connectivity challenges, secure SD-WAN takes a defence-in-depth approach while simultaneously reducing attack surface by logically segmenting the enterprise network on a per-application basis.

Furthermore, this multi-layered security approach is delivered with the same architectural reliability, scalability and cost benefits of a virtual overlay network, making it a win-win for enterprises.

A modern solution for modern challenges

Today’s enterprises are deploying record numbers of new applications to help boost productivity and efficiency in an increasingly crowded global marketplace.

As such, they require a simple yet effective solution to securely connect them all, ideally with minimal effort, cost and complexity.

Secure SD-WAN solutions greatly simplify enterprise networks and significantly reduce the cost of managing enterprise WANs by extending the multi-layered security defences used in modern data centres to branch locations.

Critically, they allow mission-critical applications such as payments and loyalty to co-exist with public applications like Wi-Fi on a single network whilst also providing application-specific security and end-to-end network segmentation.

These applications are segmented into their own dedicated logical networks, preventing them from intermingling with other traffic on the network.

This offers a distinct improvement over VPNs, which only provide an either/or scenario.

Either all traffic is segmented on separate VPNs, which is both expensive and highly complex to maintain, or it all intermingles on one VPN, which is cheap but highly insecure.

How does SD-WAN work and what are the key benefits?

Secure SD-WAN virtualises an enterprise’s entire wide area network (WAN), meaning all network intelligence is handled in software.

As a result, remote locations can all be defined simultaneously and kept synchronised via centralized, cloud-based policy administration inherent in SD-WAN connectivity models.

This ground-breaking approach brings numerous key benefits including:

Greatly reduced costs

Through virtualisation, the cost of WAN infrastructure and support can be reduced by almost 80%.

Integrating functionality such as Wi-Fi, wireless back-up, firewall and intrusion detection/prevention into a single solution eliminates the need for multiple, dedicated premise devices.

Higher levels of security

Logical network segmentation allows security policies to be enforced on a per-application basis, greatly limiting exposure in the event of a breach.

Just as importantly, secure SD-WAN’s centralised virtual overlay approach eliminates multiple manual configurations that can expose networks to unnecessary risk.

Secure SD-WAN also allows enterprises to extend the multi-layered security approach used in data centres, right out to the edge of the network without the need for skilled IT professionals at every branch.

Simplified network setup

Distributed enterprises can be up and running in minutes instead of months.

Secure SD-WAN offers automatic provisioning and configuration from a central controller, as well as automatic network updates and changes for remote locations.

Superior business agility

Secure SD-WAN functionality allows for zero touch deployment, meaning new network services can be quickly rolled out on-demand, supporting the needs of an agile modern business.

Proven scalability

Designed with scalability in mind, SD-WAN can provide the levels of security and performance that on-demand network services need in large distributed enterprises. New branch deployments, software updates and policy changes can all be carried out quickly and efficiently without compromising network performance.

For many years, VPNs were the go-to connectivity solution for distributed enterprises, but as business practices and needs evolved over time the limitations of VPNs have become increasingly apparent.

Secure SD-WAN is purpose built to address the modern challenges faced by distributed enterprises, providing a simpler, safer and more secure connectivity solution that can scale alongside the business, all without breaking the bank. The future is here. 

Related Articles

Top Stories