Securing the edge: SD-WAN
Organisations are increasingly embracing digital transformation in order to keep pace with changing business and market requirements, increased competition, and fluctuating customer demands. Part of this digital transformation strategy must include comprehensive cybersecurity measures as the network and attack surface expand due to hybrid workplace trends and the proliferation of connected devices.
The advent of software-defined wide-area networks (SD-WANs) has transformed the network security model by pushing security to the edge, making it the ideal solution to help businesses better protect their environments. Enhanced security features such as end-to-end encryption, intrusion prevention, stateful firewalls and domain name system (DNS) filtering offer significant advantages over traditional wide-area networks (WANs), which can be more expensive and were never designed for cloud environments.
“When looking for the right SD-WAN solution, businesses should consider their need to protect their organisation, now and in the future,” said Corne Mare, Chief Information Security Officer at Fortinet.
“They should determine current risk exposure and whether it will change if a new SD-WAN solution is adopted. Many vendors offer some form of SD-WAN solution, but these often lack the security requirements needed in a comprehensive solution. Secure SD-WAN solutions will help resolve cybersecurity inequality as security can be embedded within the technology; however, it’s important to assess the level of threat protection and identify potential limits to the types of threats that can be detected.
“Not all SD-WAN solutions can help ease data security and compliance challenges. For this reason, businesses must determine whether the solution supports all the applicable regulatory requirements for industry standards and data privacy obligations. This extends to tracking, auditing and reporting functions. Along with compliance, an effective SD-WAN solution should also offer automated capabilities for application awareness, path intelligence and WAN overlay support for virtual private networks (VPNs) to select the best-performing network paths across multiple WAN connections.”
One of SD-WANs’ best features is the ability to manage multiple types of connections, including 5G, broadband and LTE. Businesses should ensure their SD-WAN solution simplifies the deployment and management of network devices, provides full visibility, uses a centralised control function to steer applications in the data centre, and can be remotely managed in the cloud.
Moving from multi-protocol label switching (MPLS) to an SD-WAN can cut overall operational costs while also improving performance and security. When it comes to the cost of an SD-WAN, every vendor is different, and this is reflected in the overall pricing structure. Businesses must ensure they understand the operational costs of implementing each SD-WAN and wireless WAN solution to determine if it’s affordable and whether deployment will maximise the value of their investment. Enterprises should choose an SD-WAN solution with neutral third-party validation, ensuring it has been thoroughly tested on its integrity and recommended by independent industry experts. Using a solution that is compliant with its requirements and performs its functions as desired is critical in the current fragmented and complex cybersecurity market.
“The rise of distributed workforces has significantly increased the number of devices connected to the network,” Mare said.
“Many organisations have already implemented security measures to detect and respond to threat actors; however, they may not be capable of preventing threats before they become a risk to critical business operations. With edge-to-edge, encrypted tunnels and a stateful firewall, a secure SD-WAN solution can focus on threat prevention and prevent unauthorised traffic from entering the network. Choosing a cybersecurity mesh approach as recommended by Gartner can help organisations eliminate gaps in their security posture.
“The SD-WAN provider landscape is vast, and as competition rises, more solutions will hit the market with varying degrees of sophistication, management and orchestration capabilities. Selecting a secure SD-WAN provider isn’t all about cost. Instead, organisations should focus on comparing solutions based on their capabilities and ability to ensure reliable and secure WAN connectivity while also solving the security problems associated with traditional WAN.”
Hybrid environments are here to stay: ensure your technology is ready
These days it seems like it is all about software — so much so that software's integral...
Next-gen wireless network for PCEC
Perth Convention and Exhibition Centre has selected Hewlett Packard Enterprise HPE Aruba...
Intelligent networks: a software-defined future
No matter how sophisticated your technology and people are, they will only reach their full...