Cat Allen, Senior Product Marketing Manager for Network Security at Forcepoint tells us about SD-WAN and the benefits of using this in a business, addressing the myths that have spread about its use.
Software-Defined Wide Area Networking (SD-WAN) is not a new concept, but it’s taken on added importance in the era of widespread hybrid working practices, as it provides a way to connect multiple locations securely at scale. As employees need to access data and systems in new ways, demand for SD-WAN to improve productivity and reduce costs increased rapidly last year. The latest IDC report showed the SD-WAN market grew by 18.5% during 2020, with similar levels of growth predicted through to the end of 2025.
Many organizations are still working through their journeys to become more digitally-driven, finding ways to securely move work to the cloud and improve their network reliability by centralizing and simplifying administration and management. SD-WAN as a concept is never far away from these discussions, but several myths have emerged around it as time has gone on. If not acknowledged and addressed, they can slow a company’s journey to more secure, efficient, and reliable networking solutions.
Replacing MPLS with SD-WAN is mostly about saving money
In fact, “replacing” is a bit of a myth itself. The process of switching from Multiprotocol Label Switching (MPLS) to SD-WAN can take a while: and many organizations still require a hybrid networking architecture. SD-WAN also provides flexibility in how network capacity is managed, improves business continuity, provides speedy access to cloud applications, assists in data isolation for compliance, and many other advantages.
SD-WAN takes the place of the internet
Many people believe that SD-WAN is a specific type of network connection or a whole separate network, replacing previous ways of getting sites online. It may be that service providers offering proprietary network connections are muddying the waters. Still, SD-WAN’s key benefit here is not to replace the internet but improve access to it. SD-WAN can help tailor connectivity to each site’s needs and use different types of technologies more effectively, facilitating connectivity. Whatever connection link is most appropriate for each location, from cable and DSL to fiber and 4G/LTE, SD-WAN can help facilitate that connectivity.
SD-WAN eliminates the need for on-premises hardware
Yes, it’s software-defined: but that doesn’t make it software-only. Internet links and local networks are still plugged into on-premises equipment to connect to a business’ Internet Service Provider (ISP) or provide the necessary security. However, enterprise SD-WAN will automate and centralize the management of network appliances, allowing network managers to deploy to new locations without an on-site technician. It can help direct traffic for specific applications across specific links, which helps reduce the latency needed to connect highly interactive cloud apps like Microsoft 365. When paired with a complete network security solution and robust cloud and remote worker security like Data Loss Prevention, or Remote Browser Isolation, SD-WAN can be a powerful and flexible way to manage and secure network traffic.
SD-WAN solutions are already enterprise-grade
Not all SD-WAN solutions are created equal. Some only provide a specific type of connectivity, and some only handle a few locations. Simple remote configuration schemes, such as connecting to an administrative web interface on a single device, are suitable for making minor changes in small environments but quickly become unwieldy when dealing with hundreds or thousands of locations. Centralized administration is the only answer, and policy updates must be fast and easy to make and deploy. Those solutions that can deliver efficiencies at scale, and tightly integrate security with connectivity to prevent gaps, are worth looking out for.
SD-WAN has built-in security
Many first-generation SD-WAN solutions enforce encryption of traffic over commodity broadband links using VPN technologies, but this doesn’t make the sites themselves any more secure and isn’t scalable for full remote working. With some SD-WAN solutions, security may not have been built in by design, and not all traffic may be encrypted. The security may also be centralized in a hub-and-spoke way, creating gaps that attackers can leverage to sneak into stores, branches, or remote office connections. Full Next-Generation Firewall (NGFW) and intrusion prevention capabilities are mandatory anywhere a site touches the internet, and modern, enterprise-grade SD-WAN solutions integrate security into networking to prevent potentially damaging gaps.
The networking capabilities of a typical organization have undergone immense pressure and waves of change over the past 18 months. Moving to more software-defined and automated ways to manage this transition is worthwhile – but only in having an accurate understanding of SD-WAN, how to implement it, and what it can and can’t do, will leaders be able to keep their organizations and users safe and re-build digital trust.