Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

SD-WAN and Managed Service Providers: The Dream Team?

Many of my recent conversations have turned toward SD-WAN, especially with adoption growing at such an impressive rate. According to a recent research from IDC, this is set to continue and could reach $4.5 billion by 2022. The enterprise wants to be efficient and agile, and optimizing cloud connectivity for remote sites and locations is an essential factor in achieving this.

Many of my recent conversations have turned toward SD-WAN, especially with adoption growing at such an impressive rate. According to a recent research from IDC, this is set to continue and could reach $4.5 billion by 2022. The enterprise wants to be efficient and agile, and optimizing cloud connectivity for remote sites and locations is an essential factor in achieving this.

Security First

The traditional WAN is not a cloud-friendly environment. The process of moving traffic between sites is intensive and applying security into that mix adds management overheads and complexity.  This can result in poor performance – and more critically, a poor end-user experience. Therefore, any SD-WAN strategy needs to have security embedded from the outset, with a design that ensures traffic inspection and security policies are applied as close to where data resides as possible.

In a 2019 survey of 500 IT decision-makers by Juniper Networks, 98 percent of respondents stated that they are either using or considering an SDN (Software Defined Network) solution, with SD-WAN being the entry point for many. If this is true, then why is security still seen as the top barrier that’s preventing overall adoption and how can this be alleviated?

Before considering possible solutions, it is crucial to understand why many are on this journey. Today’s enterprise is supporting a new workforce, partners and customers, all of whom have adopted modern ways of working that need to be flexible, fast and not constrained by remote-working or international business. Developing, hosting and maintaining software and infrastructure in a traditional data center can be a business inhibitor, so applications are moving to the cloud. This change enables cost reductions and performance improvements by avoiding the need for unnecessary traffic backhaul thorough a corporate data center. However, it can add complexity with the requirement for traffic optimization.

SD-WAN allows an enterprise to balance its network more effectively, using cheaper broadband circuits where possible to enable bandwidth optimized MPLS and to customize for the unique traffic requirements of each application. This makes the system more efficient and allows for significant cost savings. Some networking vendors have recognized the importance of this and converged their SD-WAN and security solutions to provide a single point for consistent management of network and security configuration.

Simplifying SD-WAN

What this means is that SD-WAN is becoming less complicated. That’s not to say that it is simple, but that enterprises are starting to move away from point solutions and considering broad offerings that solve a wide range of network and security needs. It’s also an excellent opportunity to look at how MSPs can help address the challenge. SD-WAN fundamentally changes how the network operates, and an MSP will have the skills and experience to assist in navigating this successfully. For example:

• Working with an MSP means that you have a single place from which to purchase the solution. Even if the plan is to use as few vendor solutions as possible, it can still be complicated to provide support for existing WAN links, VPN configurations and traffic management. Placing this all on a single order not only simplifies purchasing, but increases overall confidence, as the MSP will only recommend products that work well together.

• An MSP will have processes to deliver centralized reporting, management and monitoring for your environment. These processes are essential because in addition to showing the ongoing performance of the network and monitoring for issues resulting from changes, it allows for the on-demand setup of security policies as requirements change. 

• As you move from MPLS to SD-WAN and start to leverage broadband and other connection types, the number of service providers can prove to be an operational challenge. It would be quite possible to finish up managing a different ISP per region or even per site. An MSP has experience to take on the management of this layer and provide greater visibility into how each is performing – or make recommendations for migrating away toward an even simpler managed network configuration.

• Security is a critical component for any SD-WAN deployment and an MSP will be able to offer both packaged and custom services. There are essential basics to have in place, such as stateful firewalls and more advanced threat management features, including application control, antivirus and web-filtering. Additionally, since cybersecurity threats are ever evolving, it’s vital to look for an MSP who can provide additional advanced security services to help keep ahead of the challenge. These include sandboxing for malware detection, endpoint and network threat intelligence to ensure detection and response capabilities against zero-day or evasive threats, encrypted traffic analysis to warn of risks hidden inside HTTPS traffic and DNS filtering to block malicious websites.

Today’s enterprise recognizes the need to move away from legacy connections to provide better support for the modern workforce and stay ahead of their competition. Using packaged services to address combined SD-WAN and security use cases can help to not only simplify management and deployment, but also reduce overall costs while still providing a high quality end-user experience. 

For an MSP looking to grow business, the convergence of SD-WAN and security, along with the transitional needs of customers, translates to one thing: opportunity.

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...