How to manage your SD-WAN without compromising security
As the pace of digital innovation picks up, opportunities arise. But, concurrently, the attack surface expands.
The challenge for enterprises is to be able to take advantage of business opportunities whilst reducing risk and complexity.
Secure SD-WAN (software-defined wide area networking) is one trend that satisfies both imperatives: expanding the reach of the enterprise network and protecting those who use it.
SD-WAN
SD-WAN is primarily a networking solution without, by definition, embedded security.
SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism.
This concept is similar to how software-defined networking uses virtualisation to improve data center management and operations.
A key application of SD-WAN is to allow enterprises to build higher-performance WANs using lower-cost and commercially available internet access.
This enables them to partially or wholly replace legacy private WAN connection technologies such as MPLS (multi-protocol label switching).
Gartner predicts that by 2023 more than 90% of WAN edge infrastructure refresh initiatives will be based on either virtualised customer premises equipment (vCPE) platforms or SD-WAN software/appliances.
Secure SD-WAN
Secure SD-WAN takes the concept one step further by adding security into the solution.
Secure SD-WAN appliances incorporate all of the networking functionality inherent in SD-WAN and combines it with all of the security features of a next-generation firewall.
The key point here is tight integration between networking and security.
SD-WAN alone doesn't address security. Security has to be added separately.
In order to establish and secure an SD-WAN branch office, IT managers have to install, configure and maintain both the SD-WAN appliance as well as a firewall.
Two vendors and two separate systems using different cost and licensing models add more complexity into the solution.
Consistent policy
With a Secure SD-WAN appliance, your workload is cut in half.
And, if your Secure SD-WAN appliance is an integrated component of your overall security fabric, your workload is even further reduced as you'll be able to extend your integrated security policy to the SD-WAN and branch office.
This further reduces complexity and total cost of ownership.
You'll be able to manage your SOC (security operation centre) and NOC (network operation centre) management tasks from a single-pane-of-glass dashboard.
You will also be able to incorporate automation into the solution and implement zero-touch for branch offices.
Both reduce the need for skilled staff at remote locations.
Conclusion
Secure SD-WAN not only reduces complexity, but it also reduces risk by ensuring that your branch office is hardened against adversaries of all types.
It also supports a uniform security policy based on business requirements and ensures the desired outcome for the enterprise.
Fortinet's Secure SD-WAN appliances, fully-integrated components of Fortinet's market-leading Security Fabric, extend a consistent security policy into your branch offices whilst improving network functionality.
In addition, Secure SD-WAN, as part of the Security Fabric, ensures that no security gaps result due to connecting the branch office to the enterprise WAN.
If you have multiple components independently trying to defend your network, you're only as strong as your weakest component.
But if they're collaborating in defending your network, their sum is greater than the individual parts.
This is the true benefit of Secure SD-WAN and the Fortinet Security Fabric.
About the author
Jon McGettigan is Senior Regional Director, Fortinet ANZ. As such, he is responsible for driving Fortinet's continued expansion in the Australasian region through building and maintaining relationships with enterprises, partners and staff. As a senior executive, he understands the risks, motivations and opportunities that face executives as they transform their networks into 21st-century revenue centres.
About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organisations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 375,000 customers trust Fortinet to protect their businesses. Learn more at the Fortinet website, the Fortinet Blog, or FortiGuard Labs.
Fortinet Security Insights is a series of hard-hitting discussions of trends in the cybersecurity world, how they will affect your enterprise and what you should be doing to prepare for digital transformation.