Thriving in Threatening Times
With frequent new strains of ransomware, massive data breaches, and thousands of users infected daily, it is a fact that enterprises are dealing with more serious threats as they increase in numbers, frequency and complexity. Airlines being down for just a few hours can ground thousands of flights. Loss of confidential data by credit companies risks identity frauds and losing millions to remedy poorly secured network or branch offices. The global enterprises today, among other things, heavily depend on the public internet to deliver applications but paves the way for an influx of malware and exploitation.
Historically, organizations secure internet via centralized access and security in data centers. Moving to direct internet access at branch offices opens users to attacks and leave organizations unprepared. To resolve the new security risks, measures of inspection and enforcement needs to move away from the data center to either the branch or cloud.
SD-WAN provides embedded security that natively supports end-to-end encryption, network segmentation, and security policies on a per user, application or organizational level. However, the delivery of a comprehensive enterprise-grade security solution is not complete with every SD-WAN provider. There are three approaches to consider when evaluating SD-WAN and security.
- Integrated security built into the SD-WAN solution. Vendors may include firewalls, end-to-end encryption, and policies for web filtering and virus checking.
- Deploys or supports on-premise firewall integrations. SD-WAN vendors often partner with network and security companies like Palo Alto, Fortinet, and Check Point to complement their services.
- Software-as-a-Service offerings and direct connections to hyper-scale clouds. This approach mitigates risks with HTTP-based traffic and keeps threats away from data that is no longer hosted on local networks.
Organizations who are looking to expand their network will likely benefit from SD-WAN’s high performance, lost cost, and ease of deployment. But certain functionalities are non-negotiable. When searching and evaluating a new SD-WAN solution, the same effort put into a security should be no less.