Understanding the need to secure your SD-WAN platform

Issue 7 2020 IT infrastructure

An increasing number of businesses are switching to a Software-Defined Wide Area Network (SD-WAN), which is a unique approach to wide area networking, because it combines traditional WAN technologies with the internet and provides more visibility within an organisation.

The move to SD-WAN is largely driven by distributed enterprises with multiple remote offices, which are increasing using business-critical, cloud-based applications and tools that are migrating away from performance-inhibited wide-area networks (WAN).

Louis Kirstein.

According to Louis Kirstein, DSM expert: Connectivity Services at T-Systems South Africa, the visibility provided by a SD-WAN enables network administrators to oversee the network and monitor traffic for inconsistencies. From a security perspective, this functionality allows network administrators to ensure applications are performing accordingly and make sure security elements are running correctly.

“SD-WAN is an element of the bigger security framework of an organisation. If there’s one way to summarise how an SD-WAN fits into the overall security landscape of an organisation, it is to say that it enables centralised policy management and distributed policy enforcement,” Kirstein says.

Thus, one of the main advantages of SD-WAN is that it is software-defined and not hardcoded in infrastructure, so policies can be distributed from a central console to all sites and branches and these can be executed by various components.

Lukas van der Merwe.

Considering security

What makes SD-WAN technology so popular is that it allows businesses to make their networks more efficient and dynamic when it comes to consuming network resources, increasing bandwidth at a lower cost, as well as providing more options for connection types and vendor selection when building their networks.

At the same time, says Kirstein, organisations must give due consideration to securing their SD-WAN, as SD-WAN solutions do not provide in-built security, which is critical for direct Internet access. Yet, the need for an organisation to protect its IT environment from a hostile, public Internet, which is the carrier of its Internet traffic, is fundamental.

“SD-WAN platforms are inherently not secure. It’s the security technology within a secure SD-WAN solution that makes it safe. Secure SD-WAN allows each branch location to benefit from diverse security policies and connectivity, while IT enables corporate and Internet traffic simultaneously – on the same circuits,” he added.

“For organisations that are looking to address the security aspects of their SD-WAN deployments, certain vendors can deliver proprietary secure SD-WAN solutions that use the network’s firewall technology to perform routing,” says Lukas van der Merwe, specialist sales executive: Security at T-Systems South Africa.

No need for bolt-on layer

“There is no need for a bolt-on security layer to provide a holistic end-to-end security solution, in terms of network access. Secure SD-WAN has an architecture that includes a secure perimeter protection capability, as well as components that are needed to access cloud-based solutions.”

Van der Merwe notes that what is essentially different in a secure SD-WAN solution is that it has a distributed firewall topography, managed from a single point.

“A secure SD-WAN solution uses the firewall platform, which is distributed across the entire enterprise environment, towards each endpoint, the perimeter is broadened towards the branch offices and it is all managed centrally.”

SD-WAN functions need to be virtualised to keep up with evolving security threats and to control the cost of updating and upgrading security elements. Van der Merwe says that virtualising the functions, or the ability to define policies and deploy them centrally and in real time, provides more control and visibility, which – in the context of a secure SD-WAN solution – does improve security.

Ultimately, the benefits of a secure SD-WAN solution are undeniably extensive, and enable enterprises to not only meet compliance mandates, reduce infrastructure and circuit costs, but also to improve and simplify segmentation and decrease branch sprawl.

For more information contact T-Systems in South Africa, +27 11 254 7400, thami.malinga@t-systems.co.za, www.t-systems.com/za/en

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Integrated facilities management solutions
Issue 2 2021 , IT infrastructure
Tsebo Facilities Solutions provides a smart remote monitoring solution that will increase efficiency and, most importantly, mitigate risk.

Cisco and AMD improve performance, security and hybrid cloud operations
Issue 2 2021 , IT infrastructure
Cisco has announced?an expanded engagement with AMD?to help businesses?accelerate advanced digital experiences?and improve hybrid cloud operations

GJD unveils new Network Bridge product
Issue 2 2021 , IT infrastructure
GJD has announced the launch of its new Network Bridge, designed to easily connect GJD IP devices with third-party video management software and network compatible products, including Avigilon and other proprietary CCTV systems.

Backup servers with free Altaro software
Issue 2 2021 , IT infrastructure
Altaro Physical Server Backup enables you to easily restore a physical server on your network and access it on your existing virtual environment, as a virtual disk or fully functional virtual machine.

Vehicle-to-office connectivity
Issue 2 2021 , IT infrastructure, Mining (Industry)
A large coal and heavy minerals mining company in South Africa is rolling out a mine-wide wireless digital connectivity networking solution that interconnects the various employees’ mobile devices to monitoring systems on vehicles, mining equipment and conveyor belts throughout the mine.

Introducing Video Storage Solutions
Issue 1 2021 , Integrated Solutions, CCTV, Surveillance & Remote Monitoring, IT infrastructure
Video Storage Solutions (VSS) was formed with the single objective of providing system integrators who are part of the Milestone Community with verified video recording and storage appliances. VSS is distributed in South Africa by First Distribution.

Used electronics present security concerns
Issue 1 2021 , IT infrastructure
Employers have a legal obligation to clean old IT devices professionally and ensure that all data is erased from them prior to decommissioning and disposal or redistribution.

Issue 1 2021 , IT infrastructure
With the rapidly accelerating pace of digital transformation last year, many organisations were forced to invest in data storage infrastructure, however, these businesses often face the dilemma of whether to opt for a solution acquired as a capital expense or operating expense.

How technology enables better healthcare
Issue 1 2021 , IT infrastructure
With the need for digital acceleration to support the healthcare landscape since the onset of the COVID-19 global pandemic, technology has played a critical role to improve the standards of patient healthcare and enable health workers.

Trust but monitor: secure access in COVID times
Issue 1 2021 , IT infrastructure
Wrapped up into a single pane of glass, delivered as a service, with seamless security for the user and the administrator, SASE will ensure perfect secrecy for all your employees – onsite and remote, technical or technophobe, malicious or technologically illiterate.