Understanding the need to secure your SD-WAN platform

Issue 7 2020 Infrastructure

An increasing number of businesses are switching to a Software-Defined Wide Area Network (SD-WAN), which is a unique approach to wide area networking, because it combines traditional WAN technologies with the internet and provides more visibility within an organisation.

The move to SD-WAN is largely driven by distributed enterprises with multiple remote offices, which are increasing using business-critical, cloud-based applications and tools that are migrating away from performance-inhibited wide-area networks (WAN).


Louis Kirstein.

According to Louis Kirstein, DSM expert: Connectivity Services at T-Systems South Africa, the visibility provided by a SD-WAN enables network administrators to oversee the network and monitor traffic for inconsistencies. From a security perspective, this functionality allows network administrators to ensure applications are performing accordingly and make sure security elements are running correctly.

“SD-WAN is an element of the bigger security framework of an organisation. If there’s one way to summarise how an SD-WAN fits into the overall security landscape of an organisation, it is to say that it enables centralised policy management and distributed policy enforcement,” Kirstein says.

Thus, one of the main advantages of SD-WAN is that it is software-defined and not hardcoded in infrastructure, so policies can be distributed from a central console to all sites and branches and these can be executed by various components.


Lukas van der Merwe.

Considering security

What makes SD-WAN technology so popular is that it allows businesses to make their networks more efficient and dynamic when it comes to consuming network resources, increasing bandwidth at a lower cost, as well as providing more options for connection types and vendor selection when building their networks.

At the same time, says Kirstein, organisations must give due consideration to securing their SD-WAN, as SD-WAN solutions do not provide in-built security, which is critical for direct Internet access. Yet, the need for an organisation to protect its IT environment from a hostile, public Internet, which is the carrier of its Internet traffic, is fundamental.

“SD-WAN platforms are inherently not secure. It’s the security technology within a secure SD-WAN solution that makes it safe. Secure SD-WAN allows each branch location to benefit from diverse security policies and connectivity, while IT enables corporate and Internet traffic simultaneously – on the same circuits,” he added.

“For organisations that are looking to address the security aspects of their SD-WAN deployments, certain vendors can deliver proprietary secure SD-WAN solutions that use the network’s firewall technology to perform routing,” says Lukas van der Merwe, specialist sales executive: Security at T-Systems South Africa.

No need for bolt-on layer

“There is no need for a bolt-on security layer to provide a holistic end-to-end security solution, in terms of network access. Secure SD-WAN has an architecture that includes a secure perimeter protection capability, as well as components that are needed to access cloud-based solutions.”

Van der Merwe notes that what is essentially different in a secure SD-WAN solution is that it has a distributed firewall topography, managed from a single point.

“A secure SD-WAN solution uses the firewall platform, which is distributed across the entire enterprise environment, towards each endpoint, the perimeter is broadened towards the branch offices and it is all managed centrally.”

SD-WAN functions need to be virtualised to keep up with evolving security threats and to control the cost of updating and upgrading security elements. Van der Merwe says that virtualising the functions, or the ability to define policies and deploy them centrally and in real time, provides more control and visibility, which – in the context of a secure SD-WAN solution – does improve security.

Ultimately, the benefits of a secure SD-WAN solution are undeniably extensive, and enable enterprises to not only meet compliance mandates, reduce infrastructure and circuit costs, but also to improve and simplify segmentation and decrease branch sprawl.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
The hidden cost of cheap networking gear
Duxbury Networking Infrastructure
When it comes to building a network, price is always a consideration, especially in the current economic climate, but there is a difference between smart spending and short-term savings with long-term losses.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Advanced surveillance storage from ASBIS
Infrastructure Surveillance Products & Solutions
From a video storage solutions perspective, SkyHawk drives, designed for DVRs and NVRs, offer high capacity, optimised firmware, and a reliability workload rating of hundreds of terabytes per year.

Read more...
Power surges are killing our networks
Duxbury Networking Infrastructure
With power surges and lightning strikes becoming an all-too-familiar threat to South African infrastructure, Duxbury Networking is calling on local installers and network integrators to follow proper grounding protocols.

Read more...
A passport to offline backups
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure Smart Home Automation
SMART Security Solutions tested a 6 TB WD My Passport and found it is much more than simply another portable hard drive when considering the free security software the company includes with the device.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.