Just a few years ago, the most frequent challenges experienced by branch offices were the result of a slow connection to the central data center. Over time, this grew to include the inability to deploy reliable latency-sensitive applications and services at the branch, such as VoIP or video conferencing. While MPLS was adopted to resolve these connectivity and performance issues, those connections were also rigid and static, requiring critical data to exist at a single location.
Today, not only do branch transactions, workflows, applications, and data requests need to be fast, the data used to support those transactions is increasingly decentralized across a meshed infrastructure architecture, including private or public clouds, can also be dynamically reassigned locations as resource configurations change. This new reality has outstripped the rigid limitations of MPLS.
SD-WAN solutions were developed to overcome the networking challenges that traditional MPLS-based branch network strategies couldn’t address. They provide branch users with flexible access to resources located anywhere across the distributed network. They also allow end users to use advanced applications, generate complex workflows, and utilize cloud-based services from a variety of devices, including their BYOD solutions.
While SD-WAN extends the advantages of digital transformation to the branch, many vendor’s solutions are still poorly equipped to deal with the challenges of the digital marketplace. For example, Gartner recently reported that security is the top concern of executives looking to update their wide-area networks to SD-WAN.
Most SD-WAN solutions only provide minimal security, usually in the form of VPN and some basic stateful firewall functions. Because of this deficiency, organizations are being forced to figure out how to integrate their new SD-WAN solution into their existing security architecture, only to learn that most of the legacy security solutions they have in place can’t scale to meet SD-WAN requirements.
Instead, SD-WAN solutions need to include a native suite of sophisticated security tools, and those tools need to seamlessly integrate with those security tools deployed elsewhere in the distributed network, including remote and mobile devices, cloud solutions, and physical networks.
To meet this requirement, SD-WAN candidates MUST include the following three security characteristics:
Secure SD-WAN—a solution that includes natively integrated security controls—is a fundamental requirement for any branch strategy. Security needs to not only protect data and resources, but also ensure that the organizations primary objectives—high performance, meeting digital business requirements, and controlling costs—are met. This includes maintaining exceptional security without impacting latency-sensitive communications, adapting to constantly evolving applications and DevSecOps strategies, and being able to seamlessly straddle different networked environments without losing features or functionality.