If you still only see SD-WAN as a replacement for your branch WAN solution, you haven’t been looking closely enough. Of course, distributed organizations still need a flexible and reliable solution to move data, applications, and workflows between branch offices and the cloud. Traditional MPLS connections backhauling traffic through the corporate network no longer meet evolving business needs. It’s why IDC expects that 80 percent of enterprises will have defined an SD-WAN strategy by the end of 2021.
By transforming their WAN architectures with SD-WAN, organizations can leverage such functions as dynamic path selection, optimized application delivery, and accelerated cloud on-ramp to deliver business-critical applications to the WAN Edge—even for the most bandwidth-hungry applications—all while delivering instant ROI benefits. Unfortunately, most SD-WAN solutions lack one critical component—integrated security. Instead, they require customers to build, deploy, and manage their own security overlay, making SD-WAN deployments cumbersome, expensive, and far less agile.
Secure SD-WAN, Security-driven Networking, and a Flexible Security Platform
A Secure SD-WAN solution addresses this challenge by providing all the networking and connectivity features of the most advanced SD-WAN solutions, but with a critical differentiator. It also includes a full stack of integrated, enterprise-class security features, and centralized management so it can be seamlessly incorporated into the larger corporate security framework.
Such a solution is even better when it is part of a Security-driven Networking framework—a strategy that tightly weaves networking and security functions together to simplify configuration and orchestration. This approach ensures that environments always have full protection, regardless of how dynamic or widely distributed they are.
When Secure SD-WAN and a Security-driven Networking framework are combined with a platform that can be deployed in any environment in any form factor, it can be deployed in a wide variety of locations—a strategy that most traditional SD-WAN solutions struggle to support.
For example, a virtual Secure SD-WAN solution can be deployed in multiple public or private cloud environments to enable dynamic, secure connections between clouds. A combination of physical and virtual solutions can create on-demand connections between multi-cloud and corporate data center locations. And a desktop solution powered by custom processors extends Secure SD-WAN performance, flexibility, and security to remote home office environments.
This approach extends the ability of any device, user, application, or workflow to connect to any other resource from any location, using any device. It’s a strategic approach not possible using most traditional SD-WAN solutions.
That’s because most SD-WAN solutions do not come with built-in security. Instead, IT teams have to build a security overlay for every environment. This makes deploying SD-WAN everywhere both cost and time prohibitive. One-off security instantiations deployed for each individual environment can silo technologies that limit visibility and choke off control. But by integrating Secure SD-WAN into an expansive security fabric, things like security protocols and policies, bandwidth management, and advanced routing functions can be consistently deployed, made highly visible, and be centrally managed and orchestrated—greatly reducing the complexity of managing and securing disparate environments.
Secure SD-WAN Use Cases
Here are some examples of organizations who have leveraged Secure SD-WAN to not only improve their branch WAN solution, but to also enable their company to implement more flexible and innovative environments, enabling them to increase productivity while enabling them to compete more effectively.
SD-WAN for Multi-Cloud
One US city looked to add new types of controls to protect its cloud environments, expanding its connectivity options for both employees and citizens. The first step was to expand and enhance its connectivity to the municipality’s Azure Cloud and Oracle Cloud Infrastructure (OCI) services. It did this by combining Secure SD-WAN at its branch edges with Secure SD-WAN for multi-cloud to connect their public cloud environments together.
It then interconnected its Secure SD-WAN with access points located at each branch to extend WAN functionality and protections deep into the LAN of each branch network. This enabled security policies to be consistently applied across all the branches through a centralized management console.
It then applied the same connectivity and security standards in its Azure and OCI environments, leveraging cloud-native integrations and security automation to provide the same threat protection and SD-WAN networking. Using this approach, the city was able to merge their OPEX and CAPEX budgets into a single project, significantly reducing overhead while saving money. Compared to a collection of disconnected point products, a Security Fabric approach not only reduced operational complexity for the city’s IT team, but also lowered the total cost of ownership (TCO) for its security and WAN technologies.
Future-Proofing Branch Offices
One Fortune 500 organization’s existing WAN solution required centralized inspection and filtering of all transactions. This meant backhauling all traffic to datacenters to ensure security. This slowed down performance, reduced user experience, and flooded the internal network with additional traffic. Implementing a Secure SD-WAN strategy enabled them to:
Reduce Complexity: A Secure SD-WAN solution includes things like advanced routing BGP capabilities for faster convergence and route-based path selection and the ability to build overlay VPN tunnels to the same destination address. And because these SD-WAN capabilities are built into a Next-Generation Firewall, it still reduces the number of security, routing, and connectivity devices needed at each location.
Simplify Deployment: The speed and low-touch management of Secure SD-WAN enabled them quickly to deploy—and easily manage—solutions to over 10,000 branch offices. Zero-touch provisioning saved IT staff resources and centralized management enabled easy integration with their NOC and SOC solutions.
Extend Secure SD-WAN into the Branch LAN: The company was also able to extend SD-WAN and security capabilities into their thousands of branch LANs by tying Secure SD-WAN to local switches and wireless access points to enable a full SD-Branch solution, effectively future-proofing their branch environment while continuing to consolidate devices and reduce management overhead.
WAN and Data Center
One European tourism operator wanted a more manageable and secure solution to address both its data center and WAN connectivity needs. Secure SD-Branch provided a complete LAN/WAN solution for the company’s 90 stores and travel centers in several countries. But in addition to securing their physical locations, they were also able to tie their Secure SD-WAN solutions with web application firewalls (WAFs) and application delivery controllers to secure and optimize their web presence, ensuring availability and securing scalability.
Using an integrated Security Fabric also allowed them to reduce overall complexity and simplify network management, while gaining greater visibility and control for security solutions deployed in the data center and throughout the enterprise.
Secure SD-WAN Enables Digital Innovation Across Many Edges
Secure SD-WAN allows organizations to protect their entire network infrastructure from cyber threats—from the data center out to remote branch locations and across their cloud environment—without sacrificing speed or performance.
This enables them to operate securely and at the speed of business. By leveraging Secure SD-WAN, Security-Driven Networking, and an expansive security fabric to protect their WAN, Cloud, and datacenter edges—where security and networking function as a single solution—organizations can be better prepared to face the security challenges presented by digital innovation while enabling reliable and self-healing networks.