SD-WAN has shown that it can deliver a faster user experience, reduced costs, and simplified branch IT. But, despite all of the potential benefits, security remains one of its shortcomings. And, securing branch locations has become more difficult as more applications and data move to the cloud.
So how are organizations dealing with this challenge? Network World and Zscaler recently conducted a survey to understand how enterprise organizations with multiple locations are routing and securing branch office traffic today, and what role SD-WAN plays in their efforts.
The survey, conducted in September 2019, queried organizations with a minimum of 5,000 employees up to 100,000 or more to examine the adoption of SD-WAN, as well as key SD-WAN drivers and concerns. It aimed to understand organizational concerns around the current methods for securing branch internet connections and the ability to gain the full performance and cost benefits of SD-WAN with those approaches. And it looked to understand the importance of various capabilities when choosing solutions to secure direct-to-internet connections from branch locations.
SD-WAN and the cloud
Before we get into the survey results, a little background would be helpful.
The migration of applications and services to the cloud has changed the usual ways of connecting, computing, and doing business. Organizations are taking advantage of innovations in cloud computing, and applications that were historically deployed in the data center are shifting to the cloud. Legacy hub-and-spoke architectures that were designed for users who connect to, and applications that reside in, the data center have been unable to keep pace with these changes. Backhauling traffic from remote offices over low-bandwidth WAN links to centralized data centers is an expensive proposition. With richer cloud applications in use in branch offices, hub-and-spoke architectures have become a burden to productivity.
SD-WAN extends the concept of software-defined networking to a WAN. The technology enables enterprises to smoothly transition from a hub-and-spoke to a direct-to-internet architecture. SD-WAN technology is effectively an intelligent router in a branch office that can differentiate between internet-bound and data center-bound traffic. Path optimization allows SD-WAN to offload internet-bound traffic locally over low-cost broadband/4G/5G and reserves costly MPLS links for traffic that is bound for the corporate data center.
Is SD-WAN the answer for connecting branch offices in today’s digital world? Let’s see what the survey says.
With intelligent routing, simplified networking, and the potential for reducing costs, it’s no surprise that many organizations, especially those with a cloud-first mandate, are increasingly turning to SD-WAN. According to the survey, more than half (55 percent) of respondents are either piloting, upgrading, or have installed SD-WAN. Twenty-eight percent are actively researching SD-WAN and, for the remaining 17 percent, it’s “on the radar.”
The security conundrum
Despite broad interest in its potential benefits, many organizations still have concerns about adopting SD-WAN, and those concerns are mostly around security. Why? One of the great advantages of SD-WAN is that it enables local internet breakouts for direct connections, but local breakouts are not intrinsically secure, raising a host of new security concerns for organizations, such as blind spots as a result of traffic going uninspected. It’s not surprising then that 88 percent of companies surveyed showed concern about traditional security limiting the advantage of SD-WAN.
To help alleviate such concerns, SD-WAN technology should be combined with a cloud-based security stack that offers modern internet security capabilities in the cloud, including advanced next-generation firewall capabilities, advanced threat protection, and data loss prevention –without adding any security hardware or administrative burden. Businesses also need to ensure they can prioritize critical applications, such as Office 365, over the likes of YouTube and streaming media, and that they can define and immediately enforce security and access policy changes across all locations.
The right security
Are you investigating SD-WAN? Is SD-WAN already part of your plans? Either way, you’ll want to embrace a cloud security platform that helps you achieve all the benefits of this technology, as opposed to one that hampers it.
Read the full report for details about the survey and more of its findings.
Jen Toscano is a senior product marketing manager at Zscaler