Enterprise cybersecurity isn't what it used to be. While securing a business was not necessarily easier in the past, the way in which companies went about it was more straightforward and well defined. Traditional networks were built to house and protect users in a stationary world, a world designed for people who used desktop PCs in offices and accessed all of the applications and data within that network. In this world, companies operated with a hub-and-spoke model in which internet traffic from branch offices would be routed through a regional hub to ensure safe connections. While that caused latency, it also meant companies had only a few network touchpoints to worry about.
That world is gone. The perimeter is broken. The new world companies live in has grown beyond the hub-and-spoke model. Now, users are employing a multitude of mobile devices, from a constantly changing number of locations, to connect and communicate over the internet. And with the advent of the cloud, networks aren’t all located in a single place and on a single set of servers. The hub-and-spoke model can’t handle this new need for mobility and flexibility. So, the question companies now face is, What’s the best way to ensure quality network cybersecurity in this new environment?
I believe the answer is an emerging technology called SD-WAN, which is able to understand the destination of the traffic that’s flowing through it. SD-WAN technology is effectively a smart router in a branch office that can determine what’s internet-bound traffic versus corporate-bound traffic. In this way, SD-WAN can route traffic that’s intended for the internet straight to the internet over low-cost broadband links, while corporate data center traffic is sent over the MPLS backbone as before.
A key requirement for SD-WAN is security. With traffic coming from many different points and devices, it needs to go through an enterprise-grade security inspection process on its way to internet-based applications, services, and websites.
While the zone of trust that protected users inside the network and that companies experienced with traditional networks cannot be recreated in this new world, with SD-WAN, companies can achieve enterprise-grade security through the use of an enterprise-grade cloud-based security solution.
Traditional networks led to appliance sprawl, as companies had to create intricate and complicated security stacks to keep up with the latest threats. With cloud-based security, companies can move applications to the cloud and still rest assured that those applications will be accessed securely.
Businesses also benefit because the problems of the past are minimized or even eliminated with SD-WAN. Latency issues are gone, so the user experience is vastly improved. And SD-WAN opens up companies to leverage more cost-effective broadband connections to local service providers rather than having to push internet-bound traffic through an MPLS backbone in a centralized location before it goes out to the internet. An example of why this will be game-changing is the rapid increase in the use of SaaS applications.
SaaS applications and services are often hosted in clouds within the country where the user is operating. Pushing that individual’s traffic out to a remote centralized headquarters to then routing it all the way back to the user’s local market is inefficient and creates a poor user experience. Leveraging an internet broadband connection in the local market can often provide a faster tunnel with increased bandwidth at a fraction of the cost of a similar MPLS-WAN–type tunnel. SD-WAN thus offers a result that is better for users and companies alike, made possible by leveraging a cloud-based security provider to maintain enterprise-grade security wherever the user is located.
Learn how Zscaler simplifies and secures SD-WAN.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Scott Robertson is Zscaler Vice President, Asia Pacific and Japan