Cloud applications and employee mobility are bringing unprecedented flexibility and agility to today’s organizations. However, this drive towards digital transformation means that businesses are faced with navigating the myriad of network infrastructure and security challenges on their cloud transformation journeys.
The rapid proliferation of cloud services and software-as-a-service (SaaS) applications is leading the majority of businesses to rethink the traditional approach to networking and security infrastructures, encouraging many to remove outdated hardware. Today, it is imperative for enterprises to liberate their applications from the compromises and constraints of existing WAN approaches by shifting to a cloud-first networking model, a shift that places more importance on software-defined wide-area networking (SD-WAN).
The move to SD-WAN
SD-WAN provides the flexibility to use any combination of transport connectivity methods, whether it’s MPLS, broadband, or 4G—and soon 5G—and logically bonds multiple links into virtual overlays, giving every application the network resources needed to deliver a high-quality end-user experience.
The technology enables enterprises to smoothly transition from hub-and-spoke to a direct-to-internet architecture. It simplifies how traffic is routed in the branch and enables improved connectivity to the internet, cloud applications, and the data centre. These improvements are increasingly important as networks are reconfigured to enable greater mobility in response to user demands.
The good news is that SD-WAN can enable this transition securely and cost-effectively. The concept of backhauling traffic to a centralised data centre worked when applications and users resided on the network. But with users in branch offices and applications moving to the cloud, backhauling traffic across a hub-and-spoke network provides a poor user experience that is expensive and can increase security risk.
Companies are paying to backhaul traffic to bring remote users onto a network that they do not need to access. To overcome these challenges and deliver a fast user experience, traffic needs to be routed directly to the internet. The on-premises model for security to which businesses have grown accustomed is not the best option to help secure the journey to a digital, cloud-centric organization.
Addressing SD-WAN security
In a recent study by Silver Peak Systems, 61 percent of survey respondents said that they will deploy SD-WAN in the next two years, agreeing it should be the number-one IT priority for businesses. When moving to an SD-WAN model, securing access to applications, wherever they are located, is a key requirement.
According to analyst Zeus Kerravala, “Security is a critical component of a successful migration to local internet breakouts, but traditional deployment models don’t work.“ Hub-and-spoke network architectures and legacy security technologies are not built for a cloud-first world, as replicating the network security stack at every branch is prohibitively expensive, adds to management burden, and increases complexity. Compromising by using next-generation firewalls at the corporate hub or Virtual Network Functions (VNFs) eliminates many of the intended benefits of deploying SD-WAN and leaves locations vulnerable. It’s crucial that local internet breakouts are adequately secured without complicating the network.
SD-WAN technology should, therefore, go hand in hand with a cloud-based security stack that offers next-generation firewall and modern internet security without adding security hardware or administrative burden. Businesses also need to make sure they can prioritise critical applications such as Office 365 over the likes of YouTube and streaming media, and that they have the ability to define and immediately enforce security and access policy changes across all locations.
As hardware continues to disappear from the enterprises, and the benefits of SD-WAN become more apparent, we’ll see demand for SD-WAN climb significantly over the next year. Indeed, with a cloud-first SD-WAN infrastructure, enterprises can take advantage of a network that enables the business, rather than the business having to conform to the constraints of the network. When looking for an SD-WAN solution, businesses are, however, advised to look for a new approach with comprehensive security that favours a lean administration.
A reliable network is vital for any enterprise in today’s business world; with old networking methods not quite making the cut, companies need to be migrating to secure SD-WAN in 2019 or risk falling behind.
Learn how Zscaler enables SD-WAN security.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Yogi Chandiramani is Technical Director for Zscaler EMEA