With the escalating adoption of bandwidth-hungry SaaS applications, VPs of networking are having to rethink their wide area networking (WAN) strategies. Instead of accommodating increasing and variable demand with costly, inflexible WAN connections, more network leaders are looking to implement a software-defined wide area network (SD-WAN). SD-WAN is attractive not only because it provides more efficient and cost-effective bandwidth allocation, but also because it improves WAN performance, agility, and operational flexibility.
As network leaders assess their SD-WAN options, however, what is often missing from their deliberations is how to adequately address security risks. SD-WAN vendors are increasingly embedding security features into their offerings, but these tend to be basic, Layer 3 network controls and not the robust security functions that these environments require. Considering the current cyber-threat environment, should security embedded in an SD-WAN-enabled appliance be relegated to perfunctory specs, subjugated to SD-WAN’s greater mission of pushing packets through pipes as seamlessly as possible? Because that is exactly the problem with most of today’s SD-WAN-plus-security offerings.
Why Divide and Conquer Isn’t the Answer
Will the Real Integrated SD-WAN/NGFW Solution Please Stand Up?
- Application and Path Awareness. As an SD-WAN-enabled appliance, the NGFW must have path awareness intelligence, automatically routing packets from each application according to application-level SLAs, prioritizing them by criticality, time of the day, and so on. It should also be application aware, enabling network admins to monitor the changing traffic patterns of the applications traversing the WAN so they can modify policies accordingly.
- Integrated Security and Compliance. This secure environment should not only include key security features, such as high-throughput IPsec VPN and SSL inspection, but also compliance tracking and reporting. With applications dispersing packets across multiple WAN pathways in an SD-WAN, you don’t want to spend hours retracing the routes of suspect packets by toggling between multiple apps.
- Automation. Advanced NGFW hardware design is key to ensuring that firewall functions do not compromise WAN path routing. Otherwise, the performance gains promised by SD-WAN may be negated by security-based latencies.
- Multi-Broadband Support. Rather than relying on erratic 4G/3G network as the only failover for multiprotocol label switching (MPLS) lines, the firewall should also be able to leverage the public internet in order to maximize WAN availability.
- TCO-Reducing Features. Consolidated management almost goes without saying. It doesn’t pay to use an integrated solution if it needs to be managed through two different consoles. And furthermore, an SD-WAN-enabled firewall that offers zero-touch deployment will also relieve much of the burden associated with SD-WAN implementation.
Who Maintains It—Networking or Security?
Call SpartanTec, Inc. now and learn more about SD-WAN.
SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
http://manageditserviceswilmington.com
Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence
No comments:
Post a Comment