Story image

Security capabilities of SD-WAN encouraging rapid adoption

18 Apr 2018

Article by Ovum chief analyst Mike Sapien

Beyond basic network connectivity and network-centric features such as WAN optimisation, security has been one of the promised next-wave roadmap features surrounding managed SD-WAN services.

In early customer deployments, network connectivity was the spotlight feature, along with managing the mix of network types and diversity of providers. Security was a concern early on, but most customers realise they can retain their existing security infrastructure and environment with little change.

They can also enhance their security measures with the many security options available through managed SD-WAN. Given SD-WAN’s use of multiple services, increasing use of internet services, and the multicloud environment, customers have more interest in making sure their security posture is maintained or fortified.

Ovum has observed that as customers become more comfortable with the network features and functions, security is garnering more attention.

Customers also have realised how an SD-WAN presents new security options with service chaining, but in the context of keeping their existing security infrastructure in place. Meanwhile, SD-WAN vendors and providers have started to develop more security options for managed SD-WAN services on their own and with third-party security vendors.

Some vendors have developed foundational security features, including stateful firewalls or web filtering, to address customer requirements for direct branch-to-cloud connectivity. These vendors also collaborated with existing security vendors (Check Point, Fortinet, Palo Alto Networks, and Zscaler) to develop integrated and/or overlay options that could easily be service chained for additional security.

Customers now find that managed SD-WAN service security options provide strong foundational security options, but also enable more granular levels and layers of security that can be aligned on a per-application or traffic-type basis.

Ovum has witnessed many SD-WAN vendors offering foundational security options versus listing them as roadmap items. Customers can easily service chain more robust security features by location, session, user, and application.

This capability is just one example of the improved security that can be provided with advanced SD-WAN implementations. Managing security can be centralised across all the elements customers desire, including the necessary tasks of updating and installing security patches. Security needs to be one of the critical features of any new managed ICT service, but in this case, SD-WAN technology has provided more flexible options than the legacy technology that it replaces.

Summary

During 2016, most enterprise customers focused on SD-WAN evaluation through the lens of network functionality, with security in the background. In 2017 and going into 2018, customers’ concerns about security have turned to using managed SD-WAN to fortify their security posture.

Managed SD-WAN providers and MSSPs are collectively offering many security alternatives for SD-WAN services. With the maturation of SD-WAN technology, security options available, and multiple deployments, managed security services are becoming integrated features of managed SD-WAN services with more robust features yet simple implementations.

Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Online attackers abusing Kiwis' generosity in wake of Chch tragedy
It doesn’t take some people long to abuse people’s kindness and generosity in a time of mourning.
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."