Enterprises Need to Keep Edge Networks Safe
October 6, 2019
With enterprises investing heavily to transform themselves digitally, the threat environment has in many respects intensified and diversified. Enterprises pursuing a hybrid cloud or multi-cloud strategy, or relying on a software-as-a-service model to give remote workers access to critical applications, perhaps via a mobile device, will be potentially exposing themselves to new threat vectors that must be built into an already long list of security considerations for WAN edge optimization.
As enterprises look for ways to accelerate their digital transformation journeys and to achieve greater business agility, they must match that by transforming their wide-area network to be more software-driven. By transforming their networking strategy with the right SD-WAN solution, they are not only gaining manageability and control, they are taking a big step toward better network security as well.
The networks of yesterday were data center centric; however, with SaaS and multi-cloud requirements, site-to-site connectivity from the edge and to the cloud are required.
Branches need not connect back to the corporate data center to access apps and clouds, in addition to packet inspection and security posture, which resulted in a lousy user experience because of backhauling all traffic to the data center.
What the contemporary enterprise needs is direct Internet access but without security limited branch by branch with different requirements. SD-WAN however allows for all security policies to run at all branches at the same time in the same context as more deterministic network performance. In some cases it only takes just a portion of security to be CPE and integrated cloud-based security for scaling up and scaling down to workload demands. Cloud security as a service will do that natively, and then you don’t have to worry about sizing compute bespoke for every branch.
Multiple connections to your SD-WAN including private and hybrid connections allow branches to gain direct Internet access (DIA). Managed SD-WAN and cloud security as a service can manage both on-premise and cloud-based policies, uniformly.
For extending WAN edge to the cloud, SD-WAN solves the bottleneck from private cloud to public cloud, and when the bigger threat is that once the branch is on the web, the IP of the branch is exposed, and users worry about DDoS attacks and unknown vulnerabilities, it’s paramount to protect the public window at the edge; there’s no need to throw in line an expensive hardware-oriented platform at every branch.
The traditional hub and spoke connectivity model that connects branch users through private VPNs to a data center, or corporate HQ firewall, no longer works in today’s multi-cloud environments. Enterprises are rapidly moving to direct and secure, Internet and cloud connectivity, for their branch locations. SD-WAN enables each branch location to take advantage of diverse connectivity, while IT enables corporate and Internet traffic simultaneously – on the same circuits.
Multi-cloud connectivity moves the Internet perimeter from a centralized and secure HQ location, to a distributed model, where every branch location receives direct and optimized cloud access with security. The combination of SD-WAN and multi-layered security is required to make this work.
Integrating these necessary functions into a single software platform greatly reduces complexity, while providing advanced visibility that can be programmed with automated and contextual policies. The key to enabling a smooth multi-cloud migration path is a versatile and multi-service cloud-native platform.
The rapid rise of cloud and SD-WAN has ushered in an era where on-demand services are accessed, and operational simplicity is table stakes. When branch and corporate offices connect to multiple clouds, IT needs cloud-intelligent, dynamic multi-path connectivity with fully embedded security.
For more information, access our SDXCentral webinar: https://www.sdxcentral.com/resources/sponsored/webinars/versa-networks-reliable-multi-cloud-sdwan/