You’ve seen the acronym tons of time: SD-WAN. But is it just a marketing buzzword? And how do you even pronounce it? WAN like can, or WAN like gone? Well, Corporate Armor has many SD-WAN capable firewalls, like the Fortinet FortiGate 80F, Meraki MX68, Sophos XG 115, and many more. But what is it? And, what’s so great about Secure SD-WAN?
The way we set up our networks has changed drastically over the last decade. One of the biggest game changers to come out is SD-WAN. What exactly is SD-WAN? It stands for software defined wide area network.
In the past, businesses would set up an MPLS connection. It stands for MultiPtotocol Label Switching. With an MPLS connection, each branch office connects back to the central location where they hosted all of their applications. Applications like their email, ERP system, or even custom apps. An MPLS connection also allows the branch offices to connect directly to each other. And it does this securely. MPLS connections are fine, to a point.
But now, we are starting to see a change in the way businesses operate online. There’s a huge shift to cloud applications. So instead of having a locally hosted email, a business might rely on Microsoft for Office 365, or Gmail. Instead of a locally hosted CRM system, a business might rely on a cloud hosted solution like Salesforce. All of the custom apps that a business used to host locally can now be hosted in a cloud data center like AWS or Azure. Now with an MPLS system, all of the branch offices still have to connect back to the central location to get their access to the cloud. So, you know that central data center that used to be the brains of the operation? Now it’s a bottleneck.
So how do you resolve this issue without having to spend a bundle completely redoing your network?
Enter SD-WAN
SD-WAN allows you to do several things that you were not able to do with MPLS. For one thing, it separates the management plane from the data plane. So instead of having to go to each of your routers to make changes or add a new application, you can do it through a central dashboard.
SD-WAN connections also allow you to prioritize one application over another. For example, maybe you want to make sure your VOIP phone system always has the best connection. But social networking doesn’t really matter. You can put your VOIP software at the top of the list and social networking at the bottom of the list. This ensures that you always have the best possible connection when talking on the phone.
Not only that, but you can utilize multiple connections, like a broadband and an LTE connection. This way, if the broadband connection is starting to get bogged down, an application can fall back to the LTE connection. The result is that you still have the best quality connection. An SD-WAN connection will constantly monitor the strength of your connections. And it will make changes on the fly with no need for IT interaction.
Broadband connections are much cheaper than an MPLS connection. And managing SD-WAN is much easier than managing MPLS. And if you still have an MPLS connection you don’t want to get rid of, that’s fine. You can do a hybrid. With a hybrid set up, the devices can still check back in to the central data center for apps that you may still have hosted locally. But they can also communicate using a broadband connection out to the cloud hosted applications. And businesses that do a hybrid approach typically save about 50% of their networking costs as opposed to solely an MPLS. A business that goes 100% SD-WAN will spend about 25% on networking of what they would using a full MPLS connection.
So far so good. But is it secure?
When done right, secure SD-WAN enables secure, direct internet access. But security has to be added. Or better yet, built right in. Otherwise, it’s just another connectivity option that becomes an attack vector.
Because SD-WAN is dynamic and highly scalable, overlay security is very expensive to deploy and maintain. And, it often ends up with delays when reacting to connectivity changes. And that can leave critical connections and data vulnerable. Integration ensures that SD-WAN connectivity, traffic management, and security function as a single, holistic system.
A next-generation firewall is an example of such an integrated solution. It will have intrusion prevention, web filtering, secure socket layer inspection, and anti-malware as key components. Solutions that combine SD-WAN and NGFW into single offerings satisfy the key requirements for secure SD-WAN. These will ensure the safety and reliability of connections and for the organization overall. There are many examples of these, from excellent vendors like Barracuda, Meraki, Sophos, and especially Fortinet.
As organizations adopt remote workforce policies, networks grow more spread out. SD-WAN began to address the needs of a vast, “work from anywhere” workforce. Now, Secure SD-WAN has advanced our ability to truly, safely, work from anywhere. And, of course, Corporate Armor is ready to answer any questions you might have, and help you decide on a Secure SD-WAN solution that’s right for you. So email us, or call 877-449-0458. Thanks for reading!
Important SD-WAN features
Much lower TCO than other networking options |
Extremely scalable |
Functions as a single, holistic system, with total visibility |
Centrally managed in a single pane of glass interface |