Hubert da Costa, SVP and GM EMEA at Cybera, examines how traditional VPNs are failing to meet the challenges of distributed enterprises and why secure SD-WAN Edge solutions are gaining broad market adoption.
Virtual private networks (VPNs) are a well-established method deployed by businesses around the world to keep remote locations connected and deploy new applications. They were, until recently, an ideal solution for retaining a standard level of security while keeping costs under control. However, as businesses become more decentralised, VPNs are becoming less and less fit for purpose.
Internet of Things (IoT), cloud and Big Data have fundamentally changed the connectivity requirements of today’s organisations, extending beyond the perimeter of traditional enterprises. This change renders VPNs vulnerable to threats and incapable of providing the cost savings for which they have been historically associated. In fact, as new applications are added to distributed enterprise locations, the cost and complexity of adding more VPNs to secure them have correspondingly escalated.
Modern businesses have a strong focus on securing and protecting their assets and are beginning to embrace multi-layered security solutions. A common challenge, however, is that the distributed sites are often not updated in the same time-frame – or level of detail – as the HQ and, even when the remote sites are provided with similar IT hardware and/or software, often they do not possess the same level of onsite IT expertise to ensure ongoing optimum IT operation.
This leaves the remote sites as possible weak links in the overall security chain, potentially opening avenues of vulnerability into the corporate site as well as its own. Given this all too common scenario, it is not surprising that the question of how to extend enterprise data centre-grade security to remote sites with limited IT staff and tight budgets remains at the top of most IT and security professionals’ priority list.
The good news is that, as these challenges emerge, a solution to overcome them is not far behind. In this instance secure Software Defined WAN (SD-WAN) for the network edge is the answer. Secure SD-WAN at the edge puts the power and security of the compute resources as close to the sources of data as possible – at the network’s edge.
It is purpose built to address these challenges by uniting security and simplicity into an integrated solution. The power of secure SD-WAN Edge lies in taking a defence-in-depth approach while simultaneously reducing the enterprise attack surface by logically segmenting the network on a per application basis. Moreover, this multi-layered security approach is delivered with the architectural simplicity, scalability, reliability and dramatic cost savings of a virtual overlay network.
Let’s examine how traditional VPNs are failing to meet the challenges of distributed enterprises and why secure SD-WAN Edge solutions are gaining broad market adoption.
- Safety first
Networks that use multiple touch points for manual security configurations are prone to misconfigurations or inconsistent configurations – a huge security risk.
Logical network segmentation allows security policies to be enforced on a per application basis. By applying complete end-to-end segmentation of each application, exposure from any potential breach is limited to that single application. Just as importantly, the centralised virtual overlay approach of secure SD-WAN Edge configurations eliminates the multiple manual configurations that open your network up to security risks. With secure SD-WAN Edge, you can easily extend the multi-layered security approach used in data centres out to the edge of your network without highly skilled IT professionals at the branch.
- Keep costs down
Supporting the various point product solutions typically required for VPNs is costly. The capital expenditure for various point solution hardware, public IP addresses and software continues to rise.
With secure SD-WAN Edge solutions, these applications are connected in a cost-effective, scalable way without compromising security. This is a distinct benefit over VPNs, which provide an either/or scenario: either all traffic intermingles on one VPN, which is lower cost but very insecure; or all traffic can be segmented on separate VPNs, which requires more cost and complexity to maintain security.
With secure SD-WAN Edge virtualisation, the cost of WAN infrastructure hardware, software and support can be reduced by up to 79%. The technology eliminates the need for multiple, dedicated premise devices by integrating functionality, such as Wi-Fi, wireless back-up, firewall and intrusion detection/ prevention in one solution. It also dramatically reduces both the CapEx and OpEx costs of managing enterprise WANs.
- Reduce complexities
Connecting new locations and new applications is hard. Each location may have multiple devices, different device configurations and various security requirements. Turning up a new location on a VPN requires knowledgeable IT staff to deploy, manage, troubleshoot and support.
With secure SD-WAN Edge distributed enterprises can be operationalised in minutes instead of months. It simplifies network setup with automatic provisioning and configuration from a central controller. The remote location will also receive network updates and changes automatically.
- Modern infrastructures require flexibility
Traditional infrastructures are rigid and necessitate labour intensive efforts to support changing network conditions, especially when it comes to remote locations. Traditional networks are often too bulky to adapt and respond to, for example, a new security threat, in a timely manner.
Secure SD-WAN Edge virtualises the WAN so that all network intelligence is handled in software. For example, remote locations can be defined simultaneously and then kept perfectly in sync using centralised cloud-based policy administration inherent in SD-WAN Edge connectivity models.
This groundbreaking architecture helps reduce expenses and complexity, while increasing network flexibility. Best of all, it can be piloted in your network incrementally on a branch-by-branch basis, mitigating concerns about network disruption, and giving you a quick way to determine the return on your investment.
Secure SD-WAN Edge solutions are becoming more broadly adopted by distributed enterprises as a solution to these four common challenges. But additional to addressing security, cost, complexity and flexibility, it is designed with scalability and agility in mind, helping large distributed enterprises get the network performance and demand they need.
Click below to share this article