Author: Johna Till Johnson, CEO & Founder
Both wide-area networking and cybersecurity are undergoing major paradigm shifts. In the wide area, companies are increasingly deploying Software-Defined WAN (SD-WAN) technology in conjunction with or even in place of traditional WAN technology like MPLS.
SD-WAN technology makes it possible to dramatically reduce circuit costs, capital costs, and labor costs; as importantly, it increases agility, and—somewhat surprisingly—security. That’s because one of the core principles of SD-WAN is holistic management: all the endpoints, physical or virtual, are managed, configured, and updated via centralized, policy-based, automation. Building centralized, automated management in from the ground up, SD-WAN obviates the need to manage unique configurations at each site via a layered-on management tool or in-house developed, complex (and often erroneous) scripts. Truly automated configuration and management cuts down on vulnerabilities that hackers can exploit. After all, most software pushes for traditional routers succeed less than 99% of the time; home-grown scripted pushes even less often. If you have 5,000 sites, that means 50 or more not automatically updated, requiring manual attention; at additional risk of compromise in the interim and at additional risk of misconfiguration in the course of manual updating.
Another aspect of SD-WAN that increases security is the virtualization of the WAN. By overlaying multiple logical WANs on top of the physical network links, SD-WAN allows an organization to partition their WAN into security-defined segments.
Meanwhile, cybersecurity professionals are moving towards a zero-trust security model, in which all devices, resources, systems, data, users, and applications are treated as “untrusted.” Zero trust security has profound implications for security architectures and operations, and shares a core tenet with SD-WAN: that automation will implement centralized policy consistently.
It’s not too surprising, then, that the blueprint for the next-generation networking includes zero-trust security, automation, and policy-based management. Putting all the pieces together delivers a more secure, resilient network.
You are currently viewing a preview of this content. Nemertes Clients, please log in for full access to all research content. If you are not a client, please click below to purchase access to this research report. We also invite you to become a client.CLIENT LOGIN BECOME A CLIENT