August 24, 2017 By Rahul Agarwal 2 min read

As businesses across the world become more geographically diverse and move toward an increasingly hybrid IT environment, legacy infrastructure is struggling to keep up. With more data flowing over enterprise networks from multiple sources, the demand for software-defined wide area network (SD-WAN) technology is growing exponentially.

A report from IDC predicted that this technology will become a $6 billion industry by 2020, and that 75 percent of U.S. enterprises will implement SD-WAN within two years.

Watch the On-Demand Webinar: Securing Your SD-WAN

Is SD-WAN Too Risky?

SD-WAN technologies makes it simple for organizations to optimize the cost of using different network technologies, such as multiprotocol label switching (MPLS) and commercial broadband, to connect their various remote offices and/or branches to one another. SD-WAN can be up to 2.5 times less expensive than a traditional WAN due to lower savings generated by using secure edges, along with a decrease in staffing and router maintenance costs. Additionally, SD-WAN facilitates secure, vendor- and technology-agnostic data transport over any internet or WAN connection, boosting hybrid cloud adoption.

As with any other networking architecture, security of SD-WAN is a top priority. So while the shift to SD-WAN makes business sense, organizations want to ensure that such a move will not increase the attack surface of their network or expose it to new vulnerabilities as it connects to cloud providers and uses newer types of endpoints. According to an Enterprise Management Associates (EMA) report, respondents ranked security as the most important characteristic they need from their SD-WAN.

Embracing the Zero Trust Model

The good news is that there is a way to make SD-WAN more secure than a traditional WAN: by using the zero trust model. The thrust of the zero trust security approach is to stop trusting applications, users, networking devices or networks by default, and instead implement a regime of continuous verification. In other words, this model focuses on authenticating first and providing network security access second.

Secure SD-WAN architecture helps you enhance the performance and agility of your WAN by introducing security-rich, software-defined technology that can work with your current network infrastructure. It should follow the zero trust model to provide end-to-end circuit encryption from on-premises to the cloud using IPSec 256-bit protection.

Additionally, it must help IT managers better control and monitor who is accessing the network and applications by strengthening access control policies. Teams must also be able to deploy software-defined, stateful firewalls to an edge device.

Read the Zero Trust White Paper to learn more

Learn More

Secure SD-WAN services from IBM enable enhanced security, performance and savings for your WAN and embodies all the characteristics you should look for in your secure SD-WAN solution.

Ben Hendrick, partner and global competency leader of infrastructure and endpoint security at IBM Security, and Christina Richmond, program director for IDC’s security services, discussed the steps organizations need to take to secure their SD-WAN infrastructure in a webinar earlier this summer. Watch the on-demand session to learn more about their strategies for better network security.

More from Network

New cybersecurity sheets from CISA and NSA: An overview

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments.This new release includes a total of five CSI sheets, covering various aspects of cloud security such as threat mitigation, identity and access management, network security and more. Here's our overview of the new CSI sheets, what they address and the key takeaways from each.Implementing…

Databases beware: Abusing Microsoft SQL Server with SQLRecon

20 min read - Over the course of my career, I’ve had the privileged opportunity to peek behind the veil of some of the largest organizations in the world. In my experience, most industry verticals rely on enterprise Windows networks. In fact, I can count on one hand the number of times I have seen a decentralized zero-trust network, enterprise Linux, macOS network, or Active Directory alternative (FreeIPA). As I navigate my way through these large and often complex enterprise networks, it is common…

Easy configuration fixes can protect your server from attack

4 min read - In March 2023, data on more than 56,000 people — including Social Security numbers and other personal information — was stolen in the D.C. Health Benefit Exchange Authority breach. The online health insurance marketplace hack exposed the personal details of Congress members, their families, staff and tens of thousands of other Washington-area residents. It appears the D.C. breach was due to “human error”, according to a recent report. Apparently, a computer server was misconfigured to allow access to data without proper…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today