November 15, 2017 By Rahul Agarwal 2 min read

New technologies that leverage social media, analytics, mobility and cloud are changing the way organizations operate, deliver services, and interact with customers and supply chains. At the same time, organizations are becoming more geographically distributed, and branch offices are playing an increasingly important role in providing business value. These changes have overloaded already strained legacy infrastructure, which was never architected for such a dynamic business environment.

It is no wonder that organizations are embracing software-defined wide-area network (SD-WAN), which abstracts the various connectivity options, such as multiprotocol label switching (MPLS), mobile and broadband, to provide a virtualized enterprise WAN. SD-WAN does not suffer from the lack of flexibility, scalability and programmability of traditional WANs. According to IDC, by 2021, the total SD-WAN market will reach $8.05 billion, representing a five-year compound annual growth rate of 69.6 percent.

The Benefits of Moving to SD-WAN

There are numerous benefits of adopting SD-WAN, including but not limited to:

  • Applications and workloads are matched to the best connectivity methods to provide both lower costs and enhanced performance;
  • The ability to scale network bandwidth on demand;
  • An opportunity for microsegmentation of traffic across private and public clouds; and
  • Provision of a centralized control plane to enable visibility and policy management through a single pane of glass.

I have already discussed the fact that “while the shift to SD-WAN makes business sense, organizations want to ensure that such a move will not increase the attack surface of their network or expose it to new vulnerabilities as it connects to cloud providers and uses newer types of endpoints,” in an earlier blog post. This is because cyberthreats are showing no signs of abating. Without appropriate software-defined security, organizations are vulnerable to attacks that can their damage their reputation, adversely affect their relationship with customers and impact revenue streams.

Using the Principle of Least Privilege

Enter the principle of least privilege. IBM believes that organizations should stop trusting applications, users, networking devices or networks by default, and instead implement a regime of continuous verification. In other words, authenticate first and provide network security access second. SD-WAN technologies enable least privilege security by intelligently segmenting, encrypting and directing connections via an edge device with software-defined security modules that sit at the edge of a network.

Secure SD-WAN uses this approach to alleviate security issues. It is designed to work with existing network infrastructure to improve network security, reduce network connectivity costs, optimize network and application performance, and accelerate hybrid cloud adoption. The IBM Security Hub, available through IBM Managed Security Services, helps reduce WAN circuit costs by optimizing the routing of network traffic through SD-WAN.

Learn More

Christina Richmond, program director for IDC’s Security Services, recommended steps for an organization moving through milestones toward seamless SD-WAN implementation and operation in a white paper, “Software-Defined Security with SD-WAN.” Read this white paper, sponsored by IBM, to understand how SD-WAN can help improve overall network security by following an approach based on the principle of least privilege.

Read the paper: Software-Defined Security with SD-WAN

More from Network

New cybersecurity sheets from CISA and NSA: An overview

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments.This new release includes a total of five CSI sheets, covering various aspects of cloud security such as threat mitigation, identity and access management, network security and more. Here's our overview of the new CSI sheets, what they address and the key takeaways from each.Implementing…

Databases beware: Abusing Microsoft SQL Server with SQLRecon

20 min read - Over the course of my career, I’ve had the privileged opportunity to peek behind the veil of some of the largest organizations in the world. In my experience, most industry verticals rely on enterprise Windows networks. In fact, I can count on one hand the number of times I have seen a decentralized zero-trust network, enterprise Linux, macOS network, or Active Directory alternative (FreeIPA). As I navigate my way through these large and often complex enterprise networks, it is common…

Easy configuration fixes can protect your server from attack

4 min read - In March 2023, data on more than 56,000 people — including Social Security numbers and other personal information — was stolen in the D.C. Health Benefit Exchange Authority breach. The online health insurance marketplace hack exposed the personal details of Congress members, their families, staff and tens of thousands of other Washington-area residents. It appears the D.C. breach was due to “human error”, according to a recent report. Apparently, a computer server was misconfigured to allow access to data without proper…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today