New technologies that leverage social media, analytics, mobility and cloud are changing the way organizations operate, deliver services, and interact with customers and supply chains. At the same time, organizations are becoming more geographically distributed, and branch offices are playing an increasingly important role in providing business value. These changes have overloaded already strained legacy infrastructure, which was never architected for such a dynamic business environment.

It is no wonder that organizations are embracing software-defined wide-area network (SD-WAN), which abstracts the various connectivity options, such as multiprotocol label switching (MPLS), mobile and broadband, to provide a virtualized enterprise WAN. SD-WAN does not suffer from the lack of flexibility, scalability and programmability of traditional WANs. According to IDC, by 2021, the total SD-WAN market will reach $8.05 billion, representing a five-year compound annual growth rate of 69.6 percent.

The Benefits of Moving to SD-WAN

There are numerous benefits of adopting SD-WAN, including but not limited to:

  • Applications and workloads are matched to the best connectivity methods to provide both lower costs and enhanced performance;
  • The ability to scale network bandwidth on demand;
  • An opportunity for microsegmentation of traffic across private and public clouds; and
  • Provision of a centralized control plane to enable visibility and policy management through a single pane of glass.

I have already discussed the fact that “while the shift to SD-WAN makes business sense, organizations want to ensure that such a move will not increase the attack surface of their network or expose it to new vulnerabilities as it connects to cloud providers and uses newer types of endpoints,” in an earlier blog post. This is because cyberthreats are showing no signs of abating. Without appropriate software-defined security, organizations are vulnerable to attacks that can their damage their reputation, adversely affect their relationship with customers and impact revenue streams.

Using the Principle of Least Privilege

Enter the principle of least privilege. IBM believes that organizations should stop trusting applications, users, networking devices or networks by default, and instead implement a regime of continuous verification. In other words, authenticate first and provide network security access second. SD-WAN technologies enable least privilege security by intelligently segmenting, encrypting and directing connections via an edge device with software-defined security modules that sit at the edge of a network.

Secure SD-WAN uses this approach to alleviate security issues. It is designed to work with existing network infrastructure to improve network security, reduce network connectivity costs, optimize network and application performance, and accelerate hybrid cloud adoption. The IBM Security Hub, available through IBM Managed Security Services, helps reduce WAN circuit costs by optimizing the routing of network traffic through SD-WAN.

Learn More

Christina Richmond, program director for IDC’s Security Services, recommended steps for an organization moving through milestones toward seamless SD-WAN implementation and operation in a white paper, “Software-Defined Security with SD-WAN.” Read this white paper, sponsored by IBM, to understand how SD-WAN can help improve overall network security by following an approach based on the principle of least privilege.

Read the paper: Software-Defined Security with SD-WAN

More from Network

Cybersecurity in the Next-Generation Space Age, Pt. 4: New Space Future Development and Challenges

View Part 1, Introduction to New Space, Part 2, Cybersecurity Threats in New Space, and Part 3, Securing the New Space, in this series. After the previous three parts of this series, we ascertain that the technological evolution of New Space ventures expanded the threats that targeted the space system components. These threats could be countered by various cybersecurity measures. However, the New Space has brought about a significant shift in the industry. This wave of innovation is reshaping the future…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

Cybersecurity in the Next-Generation Space Age, Pt. 2: Cybersecurity Threats in New Space

View Part 1 in this series, Introduction to New Space. The growth of the New Space economy, the innovation in technologies and the emergence of various private firms have contributed to the development of the space industry. Despite this growth, there has also been an expansion of the cyberattack surface of space systems. Attacks are becoming more and more sophisticated and affecting several components of the space system’s architecture. Threat Actors' Methodology Every space system architecture is composed of three…

Beware of What Is Lurking in the Shadows of Your IT

This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security protections is “shadow IT” and it is one that organizations must prepare for. Shadow IT is the use of any hardware or software operating within an enterprise without the knowledge or permission of IT or Security. IBM Security X-Force responds…