Using SD-WAN to Secure the Digital-First Workplace Featured

Using SD-WAN to Secure the Digital-First Workplace Image Credit: Funtap/

The digital workplace has been in everyone's mind since the arrival of the cloud in everyday business. This is not a single technological solution, but an overall approach that brings together different technologies to enable centralized and simplified IT management, to provide users with a personalized work experience, and to establish optimal work and collaboration opportunities. This shift from hardware-based systems to infrastructure in the cloud allows for easy global collaboration, centralized access to online data, and the necessary analysis tools that allow employees to optimize processes as much as possible. In times of great competition in different markets, this can mean a significant advantage over the competition.

New requirements for connectivity

An essential element of the digital workplace is a permanently available and secure Internet connection that allows employees to reliably access data and applications from anywhere. In the past, these were stored in the corporate network or on your own computer and since employees spent a large part of their time at the desk in the office, a lack of Internet connection was annoying, but temporarily tolerable. Today, on the other hand, they are much more mobile, working from different endpoints at different locations or on the move, accessing the applications they need through the cloud.

In order to respond to this change, companies need a modern network that is flexible, efficient and at the same time secure. Traditional architectures of Wide Area Networks, which connect the company's diverse access points and locations around the world, are often based on MPLS technologies. However, these offer limited bandwidth and are difficult to customize. Thus, the provision of an MPLS connection takes several weeks or months, which makes it difficult to set up new branches. However, the biggest drawback for a modern IT operation is the fact that they are unsuitable for the cloud.

As the share of the cloud in the corporate network will increase in the future, a cloud-compatible connection with the shortest possible latency becomes inevitable. To be future-ready, it must also meet the bandwidth needs associated with future growth and installation of new applications.

Sustainable with SD-WAN

With the lack of bandwidth and easy-to-use cloud connectivity, MPLS connections are no match for today's demands. However, with Software Defined Wide Area Networks (SD-WAN), companies have a meaningful and, above all, future-proof alternative that addresses the aforementioned problems. This is an overlay technology that virtually bundles data streams and sends them on the best way for them based on multiple connections such as DSL, mobile or other network connections. Network conditions and policies enable mission-critical applications to be routed through the existing connections as quickly as possible. This allows administrators to ensure that connections are not only fast, but also fail-safe, because if one link fails, other channels can be used to maintain the connection. In addition, the optimal resource management allows a reduction in the costs incurred.

In addition to aggregating connections, SD-WAN provides central control and visibility over the network and can rule-basedly automate the creation of secure site-to-site connections and provide direct connections to the cloud. For employees, deploying an SD-WAN also provides greater flexibility for accessing enterprise applications, which makes mobile work easier. Rail commuters can use the approach for their workplace by continuing to work there, or work from home more easily.

Countering security risks

The flexibility of the connections and the increased connectivity not only provide a convenience to users, but also encourage hackers to target corporate networks. Integrated security is therefore an important criterion when building an SD-WAN to protect all data and applications that are processed worldwide. The integration of Next Generation Firewalls, Intrusion Prevention or Malware Protection must therefore be considered when implementing SD-WAN. Another challenge is the integration into existing security architectures. This is often due to the lack of employees who already have the necessary experience.

For many, it is therefore recommended to use the SD-WAN as a managed service solution. This may or may not be automatic by the provider of the technology. A hybrid operating model enjoys great popularity, with the internal network team and the managed service provider sharing different tasks among themselves. It is important to consider that role-based access to the various functions should be adequately distributed with regard to the security aspect. Operational operations and security functions are often undertaken by different parties. Whether ITSM, Security Operations or the Managed Service Provider - all entrances must be clearly divided and adapted to the roles. Universal access of all parties to all functions only makes it easier for hackers to gain access.

Ensure flexibility and security

Developments in today's economy are putting increasing pressure on companies to use increasingly faster technological advancements to operate globally and to be as flexible as possible. Employees need to be able to access the applications they need from anywhere, anytime. While traditional WAN architectures with MPLS connections no longer meet the bandwidth and cloud connectivity requirements, SD-WAN technology provides a solution that provides the flexibility to not only provide the necessary connectivity. It also makes it possible to orchestrate the network infrastructure centrally and thus provide the desired flexibility without additional complexity. Optimal resource management can also save you money.

No wonder the adoption of this technology is so fast-paced. Gartner already estimated in 2016 that the proportion of companies with SD-WAN technology would continue to grow from 1 percent to 30 percent today. For the remaining 60 percent, the time has come to focus on this technology to stay fit for the future.

Laurent is the Head of Product Marketing for Open Systems. He has over 10 years of experience in the world of managed network and security services. He held positions in various areas, starting in development and network and security operations, continuing in technical account management and pre-sales, followed by product management and product marketing. Laurent is based in Zurich, Switzerland, and holds a MSc degree in Computer Science from ETH Zurich.


To Be Cloud-Native or Cloud-Tourist Involves Pervasive Design Decisions


Telcos: Become Data Driven or Get Left Behind

Latest Videos