Rise of SD-WAN Alters Nature of Branch Office Security

The rise of cloud computing has fundamentally changed the way network traffic flows within most organizations. Users in branch offices now typically access applications over public internet connections versus backhauling all network traffic through a secure data center. A new survey of 309 IT professionals at organizations with more than 1,000 employees conducted by Dimensional Research on behalf of Versa Networks, a provider of software-defined wide area networks (SD-WANs), finds this shift in how network traffic flows is adding more challenges to an already complicated security situation in the branch office.

A full 68 percent report the biggest WAN challenge they have is deploying and managing network and security devices at branch offices. Nearly half (49 percent) also cited information security at the branch office as a major challenge. More than half (54 percent) admitted that their branch network had experienced a breach.

The survey finds that 85 percent of the respondents to consider implementing an SD-WAN to address these management and security issues. Specifically, more than half (57 percent) said increased risks and expanding attack surface due to direct internet connection being made at the branch was the primary motivation adopting an SD-WAN. A full 96 percent of respondents concurred that more aggressive approaches to networking and security will be required going forward.

The need for direct internet connections is only going to increase. Branch offices continue to multiply and providing each of those offices will a leased line is prohibitively expensive. Besides, the latency associated with trying to backhaul all network traffic through a data center winds up creating an unacceptable application experience in most branch offices.

Because of these issues, many organizations are looking to either add SD-WAN functionality to a local router or replace the local router with an SD-WAN appliance altogether. In many cases, SD-WANs will represent the first practical experience any of these organizations will have with deploying and managing anything that is software-defined. Everyone recognizes that no one can afford to staff each branch office with local IT staff. Even the cost of dispatching IT staff to visit those offices is an expense most organizations would rather avoid. The goal is to be able to ship an appliance to a branch office that a local office manager can plug in and be managed by a remote IT department.

The survey finds that 93 percent of respondents expect to make the transition to SD-WAN by 2019, with the two biggest impediments being not surprisingly a lack of understanding about SD-WAN technology (60 percent) and qualified personnel (58 percent). In general, nearly a quarter cited integrating network and security products as major WAN challenge even before implementing an SD-WAN.

There will naturally be a requirement to centralize the management of network and security technologies at the branch office. In fact, the survey finds that 65 percent of respondents would be willing to consider a managed service rather than take on that challenge themselves.

From an IT perspective, the amount of transformation occurring in the branch office today is unprecedented. Routers and standalone firewalls have been stables of the branch office for decades. They are now being replaced by either SD-WANs that incorporate security functionality or, conversely, firewalls that provide SD-WAN functions. Regardless of the approach pursued, the days when networking and security were managed in isolation from one another are clearly coming to an end.

Michael Vizard

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 747 posts and counting.See all posts by mike-vizard