Cybersecurity Becoming Bigger SD-WAN Concern

The first wave of software-defined wide area networking (SD-WAN) was squarely focused on reducing costs by reducing the need to backhaul network traffic from every branch office to a data center. In the age of the cloud, many branch offices now make use of SD-WANs to access public cloud services directly across a public internet connection. The challenge organizations are now facing is how to implement SD-WAN security.

A global survey of 900 IT professionals conducted by Vanson Bourne on behalf of Barracuda Networks finds one-third have already deployed SD-WAN in most of their sites, while another 49 percent are in the process of doing so or will in the next year. More than a third of organizations (36 percent) that have opted to deploy went with a “pure-play” SD-WAN that required additional security, such as a firewall. But, going forward, 30 percent of those with a SD-WAN in place said they would prefer a single solution that includes security.

Klaus Gheri, vice president of network security for Barracuda Networks, said those results indicate the next phase of SD-WAN adoption will be driven by higher levels of convergence between SD-WAN connectivity and security. The survey makes it clear that in the SD-WAN space the level of collaboration between networking and security teams still leaves much room for improvement, he said, as managing SD-WANs and firewalls using separate consoles managed by different teams only serves to increase operational costs. Providers of SD-WANs are moving to add additional layers of security that go beyond encryption, but many of them are about to discover that integrating firewall and SD-WAN management is a bigger challenge than anticipated, Gheri noted.

Most SD-WAN providers have already implemented some form of zero-touch deployment capabilities, but the next wave of offerings across the SD-WAN category also will provide more advanced zero-touch security configuration capabilities. Competition across the category will shift from those offering simple connectivity to those platforms that provide that highest amount of flexibility without compromising security, Gheri said.

In many cases, those decisions will be made by managed service providers (MSPs), which tend to be a lot more focused on operational costs than traditional enterprise IT organizations. The survey finds the top three challenges when it comes to SD-WANs are complexity (48 percent), cloud performance (47 percent) and performance between locations (46 percent).

Competition across the SD-WAN category—which is one of the hottest across all of enterprise IT in terms of sales growth—is already fierce. There is no shortage of options available when it comes to replacing routers at the network edge. In some cases, organizations are not even opting to replace their routers at all. Instead, they are layering SD-WAN software on top of an existing router. Long-term providers of firewalls such as Barracuda Networks are moving into the SD-WAN category from a different direction. Whatever the outcome, it’s clear security is now a much more relevant consideration as organizations begin to better appreciate the enormity of the task really at hand.

Featured eBook
The State of Open Source Vulnerability Management

The State of Open Source Vulnerability Management

The rise in open source usage has led to a dramatic rise in open source vulnerabilities, bringing to the fore interesting developments in open source security. The report drills down into the deeper layers of the open source phenomena and provides the latest insights on how organizations are handling vulnerabilities and what the future holds. 4 Key ... Read More
WhiteSource
Michael Vizard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 55 posts and counting.See all posts by mike-vizard