The Evolution Of SD-WAN and Edge Networks and Security
Gone are the days of backhauling traffic to a few enforcement points and relying on costly MPLS WANs, needing to maintain costly and capacity-limited physical appliances, or relying on the unpredictable performance of public clouds for security. With Netskope’s approach, customers avoid getting locked into one vendor’s architecture, but have the choice to make best-of-breed, independent security and networking decisions without trade-off.
The initial SD-WAN offerings provided the ability to expand MPLS networks with the Internet providing secure access to specific network points however the rapid expansion of SaaS applications have eroded this "point to point" benefit.
The Network Edge Has Moved
Today it is necessary to connect and secure traditional traffic in addition to evolving traffic types from Premise Based, Hybrid and Mobile workers to encompass technologies such as the proliferation of IoT services.
Next Generation Secure Web Gateway
The evolution from dedicated premises based SD-WAN's to a Next Generation Secure Web Gateway leverages existing SD-WAN investment (no rip and replace) to help better secure and protect web, cloud & SaaS traffic.
This approach to SD-WAN provides the most flexibility in vendor selection and supports users accessing from anywhere, as well as realizing additional network performance and cost savings benefits.
Secure Access Service Edge (SASE)
SD-WAN helps to solve the access side of SASE (Secure Access Service Edge) Solutions by securely connecting users to the apps and services they need, whether on the web or in the cloud, with minimal friction and organizations are rapidly adopting SASE to safeguard data wherever it moves, support digital transformation efforts, and realize better efficiency and ROI from their technology.
A converged SASE platform can provide AI-driven zero trust security and simplified, optimized connectivity to any network location or device, including IoT.
Simplify IT Operations, Reduce Costs and Increase Agility
Despite the digital transformation potential of SASE, to-date organizations have struggled to realize the benefits of networking and security convergence. Most solutions lack tight integration, are missing key networking or security features, or fail to provide a cloud architecture – which increases security risk, can cause network downtime, have a poor ROI and high cost of ownership.
?With a fully converged SASE solution, organisations can leverage industry-recognized, full stack SSE (Secure Service Edge) that includes FWaaS (Firewall as a Service), SWG (Secure Web Gateway), CASB (Cloud Access Security Broker) and ZTNA (Zero Trust Network Access) that is cost effective, fast, easy to use, and secures transactions wherever your users and data go.
This combined with the power of Borderless WAN ensures secure, reliable connectivity from every site, cloud, remote user or IoT device.
This type of SASE solution allows customers to benefit from leveraging existing SD-WAN while adding a zero trust security approach, combined with network optimization to deliver on the vision of security without performance trade-offs.
领英推荐
Evolving Security Risks
Along with SD-WAN's evolution Security Risks have exponentially increased and diversified in their attack and penetration methods making the need for enhanced security self evident.
The Expanded Risk
The expanded Network Edge requires a new model of securing data has grown to include the need for;
Secure Cloud
To meet the new security threats a new structure was required as shown below;
Resources
If you would like more information or would like to discuss this evolution further please don't hesitate to reach out to me.
Paul Harnett