Architecture Matters: SD-WAN Security

By Michael Wood
Vice President of Marketing, VeloCloud
August 22, 2016

SD-WAN Security Architectures: The Keys to the Cloud

Speed is the currency of modern business, and the rate of business change accelerates. Over the span of a hundred and fifty years, Darwin speaks to networking professionals: to survive is to adapt. Cloud-based resources—applications or storage—are prerequisites for today’s adaptability and agility. Okay, so I put a lot of my stuff in the cloud; I migrate to a cloud-delivered SD-WAN and everything goes faster, smoother, easier, I can finally keep pace with the world, I can face the future. But wait, is my stuff secure? Where are the locks? Who holds the keys?

Zeus Kerravala, founder and principal analyst of ZK Research, gives compelling statistics in the webinar on SD-WAN Security Architectures: cloud services at 18% CAGR 2012-2019; $1 of every $4 application spending will be in the cloud; 80% of the Global 2000 has at least 10% of IT running in cloud today—30% projected by 2019. Then the more sobering security figures: 89% of security breaches are driven by financial or espionage*; current security is not scalable and businesses are falling behind; the proverbial 50% of companies say they have been hit by malware, and the other 50% don’t yet know that they have.

sd-wan security

Network infrastructure must change as rapidly as the business environment. Traditional perimeter security has become insufficient—the bad guys are increasingly insiders. The proliferation of cloud services, and the use of personal and mobile devices not owned or controlled by IT, change and enlarge the network attack surface—new hacker entry points open up, and they only have to find one. Traditional IT and SP fault management is inadequate: by the time a vulnerability shows up, the attack is over. Sometimes long over. Network infrastructure responsibility must shift to visibility, monitoring, auto-remediation, policy management, performance: you can’t secure what you can’t see.

The webinar discusses how cloud-based SD-WAN architectures can help your WAN infrastructure overcome these challenges: transform from fault management to proactive monitoring; from rigid SLA bandwidth numbers to measuring application performance experience; from providing mere connectivity to real-time visibility into MOS scores, delay, jitter, packet loss. Businesses have admitted to compromising network security in favor of application performance. PKI and IPSec tunnels are complex: they’re arduous to set up, and exhausting to maintain.

An SD-WAN architecture envelopes this complexity to let you set up security with a click in a centralized orchestrator. VPN tunnels are built automatically to cloud-hosted gateways; the tunnels and PKI are managed by cloud-based controllers and gateways; device certificates are anchored to the CA server inside the orchestrator. A cloud-delivered SD-WAN provides a business-quality framework for WAN expansion, and all this becomes a service you apply to your infrastructure, where the complexity inside the service is taken care of for you. It allows you to adapt to changes so much quicker.

The webinar dives deep into three specific SD-WAN architectures, followed by even more specific use cases illustrating how the challenges are addressed. One customer enabled the use of ZScaler security from the Velocloud Gateway in a matter of minutes, then also reduced the requirement of 2500 tunnels down to 5—a dramatic simplification while accessing the same cloud applications and resources.
And so much more. Listen to the free webinar. Sleep easy—the keys are yours, and the locks are secure.

Yes, SD-WAN security architecture matters.

* Verizon Data Breach Investigations Report (2016)

Add a comment.

Acclaim for VeloCloud

Hear what leading enterprises are saying about VMware NSX® SD-WAN by VeloCloud™.