Guest Column | April 6, 2020

Solving Your Customer's Challenges With Secure SD-WAN

By Jon Bove, Fortinet

Solving Challenges Puzzle Maze

For years, enterprise customers have depended on wide-area networks (WANs) to support business communications across multiple locations. The adoption of cloud-based services, SaaS applications, and BYOD with increasing bandwidth requirements has begun to overwhelm traditional WAN performance. At the same time, digital business requirements demand the sort of flexibility and meshed interoperability between devices, applications, and users that most static WAN connections, such as MPLS, cannot provide. As more traffic gets pushed to the edge, traditional branch WAN infrastructures are increasingly unable to support digital transformation (DX) efforts that rely on a highly distributed network of mobile end user and IoT edge devices.

As a result, organizations have begun looking at adopting software-defined wide-area network (SD-WAN) solutions as a way to help meet the new networking requirements that stem from DX. SD-WAN offers a more agile, responsive, cost-effective solution for enterprise customers that improves application performance for highly trafficked networks. When properly selected and deployed, SD-WAN also can provide a complementary set of integrated security tools that support and enhance new WAN requirements. These functionalities include:

  • WAN link remediation for unified communication applications
  • Real-time WAN bandwidth measurement
  • Improved management with overlay cloud orchestration
  • Enhanced performance and decreased latency with aggregated overlay bandwidth sharing between multiple connections
  • High-speed application recognition for improved user experience and application performance

The Need For Secure SD-WAN

This emerging alternative to traditional WAN infrastructure allows expensive, traditional hardware to be replaced with cost-effective connections like broadband across public networks to provide improved speed and branch uptime to the network. However, IT leaders adopting SD-WAN are struggling with the cost and complexity of securing these connections as an overlay solution. Because of performance requirements and the volume of critical data now flowing across and between interconnected branch offices, security cannot be applied as an afterthought. Instead, networking and security need to be seen as two sides of the same coin. This requires that SD-WAN solutions incorporate essential security, such as next-generation firewalls (NGFWs), IPS, and application security, as well as advanced security tools like sandboxing and behavioral analytics.

Rather than trying to manage two separate yet intrinsically integrated functions such as advanced WAN networking and security using entirely separate solutions, a far better approach is to implement a single appliance that completely addresses the necessary requirements for business-critical security, along with advanced WAN capabilities across the entire network. Rather than deploying security as an isolated overlay, such integration allows security to provide protection for network functions like bandwidth sharing and link error corrections, as well as provide deep inspection for complex VPN connection overlays without compromising performance.

Solving The Challenges Your Customers Face With SD-WAN

The benefits of implementing a smartly-integrated solution that simultaneously addresses a wide range of customer networking and security challenges include:

Cost reduction: Your customers need to reduce costs. This can be done by replacing high-cost low-bandwidth WAN circuits with low-cost high-bandwidth broadband connections. With an integrated solution, site-to-site VPNs can not only be created and automated to create a meshed interconnectivity overlay between enterprise branch offices, the cloud, and corporate data centers but also ensure consistent, policy-based protection and enforcement across the entire distributed network, rather than deploying yet another isolated security practice.

Simplified complexities: Partners can help customers simplify the complexities associated with WAN management, configuration, and orchestration by managing security and networking through a single interface. Not only does this provide better visibility and control, but it also limits the amount of time necessary to provision leased lines and MPLS and deploy an effective security strategy, allowing locations to be quickly recognized, come online faster, and troubleshoot challenges faster and easier.

Centralized management: Your customers are looking for zero-touch provisioning and centralized management capabilities. With an integrated SD-WAN solution in place, IT teams are able to manage and orchestrate a single, unified security solution across all branch locations, cloud destinations, and devices. This approach also provides centralized management and automated control of branch office WAN connectivity, while customers experience single-pane-of-glass visibility across the enterprise, including all distributed applications, users, and potential threats.

Increased performance: According to a recent IHS survey, enterprise organizations that deploy SD-WAN use 50 percent more bandwidth than those that rely on traditional WAN connections. That bandwidth provides access to more effective applications, support for more robust workflows, and increased productivity, giving their organizations a distinct competitive advantage. However, because these organizations have growing bandwidth needs that are increasing twice as fast as those using traditional WANs, an integrated SD-WAN solution can leverage its advanced networking functionality to enable customers to dynamically scale bandwidth capacity based on subjective needs and conditions. This allows customers to meet needs for high-application performance without leaving gaps in their defense or having to play catch-up when it comes to their security.

Enhanced security: By leveraging an integrated security portfolio that is tied together with advanced networking functionalities through a single-pane-of-glass view, organizations can experience unprecedented visibility across all of their enterprise locations. Partners can be assured that by providing them with enterprise-grade security with dynamic VPN tunneling, comprehensive SSL inspection, and consolidated networking functionality, their customers will be able to achieve their digital transformation goals without compromise.

With these new capabilities in place, customers are able to achieve higher performance, simplify their infrastructures, reduce WAN costs, and provide users with direct connectivity to the enterprise branch. Partners can help their enterprise customers enhance secure communications across their distributed networks by recommending a fully integrated secure SD-WAN solution to enable them to easily manage internet performance and connectivity while removing the cost of implementing a separate security solution for SD-WAN.

About The Author

Jon BoveJon Bove is the vice president of Channel Sales at Fortinet, Inc. (FTNT). In this capacity, Bove and his team are responsible for strategizing, promoting, and driving the channel sales strategy for partners in the United States as we seek to help them build successful – and profitable – security practices. A 17-year veteran of the technology industry, Bove has held progressively responsible sales, sales leadership, and channel leadership positions. During his time at Fortinet, he has been responsible for establishing Fortinet's National partner program and aligning Fortinet's regional partner strategy to allow partners to develop Fortinet security practices with the tools and programs to successfully grow their business.