Secure SD-WAN
Posted: Mon Feb 10, 2025 8:09 am
SD-WAN is deployed in a variety of forms, from software to applications of varying price points to fully managed hybrid services. In the case of remote work, IT staff can interact with a specific group of users through centralized policies delivered by SD-WAN software on employees’ computers or through small, inexpensive applications installed on the home network that prioritize company traffic over family traffic (i.e., video streaming and gaming).
As the enterprise network model evolves to accommodate remote work, organizations must ensure that remote workers can securely access company resources from anywhere and on any device. Security has quickly become a key application for SD-WAN.
Traditionally, security has been designed using cyprus mobile database devices deployed around the perimeter of all corporate sites to keep threats out. However, remote work blurs company boundaries, and organizations need to ensure the same level of security for the home office as they do for the corporate office. Ensuring users can access resources securely can be accomplished through two approaches. The first approach, secure SD-WAN, applies security features to an SD-WAN application right at the user’s home. The various security features are implemented on the user’s network and are single-tenant (i.e., dedicated to the user and the company they work for). The challenge with this model is sizing the application so that it is cost-effective and does not impact productivity.
SASE
The second approach to SD-WAN security is SASE, and it’s new. SASE moves security to the edge environment closest to the user’s home, optimizing it for multiple tenants that share edge cloud resources. In a multi-tenant model, security functions can scale using microservice architectures.
The most important aspects of SASE are:
located close to the user, application and/or device to reduce latency;
Provides identity and access management to the SASE cloud;
All traffic passes through the SASE cloud, which is governed by Zero Trust policies that take into account context, such as time of day and location;
user, device and/or application access to the SASE cloud via SD-WAN.
SD-WAN, Secure SD-WAN and SASE Standardization
The market looks promising for both SD-WAN technologies and managed services. Appledore Research estimates that eight vendors dominate the SD-WAN software market.
As the enterprise network model evolves to accommodate remote work, organizations must ensure that remote workers can securely access company resources from anywhere and on any device. Security has quickly become a key application for SD-WAN.
Traditionally, security has been designed using cyprus mobile database devices deployed around the perimeter of all corporate sites to keep threats out. However, remote work blurs company boundaries, and organizations need to ensure the same level of security for the home office as they do for the corporate office. Ensuring users can access resources securely can be accomplished through two approaches. The first approach, secure SD-WAN, applies security features to an SD-WAN application right at the user’s home. The various security features are implemented on the user’s network and are single-tenant (i.e., dedicated to the user and the company they work for). The challenge with this model is sizing the application so that it is cost-effective and does not impact productivity.
SASE
The second approach to SD-WAN security is SASE, and it’s new. SASE moves security to the edge environment closest to the user’s home, optimizing it for multiple tenants that share edge cloud resources. In a multi-tenant model, security functions can scale using microservice architectures.
The most important aspects of SASE are:
located close to the user, application and/or device to reduce latency;
Provides identity and access management to the SASE cloud;
All traffic passes through the SASE cloud, which is governed by Zero Trust policies that take into account context, such as time of day and location;
user, device and/or application access to the SASE cloud via SD-WAN.
SD-WAN, Secure SD-WAN and SASE Standardization
The market looks promising for both SD-WAN technologies and managed services. Appledore Research estimates that eight vendors dominate the SD-WAN software market.