Secure SD-WAN: Three Security Questions to Ask Before You Buy

Secure SD-WAN: Three Security Questions to Ask Before You Buy

leaf graphic

Much like the process used to plant bridge foundations under a body of water (see picture), security should be deep-seated into every network strategy and software defined wide area network (SD-WAN) solution--not just bolted on as aftermarket components. When evaluating providers, it is critical to choose only a secure SD-WAN solution.

This bridge foundation picture earned a lot of attention on Twitter. It’s mind blowing, no doubt. Remarkable engineering that makes security innate is needed with SD-WAN solutions, because buyers often forget that when deployed over dedicated internet connectivity or public broadband SD-WAN could introduce security risks that require threat monitoring and management.

Here’s another reason security can’t just be bolted on. Most SD-WAN devices themselves are not innately built to be secure, which is why enterprises should look for solutions from providers who have made security built-in with Unified Threat Management (UTM).

Ask these questions before you buy:

  1. Does your SD-WAN solution include an integrated, next-generation firewall with Unified Threat Management (UTM)?
  2. Do you offer secure local Internet breakouts, and if so, how?
  3. Does your SD-WAN include an integrated router and firewall, making it easy to directly and securely route traffic to the Internet without stacking multiple devices at a given location?

How do you make SD-WAN security easy? Monitoring network infrastructure can quickly thin your IT resources. Even if you have firewalls, the number of alerts generated can be as mind blowing as that bridge operation. However, providers who offer managed detection and response security services on top of their network and SD-WAN offerings take the workload off of your team.

Comparing Vendors: Knowing When Tools are Embedded into the Fabric

Here at Masergy, we think of ourselves as bridge foundation workers of sorts. We deeply embed network and security tools into the fabric of our software defined network platform. By comparison, you might notice that other large legacy providers think of security and analytics as an afterthought. Their aftermarket components are not truly integrated with their network. These “Frankenstein” solutions are limited when it comes to rapid provisioning, deep performance monitoring and analytics, responsiveness, and meaningful insights.

In the case of Masergy’s SD-WAN, our threat management solutions as well as our analytics and service control tools are all embedded into our network. They are innate and in our core, giving you simple built-in security functions, real-time visibility, and extreme flexibility for bandwidth modifications.

Masergy’s Intelligent Service Control portal enables complete interaction with Masergy services in real-time from anywhere in the world on any connected device. This patented capability lets you modify bandwidth and provision new SD-VPNs, virtual network functions, and SD-WAN locations on the fly. We take data from the actual network ports, and we put it in the portal, so you can see it and analyze it. No other major tier-1 or legacy carrier provides that level of detail today. They may give you visibility at the box-level onsite but not at the network level itself. That’s why we say our hybrid networking solution has embedded analytics. It’s quite literally built into the network.

Our customers can also spin up virtualized firewalls to protect their network infrastructure at any location where it makes sense for their business. It can then guard against attacks from the Internet, a customer extranet, or perhaps any unknown threats associated with a newly acquired company--to name just a few. All of these native tools allow you to self-provision new and existing networks and devices.

In the end, corporate networks work better when parts and pieces aren’t just bolted on. Would you rather put your network traffic on a bridge built by the company in this picture or a bridge piecemealed together? Learn more about Masergy’s hybrid networking solutions.

About Ray Watson

VP, Innovation, Masergy
Ray Watson is VP of Innovation at Masergy. He brings over 17 years of expertise in IT strategy, application solution design and next-generation network architectures. Ray has enabled numerous global enterprises in transforming their IT infrastructures to guarantee business outcomes. Ray is an industry thought leader in IT transformation and is a frequent speaker on topics such as hybrid networking, SDN, NFV, cloud connectivity and advanced security. Prior to joining Masergy, Ray worked at Airband Communications and Broadwing Communications. He holds a B.S. from Purdue University.