Thought SD-WAN Was What You Needed to Transform your Network? Think Again.

Since its premier over a decade ago, SD-WAN was adopted by enterprises as the go-to-technology for preparing their network for the digital transformation. At the... Read ›
Thought SD-WAN Was What You Needed to Transform your Network? Think Again. Since its premier over a decade ago, SD-WAN was adopted by enterprises as the go-to-technology for preparing their network for the digital transformation. At the time this made sense, as SD-WAN brought important advantages: Optimized bandwidth costs, by leveraging inexpensive services like Internet broadband whenever possible. Improved cloud and Internet performance, by sending traffic directly to the Internet and not via distant datacenters. Reduced overhead and complexity, by enabling centralized management and agile orchestration. Indeed, SD-WAN presents an affordable solution for site-to-site connectivity and is the initial building block of WAN transformation. Nevertheless, a full digital transformation involves much more than branch connectivity. The modern digital business needs optimized access to cloud resources, reliable global connectivity, security for all enterprise edges, and particularly today – support for the mobile/remote workforce. What COVID-19 Taught us About Work-from-Home Transition COVID-19 has expedited the need to shift to a WFH (or work-from-anywhere) model. Transforming the network to enable secure remote access to all users, at all locations, is crucial for guaranteeing business continuity in today’s reality, and has become a top priority for IT teams worldwide. To successfully address the sudden demand for remote access caused by the pandemic, IT needs to instantly support all employees, at the same time, without affecting user experience and enterprise security posture. This huge WFH challenge is dependent on these three criteria: global scalability, performance optimization, and converged security. Is SD-WAN the Answer to the WFH Challenge? Trying to solve remote access scalability with SD-WAN requires installing an SD-WAN device at each remote user’s home/office, which is inefficient, complicated, and all but scalable. And without a global private backbone, even the SD-WAN device is dependent on the performance of the public Internet, which is unpredictable, especially over global distances. Finally, allowing remote users to access the Internet without security measures increases the chance for breaches and malicious attacks. It’s no wonder that ever since the COVID-19 outbreak, we’re hearing from more and more IT leaders that their SD-WAN can’t address their most pressing need – provide a secure and optimized WFH environment. Enterprises have come to realize that as a point solution, at the branch level, SD-WAN has only partially prepared their network for the digital transformation. What can IT do now? Add more point products to support WFH? If you’re asking us, the answer is clearly no. More appliances and point solutions entail the cost and hassle of procurement, sizing, maintenance, and upgrades. So, what yes? Move to SASE. Global scalability, optimized performance, and converged security, all together, can be found in Gartner’s new industry category Secure Access Service Edge (SASE). A true SASE platform converges SD-WAN and network security into a single, global cloud service; delivering on top of that, SWG, CASB, NGFW and software-defined perimeter (SDP)/zero trust network access (ZTNA). What it Takes to Really Support Remote Users If we were to boil down the topic to a key takeaway, this is it: A viable remote access solution must be a software-only, cloud-native solution. Let’s revisit the WFH criteria and apply them to SASE: Global scalability – SASE’s cloud-native and globally distributed architecture supports optimized and secure access for an unlimited number of users, on any device, from any location, and without requiring additional infrastructure. Performance optimization – A SASE platform includes a private backbone and built-in WAN optimization, avoiding the unpredictable Internet when connecting remote users to applications. This ensures that application performance from remote is the same as from the office. Converged security – A SASE service provides a natively integrated, complete network security stack. All traffic passes through the SASE network, applying multi-factor authentication, continuous threat prevention, and granular application access policies for applications, both on-premises and in the cloud. SASE – All you Need to Transform your Network In its newly released Hype Cycle for Enterprise Networking, 2020, Gartner acknowledges that COVID-19 has “highlighted the need for business continuity plans that include flexible, anywhere, anytime, secure remote access, at scale.” Gartner advises to prioritize SASE use cases that drive measurable business value, such as the mobile and remote workforce. SASE is what you need to successfully transform your network and provide enterprise-wide remote access. SASE offers a cloud-native, agile architecture with converged network and security that is globally distributed and supports all resources. This is what turns SASE into the ultimate answer to the WFH challenge. With SASE you’ll be able to fully transform your business, deliver a secure, productive, work-from-anywhere environment, and support your enterprise with a network built for today and ready for the future.

SD-WAN: Designed for Completeness?

Completeness, as defined by Oxford Dictionary, is “the state or condition of having all the necessary or appropriate parts.” Let’s analyze SD-WAN’s completeness according to... Read ›
SD-WAN: Designed for Completeness? Completeness, as defined by Oxford Dictionary, is “the state or condition of having all the necessary or appropriate parts.” Let’s analyze SD-WAN’s completeness according to this definition. SD-WAN delivers various benefits compared to legacy WANs, mainly offering enterprises cost optimization, agility, and simplicity. To achieve this Gartner outlined four characteristics an SD-WAN solution should include: The ability to replace legacy WAN routers and support multiple transport links such as MPLS, Internet, and LTE. Dynamic load sharing of traffic across multiple WAN connections, based on corporate defined policies. Simplification of the complexity associated with configuring, managing, and maintaining a WAN (e.g., delivering zero touch provisioning for new branches). Secure VPNs and the option to integrate additional network services such as firewall, WAN Optimization, and SWG. (Source: Technology Overview for SD-WAN 02 July 2015. ID: G00279026 Analyst(s): Andrew Lerner, Neil Rickard.) So, What’s Missing? SD-WAN presents an affordable and flexible replacement for MPLS without the complexities associated with traditional WANs. It’s great, really SD-WOW. But, since its premier in 2014 a lot has happened, even a global crisis. Enterprises across all industries and geographies are becoming cloud-first. They require cloud application acceleration, enhanced security for users, locations, and data – without affecting performance, and not to mention having to suddenly shift to a work-from-everywhere model. Network security, cloud connectivity, and remote access are all critical requirements, yet SD-WAN fails to address them. It seems that the definition for technology completeness doesn’t fit SD-WAN, at least not for the modern digital business needs. Don’t Settle for a Faster Horse While SD-WAN is the first step in overcoming MPLS costs and constraints, that in itself isn’t enough to ensure the network keeps up with the business. It’s time to take a leap. Simply augmenting SD-WAN doesn’t result in SD-WAN completeness. Rather, it keeps IT teams caught in the never-ending cycle of installing, managing and maintaining point products. What would Albert Einstein say about doing SD-WAN over and over again and expecting different results? The modern digital business is dependent on the network’s ability to connect all resources, protect them, and adapt to any change. SD-WAN alone isn’t the answer. A new network is needed, built from the ground up, on an architecture fit to support the needs and growth plans of enterprises today. This calls for a Secure Access Service Edge (SASE). SASE is designed for completeness. Introduced by Gartner as a new market category, SASE converges SD-WAN and network security capabilities into a single, global, cloud service. SASE eliminates the complexity associated with the procurement, deployment, and management of numerous point solutions (SD-WAN included) that comprise the enterprise network and security infrastructure. 100% Completeness with SASE SASE creates an agile, scalable and elastic platform that truly transforms a WAN to support the way business is conducted today. The SASE architecture connects and secures sites, cloud resources, and remote users. It delivers the required networking capabilities of security, routing, analytics, scalability, and central management missing in SD-WAN. Some advice from Gartner to avoid confusing SD-WAN with the completeness of a SASE platform: Ask network security vendors to show a roadmap for SASE capabilities, including SD-WAN. Request vendors to demonstrate existing and expected investments in POPs. Avoid SASE offerings that are stitched together (i.e., the complexity of point products). Closely evaluate the integration of services, and the ability to be orchestrated as a single experience from a single console and a single method for setting policies. (Source: The Future of Network Security Is in the Cloud. Published: 30 August 2019 ID: G00441737. Analyst(s): Neil MacDonald, Lawrence Orans, Joe Skorupa.) Completeness matters. Today, more than ever. Without it, IT can’t support future business initiatives. SASE offers a global, converged, could-native architecture that supports all edges – four core qualities essential for a complete network that promises to support business transformation in a constantly evolving industry.