What is a SD-WAN Product?
SD-WAN Products Defined
Software-Defined Wide Area Networking (SD-WAN) offers a more effective way for organizations to securely connect multiple branches in disparate locations. SD-WAN uses the principles of software-defined networking to distribute and orchestrate network traffic across a wide area network more effectively and cost-efficiently. By creating a virtual architecture that augments the standard MPLS connections with low-cost, commodity transport services like broadband and LTE, SD-WAN improves application performance, enhances user experiences, reduces networking costs and streamlines network management.
Options for SD-WAN products include physical and virtual appliances, SD-WAN software solutions, and SD-WAN services or managed services offered by an SD-WAN vendor. The primary types of SD-WAN products are controllers and routers. SD-WAN controllers manage the physical devices of the WAN architecture and control the configuration, performance and security of the network. SD-WAN routers are appliances that provide a single endpoint to the WAN infrastructure and make it easier for organizations to control their WAN connections.
The Challenges Solved by SD-WAN
The traditional WAN was not designed to handle the needs of today’s distributed IT environments and workforces. Employees today may work from anywhere and often need to connect to cloud applications and corporate resources on mobile devices via unsecured connections. At the same time, fundamental changes in IT – including cloud computing, IoT, artificial intelligence and virtualization – are adding massive amounts of traffic and data to wide area networks, overwhelming legacy WAN architecture. The traditional practice of backhauling traffic from branch offices over the WAN to a central data center for security inspection is no longer workable, as it consumes too much bandwidth and adds considerable latency and cost as well as complexity for network administrators.
SD-WAN products overcome these challenges by connecting individual locations directly to the internet using low-cost transport services like broadband and LTE, enabling faster performance while reducing costs. SD-WAN streamlines network administration by enabling IT teams to manage the network from a central platform. Additionally, SD-WAN products can be deployed far faster than a traditional MPLS-based WAN, further reducing costs while increasing agility. By avoiding the need to backhaul traffic and providing direct-to-cloud connectivity from branch offices, SD-WAN solutions accelerate the performance of cloud-based apps to provide exceptional end-user experiences and increase productivity.
Key Features of SD-WAN Products
While there is a broad array of solutions available today, most products from SD-WAN companies include several key features.
- Network virtualization. SD-WAN products create a transport-agnostic virtual overlay for the network, replacing legacy branch office routers while simplifying control and management of the network.
- Policy-driven centralized management. SD-WAN systems provide administrators with a single pane of glass from which they can manage an automated policy-based framework. Greater visibility into network traffic delivers critical insights into applications, users, devices and networking activity, simplifying the job of defining and controlling business requirements across physical branches, data centers and cloud assets.
- Application-aware routing. SD-WAN products recognize the bandwidth needs of individual applications and orchestrate optimal traffic delivery to ensure performance and high-quality experiences.
Securing an SD-WAN System
While SD-WAN products offer enormous benefits for performance and cost savings, they may also introduce some security concerns. As individual sites connect directly to the internet and cloud applications, they no longer have the protections afforded by security inspection in centralized data centers. Traditional firewalls and security solutions typically lack the ability to deal with modern encryption and the sophistication of emerging threats.
Organizations can take several steps to properly secure an SD-WAN system. Choosing SD-WAN products with built-in next-generation SD-WAN firewalls and Intrusion Prevention Systems (IPS) will provide advanced malware detection and strong protection against many of the evasion techniques used by hackers.
A Cloud Access Security Broker (CASB) can help to secure cloud activity, enforce data protection policies and automatically take actions such as encrypting or quarantining sensitive data within sanctioned apps like Office 365. Secure Web Gateways (SWG) can detect and block malware, prevent data loss and leaks, enforce acceptable use policies and prevent users from accessing malicious or inappropriate sites or downloading attachments containing malware.
SD-WAN Products from Forcepoint
Forcepoint FlexEdge Secure SD-WAN ensures users can safely access any application from anywhere while improving application performance, simplifying network management and increasing security. This Forcepoint SD-WAN product offers application-based control over MPLS and internet broadband links while protecting against advanced threats. Designed from the ground up for scalability and high availability, FlexEdge Secure SD-WAN delivers centralized management with complete visibility into network traffic.
With Forcepoint’s SD-WAN product, organizations can:
- Reduce risk. Forcepoint provides a single, integrated solution that connects and protects organizations effectively while delivering industry-leading protections to enhance security posture.
- Lower costs. FlexEdge Secure SD-WAN augments expensive MPLS lines with commodity internet links to reduce networking costs. Forcepoint also integrates SD-WAN with multi-ISP connectivity, site-to-site MultiLink™ VPN and high-availability clustering to replace multiple point products with a single solution that allows IT teams to do more with less.
- Ensure continuity. Forcepoint enables a faster, more resilient SD-WAN architecture that helps to maintain business continuity even when connections are experiencing outages or slowdowns.
- Streamline management. FlexEdge Secure SD-WAN Manager centrally administers and controls up to 6,000 physical, virtual and cloud appliances from a single console.