The network ecosystem has undergone a rapid transformation and in recent years, many enterprises are shifting MLPS to direct Internet access for increased bandwidth and cost advantages. However, this shift also exposes enterprises to new cyber threats, which is the main concern when enterprises implement SD-WAN platforms.
Indeed, enterprises have good reasons to be concerned about adopting direct Internet access, as global-level hacking incidents continue to threaten network security. For some enterprises, they still employ VPN and run IPsec channels over their SD-WANs for their branch offices, since they are not confident about the security when running bandwidth-consuming VNF (virtualized network functions) on the Internet. However, this approach may partially defeat the purpose of switching to a software-defined orchestration as it reduces application visibility and adds weights to packet size, which eventually impact the SD-WAN deployment in a negative way.
Now, with advancements in software defined ecosystem, SD-WAN security can be much more simplified. Enterprise IT teams can take advantage of SD-Security (Software-Defined Security), a software-based approach to provide protections and controls that resemble similar measures performed by physical hardware. This approach is highly compatible with running third-party applications, VNFs and data-hosting on a white-box hardware platform, without investment in proprietary hardware elements, saving CAPEX for enterprises.
As said above, SD-WAN and SD-Security shall go hand-in-hand as they share the similar architecture, using VNFs on open x86 hardware appliance. Along with the Internet connectivity, enterprise SD-WAN infrastructures can be further improved, without security concerns. Thus, in order to overcome interoperability issues for blending SD-WAN and SD-Security, Lanner teams up with Versa to provide validated SD-security solution that integrates Lanner’s virtual CPE network appliance and Versa Networks’ highly-flexible SD-Security software. The joint solution enables service providers to centrally and cost-effectively manage software-defined security for their SD-WAN networks at customers’ sites, while delivering flexibility and cost advantages for creating agile and profitable managed SD-WAN services.