Five ways SD-WAN equips enterprises to improve network security

By: Rick Key

Network security had a pretty tough year in 2017. From the WannaCry virus to the Equifax breach, the world of data communications has gotten a lot scarier for enterprises and consumers alike.

While the headlines have been alarming, overall industry trends are mixed. According to a recent report by the Ponemon Institute, the average cost of a data breach dropped by about 10 percent to $3.62 million in 2017. This is most likely tied to a reduction in the cost per record stolen, which declined from $158 in 2016 to $141 in 2017. However, the average size of data breaches rose 1.8 percent to more than 24,000 records.

Clearly, this is not the time for enterprises to neglect network security. With the rapid expansion of the cloud, followed by what is likely to be an equally rapid move to the Internet of Things, wide-area infrastructure is in need of more flexible and robust protection. One of the most significant enhancements in this field is the advent of the software-defined wide-area network (SD-WAN). By abstracting regional connectivity on top of underlying hardware, enterprises can experience a number of benefits over traditional hardware-centric architectures. SD-WAN equips enterprises to:

1. Centralize network security

SD-WAN gives enterprises a single control plane to oversee all networks, including data center, multiprotocol label switching and WAN. This strategy will be crucial as data migrates to multiple clouds and becomes subject to multiple security regimes. With a single view of all network operations, the enterprise can ensure that security is fully orchestrated across the entire distributed data ecosystem.

2. Reduce attack vectors

By establishing a single cohesive security environment, businesses can prevent any holes in the distributed network infrastructure from being exploited. As infrastructure becomes more diverse, the chance of key vulnerabilities falling through the cracks increases. Enterprises can improve performance and bolster security confidence by establishing the control hub as the only available attack point.

Simplify and automate your network with managed services that enhance availability and optimize cost

3. Streamline upgrades

But is the control hub inherently more secure than a distributed architecture? It is if security features like malware protection, antivirus and identity management are managed as services. Organizations can receive automated updates and patching, which can then be pushed over the entire network environment without complex manual integration procedures. This enables the rapid deployment of cutting-edge technologies like artificial intelligence and machine learning, which are becoming vital tools in the fight against increasingly sophisticated attacks.

4. Reduce provider dependencies

The SD-WAN puts the enterprise back in control of its network infrastructure. Relying on third-party vendor solutions has traditionally posed a challenge for businesses, but this is nothing compared to coordinating security among various resource providers, network carriers and related suppliers. Most organizations build security to protect their own assets, which in turn extends protection to their customers.

5. Optimize network security

By investing in SD-WAN, enterprises can optimize security for a wide variety of applications, data sets and use cases. Web applications may require different protections than a back-office function. With an abstract network architecture, enterprises can apply security and other policies individually, ensuring optimal performance regardless of where data travels.

By combining SD-WAN technology with a network peering architecture, the enterprise can essentially construct a wide-area intranet for itself. Although security will remain an ongoing challenge, a single overarching network is much easier to manage than dozens — or even hundreds — of smaller ones. This holds true even as the scale of the data environment increases in both size and complexity.

At the end of the day, the most valuable commodity that the enterprise can offer to customers is trust. In a world of increasing security threats, that trust will belong to organizations that can effectively protect data while still providing top-notch access to the applications and network services that users find invaluable.

Ready to take the next step? Visit IBM Network Consulting Services

Related topic: Software-Defined Networking (SDN)

In depth: IBM Network Services topics:

Network Services

Network Consulting Services

Software Defined Networking (SDN)

Managed Network Services

Hybrid SD-WAN Services

What is Software-defined wide area network (SD-WAN)?

What is a software-defined data center and how it can help your business?

SDN vs Traditional Networking Explained

What is network function virtualization (NFV)

About The Author