Software Defined WAN (SD-WAN) is a modern approach to building and operating Wide Area Networks. SD-WAN is the logical extension of virtualisation in the data centre and Software Defined Networking within those data centres. Augmenting your existing WAN infrastructure with SD-WAN functionality reduces cost, improves availability and application performance, simplifies management and reduces service provider dependence.
Secure SD-WAN for global connectivity to protect and expand your global business
Using Internet VPNs to augment and expand the existing WAN has serious implications for your security footprint. SD-WAN addresses this by using encrypted VPN tunnels across public networks. By locking down the Internet interface and allowing VPN traffic only you can eliminate the need to add a local firewall.
Application Intelligence, that is inherent to SD-WAN routers, also creates an opportunity to streamline your existing security architecture. Today all Internet-bound traffic should be sent via a Next Generation Firewall that has extensive application recognition and threat analysis features. Because of this, scalability of these devices comes at a premium. With the number of cloud-based applications growing at an exponential rate, the relative volume of “good” or “sanctioned” applications increases and more firewall capacity is needed.
Because SD‑WAN routers are often connected to the Internet and can recognise most Cloud-based applications, they can act as a first line of security and relieve the Next-Generation Firewall of traffic that is “known to be good”. Other applications that require more complex analysis will still be forwarded via the Firewall for full analysis. The below diagram shows an architecture where access to medium risk sanctioned destinations is diverted to a cloud-based security service. Access to cloud-based IT (IaaS, PaaS, SaaS) is permitted directly from the user sites for optimal performance. High risk traffic and inbound traffic is still managed by central security platforms.
SD-WAN not only improves the efficiency of existing security infrastructures by providing a first risk classification, but also avoids bottlenecks and improves user experience by providing a direct path to Cloud-based IT.
Talk with an Expert
Speak with a solutions expert or architect. Give us a call or leave a message. Our team is ready for your business.
How can Infradata help?
Infradata has 13 years’ experience of deploying and managing security solutions. Infradata’s networking, security and SD-WAN expertise can help you to select and design the optimal solution for your organization, either as a managed service or as a solution that you operate yourself.