Security Like everything in this world of technology, effective security needs to be baked in to virtually every value proposition put on the table. This is important to today’s enterprise technology buyers who evaluate different offerings and build the internal consensus to either accept or decline an offered solution. fear a cyberattack will cost them their job. Source: AVANT State of Disruption Report 2019 According to AVANT’s State of Disruption Report, 74 percent of surveyed technology decision makers fear that a successful cyberattack could cost them their jobs. Fewer than half believed that their companies were well prepared to handle an attack and mitigate the results. SD-WAN solutions typically include their own security protections, such as stateful firewall capabilities, site-to-site encryption, application policy control, segmentation for VLANs and split tunneling, and authentication between edge devices and the controller. How SD-WAN companies deliver security solutions varies widely, with some becoming security technology providers with their own technology and development as a core part of their SD-WAN value proposition, while others are partnering with market leaders to embed security solutions within their product. Most will interoperate effectively with third-party security tools and services, although some may interoperate better than others. Therefore, your current set up of firewalls and other security gear may not need to be displaced with the advent of SD-WAN, but it does make sense to review the technical notes of the specific SD-WAN company for their preferred recommendations. The addition of new technologies and infrastructure almost always expands the attack surface. Thus, technology buyers as well as technology sellers need to be keenly aware of their level of exposure. This is especially true of companies leveraging local Internet breakout, rather than backhauling through a data center. As the data travels across the Internet, protections for layer 4 through layer 7 of the OSI stack will likely be necessary. Security technologies of particular focus should include next-generation firewall with intrusion prevention, web filtering, and DNS security. These, however, can become quite costly when being applied to a large number of remote facilities. Looking at the other side of the coin, it’s also true that a successful breach at a remote office can often be used as an effective bridgehead to gain access to central corporate resources. “Security continues to be the number one concern that IT decision makers have when considering migration to SD-WAN,” said Ray Watson, Vice President of Innovation at Masergy. “This ultimately favors solutions which tightly integrate and support unified threat management as well as managed detection and response.” 13 Copyright © 2019 AVANT Communications, Inc.
6 12 Report Research Page 13 Page 15