No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

Update Your WAN Strategy and Secure Your Company Network

by Nirav Shah
June 26, 2018
in Data Privacy, Featured
cloud icon between tablet and laptop

Key Considerations When Choosing a Solution

Security embedded in an SD-WAN-enabled appliance cannot simply be downgraded to perfunctory specs and held hostage to SD-WAN’s greater mission of pushing packets through pipes as seamlessly as possible. In today’s cyber-threat environment, SD-WAN-plus-security offerings need to be assessed more carefully in order to prevent exploitation in the cloud. When examining SD-WAN security solutions, organizations should look for these key capabilities.

Cloud services and flexible infrastructures are critical components of today’s organizations, which is why the traditional WAN is no longer an effective solution for today’s distributed enterprise. Organizations are overcoming many of these network issues by adopting SD-WAN.

SD-WAN plays a critical role in the transformation of organizational infrastructure, enabling them to adopt the flexibility and performance required to compete effectively in the digital marketplace. It solves an immediate need to replace rigid infrastructure with significant simplification, improved cost advantage and better support for cloud adoption. SD-WAN technology fills that need by effectively routing network traffic from branches to the cloud, headquarters or other branches.

It allows branches to directly access cloud applications by dynamically using broadband connections, thereby increasing network performance and reducing costs. SD-WAN also takes an application-centric approach, allowing enterprises to maximize the available bandwidth for business-critical applications and increasing their ROI.

The Biggest SD-WAN Challenge is Security

Cybercriminals are looking for ways to exploit the growth in cloud. While service providers are an attractive target, most criminals don’t have the resources or skill sets needed to effectively target them. What they are looking for instead is a weak link to exploit. They want something that will allow them to either break into an organization through their cloud connections or to exploit a cloud connection as an access point to a cloud provider. For many, SD-WAN is a potentially attractive opportunity.

SD-WAN vendors are increasingly embedding security features into their offerings, but these tend to be basic, Layer 3 network controls and not the robust security functions that these environments require. According to Gartner, while “software-defined WAN (SD-WAN) products now incorporate internet perimeter security, more than 90 percent of SD-WAN vendors are not traditional security vendors, which causes clients to question whether they can rely on embedded security alone.”

There are many different SD-WANs on the market today, and VPs of IT need to carefully review their options. Because of the potential security risks, Gartner recommends that customers “avoid making strategic WAN decisions in a siloed, incremental fashion, solely within the networking group.”

That’s because what is often missing from these deliberations is how to adequately address security risks. Considering the current cyber-threat environment, security embedded in an SD-WAN-enabled appliance cannot simply be relegated to perfunctory specs and held hostage to SD-WAN’s greater mission of pushing packets through pipes as seamlessly as possible. But that is exactly the problem with most of today’s SD-WAN-plus-security offerings.

Things to Consider When Selecting a Secure SD-WAN Solution

SD-WAN security cannot afford to become a euphemism for SD-WAN compromise. When examining SD-WAN security solutions, candidates claiming to provide SD-WAN next-generation firewall (NGFW) security functions should be assessed for several key capabilities:

  • Application and Path Awareness. As an SD-WAN-enabled appliance, the NGFW solution must include path awareness intelligence, be able to automatically route packets from each application according to application-level SLAs and prioritize them by criticality, time of day and so on. It should also be application-aware, enabling network admins to monitor the changing traffic patterns of the applications traversing the WAN so they can dynamically modify security policies accordingly.
  • Integrated Security and Compliance. The secure SD-WAN environment should not only include key security features, such as high-throughput IPSec VPN and SSL inspection, but also compliance tracking and reporting. With applications dispersing packets across multiple WAN pathways inside an SD-WAN, you don’t want to have to spend hours retracing the routes of suspect packets by toggling between multiple apps.
  • WAN-Aware Automation. It is essential that NGFW security solutions not compromise WAN path routing. Otherwise, the performance gains promised by SD-WAN may be negated by security-based latencies.
  • Multi-Broadband Support. Rather than relying on erratic 3G/4G/5G networks as the only failover for multiprotocol label switching (MPLS) lines, an SD-WAN solution should also be able to securely leverage the public internet in order to maximize WAN availability.
  • TCO-Reducing Features. Consolidated management is essential. It doesn’t pay to adopt an integrated solution if it needs to be managed through multiple consoles. In addition, an SD-WAN solution needs to offer zero-touch deployment to relieve much of the burden associated with secure SD-WAN implementation.

Who Owns Your Secure SD-WAN — Networking or Security?

That’s a challenge many organizations face. In spite of increasingly hyperconnected and distributed networks, many IT teams still operate within rigid and siloed lines of responsibility, which is why you need a solution that can operate as an agnostic solution. Any SD-WAN solution under consideration, then, needs to integrate both networking and security functions through a single pane of glass for simplified management. This not only reduces finger-pointing and wasted time, but also increases your flexibility in allocating FTE resources while maintaining consistent network and security policies across your entire distributed network ecosystem.

A secure SD-WAN can help you lower TCO all around. With some careful planning, it can be a straightforward path to creating a WAN solution that meets the needs of your users, as well as your networking and security teams – if you know what to look for.


Tags: Cloud Compliance
Previous Post

COSO, ISO 31000 or Another ERM Framework?

Next Post

Technical Requirements for GDPR Compliance

Nirav Shah

Nirav Shah

Nirav Shah is Senior Director of Products and Solutions at Fortinet. Nirav has more than 15 years of experience working in the enterprise networking and security industry. He serves as Fortinet’s products and solutions lead for FortiGate network security appliances and focuses on NGFW, SD-WAN, segmentation and secure web gateway use cases. Prior positions include a senior software developer and senior product manager for enterprise networking and security solutions for Cisco. Nirav holds a master’s in Computer Science from the University of Southern California.

Related Posts

cloud computing security

Cloud Security Isn’t Just on Your Provider; It’s Your Job, Too

by Wolters Kluwer
March 1, 2023

Organizations want to embrace all the benefits the cloud has to offer while still protecting their sensitive data. Engaging a...

data spillage

Instead of Crying Over Spilled Data, Shore up Your Governance Practices

by Rich Hale
October 12, 2022

The reputational damage and compliance failures that result from a data spillage incident are well-known, and as the volume of...

amazon web services

Dark Clouds: Capital One Proves Financial Institutions Can’t Rely on Providers for Security

by Michael Volkov
September 7, 2022

Going by the online handle “erratic,” a former Amazon software engineer conducted an extensive hacking scheme that gave her access...

cloud with ladder to it and caution sign symbol

LogicGate Introduces Risk Cloud Quantify to Put Assessments in Terms of Real Dollars

by Corporate Compliance Insights
September 28, 2021

Illinois-Based Startup Launches New Function in No-Code GRC Platform After Raising $113M in Latest Funding Round Risk software startup LogicGate...

Next Post
GDPR compliance on keyboard

Technical Requirements for GDPR Compliance

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT