Azim Makan, VP, Systems Engineering – Canada, Fortinet
The technology industry has many examples of functionalities that were once sold as individual products, but which have now been woven into larger solutions. SD-WAN is no different. Not only is the world quickly moving away from the standalone SD-WAN model, it’s also abundantly clear that an integrated security platform is the ideal location for it.
The reason for this is clear: without strong security, SD-WAN ends up providing a clear entry point for malware and cyber attackers. True, adding a security layer is an option, but such approaches are expensive, prone to error, and still leave security gaps that attackers can easily exploit. For both to be effective, security and SD-WAN need to function hand-in-hand. Not only does a fully integrated Secure SD-WAN platform solution eliminate the need for yet another application sitting on the network edge, it also enables the full stack of security solutions to inspect, secure, and monitor all SD-WAN traffic connections and applications by default. This approach also makes it easy to deploy in any environment, centrally manage both connectivity and security protocols and configurations, and increase visibility across the WAN.
This doesn’t mean IT departments can look for just any platform, of course. Some offerings are little more than a collection of separate security devices rolled together into a bundle, introducing a whole new set of problems. A true platform not only provides enterprise-class security solutions, but the entire system – security, traffic management, connectivity, and networking – is integrated from top to bottom, designed to interoperate as a single system, and managed through a single pane of glass. This way, all transactions are visible and inspected, making it easy to spot and respond to any potentially risky behaviours.
Then there are questions about performance. Security platforms have earned a reputation for being bottlenecks, slowing down critical applications like video conferencing. A big reason for this is that too many security appliances still rely on generic, off-the-shelf CPUs to process resource-intensive functions. The results are predictable, much like how a computing system without a graphics processing unit would be unable to effectively render video game graphics. A system designed with purpose-built security processors will go a long way to eliminating bottlenecks. And when combined into a modern, cloud-native, and AI-powered platform, such a solution is able to pave the way for greater application performance, more robust security, and improved ease of management.
But perhaps the most important case for integrating SD-WAN into a security platform is the need to keep pace with digital innovation. COVID-19 delays aside, companies are pursuing long-term digital transformation strategies to take advantage of enormous gains in productivity and competitiveness. But as they do, they necessarily expand their attack surface, leaving themselves vulnerable to attacks. With a security-driven approach, however, security isn’t just along for the ride. It is an integral part of the new network – adapting and scaling along with it as needed.
Regardless of what factors are driving it, transitioning SD-WAN from a standalone appliance to a function inside a high-performance security device that can be deployed anywhere across the organization is the best way forward.
Interested in learning more? Take a security-driven approach to networking with Fortinet’s Secure SD-WAN solution, and read how the District School Board of Niagara implemented Fortinet’s Secure SD-WAN to alleviate network complexity, increase bandwidth, and reduce security costs.