10 SD-WAN features you're probably not using but should be

SD-WAN is more than an alternative to MPLS. Zero-touch provisioning, application-aware routing and microsegmentation are just a few of the features that SD-WAN products and services can deliver.

blue globe world network global transformation connected global connection
NicoElNino / Getty Images

SD-WAN platforms are evolving so rapidly that the ones deployed just months ago may already have new  features that could improve efficiency and security, and make the lives of IT pros easier, yet many haven’t taken advantage of them.

So, why aren’t IT execs jumping on these new features? In some cases, vendors have fallen short when it comes to educating IT leaders on the benefits and ease-of-use of these advanced capabilities.

In other cases, organizational siloes, such as the barriers between networking and security teams, have prevented companies from activating, for example, the next-generation firewall or intrusion prevention system that might come with an SD-WAN appliance.

And in many cases networking pros have a standard set of methods and procedures that they’ve been following for years and that get the job done just fine. When it comes to a new way of doing things, such as zero-touch provisioning, there can be some reluctance to take a risk that could end up backfiring if something goes wrong. However, enterprises should consider the benefits that underutilized SD-WAN features, listed below, can provide. After all, you’re paying for the SD-WAN device or the managed service anyway, so why not get your money’s worth?

1. Zero-touch provisioning

The traditional method of deploying branch office networking gear is to bring the physical device to a staging area, configure it, test it, then ship it out to the branch, where a networking pro sets it up. For companies deploying dozens or hundreds of SD-WAN devices across a wide geographic area, this is a manually intensive and time-consuming process.

Zero touch provisioning, which comes standard on most SD-WAN devices, automatically configures an out-of-the-box device. All the device needs is an Internet connection so it can phone home, where it is then fully configured in a fast, efficient, standardized manner based on predefined templates, according to Kunal Thakkar, head of network engineering at Apcela.

2. Encryption key rotation

For enterprises that do business with the federal government, such as aerospace and defense companies, or enterprises with PCI compliance responsibilities, which includes just about everybody else, encryption keys need to be rotated on a regular basis (typically every 90 days). This can be a tedious manual process that entails complex change control policies and can require planned downtime.

SD-WAN platforms can replace conventional VPN-based key rotations with an automated system that can be programmed to make the rotations as frequently as every minute without any interruption to data plane traffic. The result is better security, no downtime and no need for manual intervention.

To continue reading this article register now