The Future of SD-WAN, Post COVID-19

istock 1251208013

By: Gabriel Gomane, Senior Product Marketing Manager at Aruba, a Hewlett Packard Enterprise company.

For organizations coming out of government-mandated restrictions as a result of the COVID-19 crisis, they have an opportunity to reimagine their respective digital transformation journeys and become more resilient for coping with constant business change. Of course, not all businesses have survived, or thrived, during the past two-plus years. However, each must chart their own course in how they continue to digitize pieces or entire business functions. Key to that digital transformation is SD-WAN, especially as organizations rebound and climb out of the crisis, a crisis that may come roaring back considering the continued threat of new variants and outbreaks across the globe. In the meantime, here are five trends influencing SD-WAN that organizations can leverage to future-proof the business.

  1. Accelerate the journey to the cloud and digitization

Thanks to work-from-anywhere trends and the constant need for flexibility, digital transformation and the movement of applications to the cloud has accelerated. As organizations bypass the need to backhaul traffic to the data center that is destined for the cloud, the role of the data center is shrinking. Instead, organizations now need flexible, wide-area networking connections that empower them to securely steer the cloud-hosted application traffic directly to the cloud. This more efficient and often more cost-effective workflow, versus backhauling cloud traffic via expensive and rigid MPLS lines, enables organizations to better optimize and modernize the network based on business needs.

Additionally, SD-WAN connections can leverage cheaper and flexible internet and 5G/LTE while delivering an end-user experience on par or better than predecessor WAN models that require backhaul. Advanced SD-WANs intelligently steer the traffic to the internet and use SaaS optimization techniques, such as utilizing machine learning, to automatically select the best path for application data. Organizations can further enjoy greater flexibility and ease of management by implementing a network-as-a-service (NaaS) model with SD-WAN as a key piece of the foundation.

  1. Take advantage of hybrid or multi-cloud environments

The migration to hybrid cloud (a composition of a public cloud and a private environment) and multi-cloud continues to hasten and mature, requiring an increased need to simplify the process of orchestrating network traffic.

Organizations therefore require enhanced connectivity to cloud providers to run applications hosted in multiple clouds, especially as they develop cloud-native applications based on microservices, APIs, and the multi-cloud ecosystem. These applications often use a scalable architecture that helps support greater business adaptability.

Here, advanced SD-WAN solutions can be seamlessly deployed to cloud service providers providing secure end-to-end connectivity to the cloud. This empowers organizations to easily move workloads from one cloud provider to another, such as from AWS to Azure.

  1. Keeping pace with cybersecurity risks

Cyberattack risks have increased exponentially over the years as the threat landscape grows thanks in part to increased reliance on IoT and the need to connect from anywhere. That growing list of cyberthreat sources also includes insecure network connections and a lack of compliance measures. Take the SolarWinds attacks in December 2020 that spread via malicious code placed in software updates, allowing attackers to access Microsoft 365 emails. More recently, the Log4j attack exploited a vulnerability in Log4j, a popular Java logging framework, that allowed attackers to execute arbitrary Java code on a server.

In response to growing cybersecurity threats, Gartner in 2019 coined the term secure access service edge (SASE), defined as the combination of SD-WAN capabilities with network security features hosted in the cloud. This framework offers a solution to help better secure traffic that is increasingly handled in the cloud versus the data center, especially in the post-COVID era. Users are consuming more SaaS applications than data center applications, and more sensitive data is located outside the enterprise network. To further mitigate the security risks that arise with growing cloud adoption, SD-WAN coupled with SSE (Security Service Edge) capabilities such as SWG (Secure Web Gateway), CASB (Cloud Access Security Broker) and ZTNA (Zero Trust Network Access) offers a more effective cybersecurity solution for the modern network.

Going further, organizations must also consider an advanced SD-WAN versus basic SD-WAN capabilities, with a defining characteristic being the ability to connect to a wide range of cloud security vendors. This offers organizations the choice of best-of-breed SSE capabilities to build a robust SASE architecture based on their respective business requirements. Advanced SD-WAN solutions natively integrate and can fully automate the orchestration to cloud security services to create a secure fortress against cyberattacks, something all-in-one SASE offerings with just basic SD-WAN capabilities can’t match.

  1. Working from anywhere is the norm, no longer the exception

Many analysts predict (and a growing chorus of business leaders are discovering) that remote working is here to stay, and organizations must find ways to bring the same level of enterprise security to the home office or on the road. With hybrid work, organizations are evolving into hyper-distributed edge environments. They simply no longer can create a security perimeter around the enterprise network and expect it to work successfully; a fully centralized IT network is no longer sustainable. Organizations must adopt a distributed approach to securing remote connections.

In response, network access points are now beginning to integrate SD-WAN capabilities to form a secure tunnel via simple internet and 5G connections. With these access points, organizations can truly implement a cybersecurity mesh strategy to create a smaller perimeter around every access point or device no matter where they are located. This distributed approach gives enterprises better control over cybersecurity risks by securing an individual access point instead of a large perimeter without clear boundaries. With this approach, no device is trusted by default and security policies are enforced at the identity level.

  1. IoT device adoption continues its exponential growth

In the post-COVID world, organizations are using a growing number of IoT devices ranging from surveillance cameras, point-of-sale terminals, and smart building sensors, to name a few. These devices provide significant business value but they represent a significant threat. IoT devices are typically built on a simple architecture, and most can’t run a security agent. Additionally, some industries like manufacturing face even more risks because they are witnessing the convergence of IT and OT (Operational Technology) networks that used to be separated in the past, and thus were more challenging for hackers to penetrate for access to other parts of the network.

To remedy IoT security challenges, advanced SD-WAN solutions implement a zero-trust architecture that complements SASE. Zero trust frameworks assume that no user or device is inherently trustworthy. They integrate dynamic segmentation that can segment the network into multiple zones while ensuring users or devices can only connect with destinations on the network that are consistent with their respective roles. This segmentation of the network can help isolate and prevent the spread of malicious code across an enterprise network in the event of an attack.

picture1 Aruba

The Aruba SD-WAN fabric intelligently steers traffic from anywhere, providing effective security from the data center, to the edge, and to the cloud

Modernize your network with an advanced SD-WAN solution

Very few predicted nor could even imagine the disruption caused by the pandemic, a pandemic that may not be finished just yet. As the “new normal” becomes just normal, business leaders must continue to accelerate digital transformation efforts while addressing the need to create hybrid work environments that are secure and consistent. The shift to cloud-hosted applications and hyper-distributed environments have resulted in performance and security issues, but those issues can be managed. By implementing an advanced SD-WAN solution, organizations can build the foundational layer required to modernize the network through a flexible and secure edge-to-cloud architecture.

Aruba EdgeConnect SD-WAN portfolio provides advanced SD-WAN capabilities with dynamic path selection, automated orchestration, SaaS, and WAN optimization capabilities. It natively integrates with industry-leading SSE vendors including Zscaler, Netskope, and Skyhigh Security (formerly McAfee Enterprise), to implement a robust SASE architecture with best-of-breed cloud-security capabilities. Aruba EdgeConnect Microbranch extends SD-WAN services and the SASE framework to small offices and home offices delivered via cloud-based Aruba Central and Aruba Wi-Fi access points.

To learn more about the future of networking, please download our ebook: 5 networking predictions for 2022.

Related resources:



Copyright © 2022 IDG Communications, Inc.