SD-WAN FEATURED ARTICLE

Embedding Security into SD-WAN: Converge and Emerge

February 21, 2020

By Arti Loftus, Special Correspondent

With more than 50 SD-WAN providers in the market, according to Gartner (News - Alert), competition is fierce, and one of the ways vendors and service providers are working to differentiate their offerings is to integrate security, especially at the enterprise edge.




Managing the edge has always been challenging, but with more applications, including new collaboration, automation, IoT, and especially cloud-based services, the edge needs to address multiservice environments.

SD-WAN has been hugely successful in displacing the legacy approach because even at its most basic level, it addresses tactical challenges that IT teams and network administrators, including access to cloud-applications, device provisioning and management, and software-defined security architecture.

This week at ITEXPO, one of the world’s largest and most popular gatherings of global leaders in real-time communications and IT systems and solutions, Windstream emphasized the symbiotic relationship between SD-WANs and security, including cloud and multi-cloud connectivity associated with ensuring private networking, stays just that – private.

One of the buzzwords invoked by Windstream (News - Alert) is Gartner’s new obsession, SASE, pronounced “sassy” and being pushed by Gartner as the “next big thing” in the SD-WAN domain in 2020. In a SASE world, security architecture moves rapidly away from on-premises enterprise hardware to the cloud, with greater software-defined perimeter (SDP) controls and zero trust networking. The “Secure Access Service Edge” is an emerging cybersecurity concept that Gartner described a 2019 report titled The Future of Network Security in the Cloud, and the approach promises to allow organizations to apply for secure access no matter where their users, applications or devices are located.

“We have been touting the fundamentals of SASE for years with our mix of PCI (News - Alert) certified premises and cloud-based security offerings; it has been our vision to secure all of the internet interfaces of our customer's networks wherever they may be located. When we launched SD-WAN, this integrated security envelope was core to our differentiation strategy.” Says Mike Frane, VP of Product Management, SD-WAN, Windstream Enterprise (News - Alert).

SASE suggests the convergence of SD-WAN with cloud-based security applications, delivering security solutions directly from the cloud, and integrating SIEM (security information and event management) capabilities into its cloud-based SD-WAN platform.

Windstream has been promoting and offering called SD-WAN Concierge, touting benefits, including optimization of application performance, enhanced security, simplified network management, and a lower total cost of ownership (TCO).

With a forecast of Global IP traffic increasing threefold over the next five years, and new applications emerging every day, enterprise WANs are becoming increasingly complex to manage.

“With all the information and limited views that SD-WAN provides, it’s easy to get lost in the data swamp. We created the Windstream Enterprise Insights Engine to help our customers and support team navigate these waters,” explained Frane. “The Insights engine allows the user to quickly identify trends and events in their network to improve their operations. The insights are available at both the site and network levels to provide a differentiated view from the competition.”

As the demand for bandwidth doubles every 18 months, IT departments are struggling to deliver improved cloud-based application performance, while budgets are limiting the amount of bandwidth companies can afford, which is driving bandwidth optimization and prioritization solutions.

“The traditional network model isn’t readily adaptable to the new cloud application consumption paradigm. Enterprises will benefit from a highly-agile decentralized network strategy to fully take advantage of what’s next,” said Frane.

Frane explained “programmable networking” is the future, when the management applications provide adequate visibility and control, including sound routing policies, application optimization which improves paths for high quality, real-time transmission, the ability to set policy by application and even device and user, dynamic IPSEC for end-to-end encryption for data traversing public Internet, and attention to specific regulatory requirements protecting privacy and securing confidential information.

“Windstream’s managed service strategy was designed to allow enterprises to focus on the applications and programs that deliver true business value. Windstream Enterprise takes the fundamental blocking and tackling of running a network off the hands of enterprises allowing them to focus on what matters to their customers.”

Frane also stated scaling is becoming increasingly important to many enterprises and organizations. 

Last fall, Windstream’s entire portfolio of SD-WAN and Managed Network Security (MNS) services were certified PCI DSS compliant. “Network security continues to be the most important challenge and concern for enterprises of all sizes,” Frane said. “PCI DSS compliance strengthens SD-WAN and MNS and is an important differentiator as very few competing SD-WAN and MNS services in the marketplace are certified as such.”

Validating PCI compliance is an annual requirement for all organizations that process credit card payments. Customers are leveraging the Windstream Enterprise SD-WAN and Managed Network Security Attestation of Compliance (AOC) as part of their audit, reducing their burden both in terms of people's time and external costs as they work towards achieving or maintaining their compliance.

Windstream Enterprise also last year announced they had expanded their SD-WAN portfolio to also include Fortinet’s (News - Alert) Secure SD-WAN solution.

“Business customers are increasingly looking for the security that is native to their WAN,” said Frane last year. “The Fortinet SD-WAN technology is particularly attractive due to its security pedigree. It complements our offer, broadening its appeal to customers at all levels of the enterprise spectrum.”

“Windstream’s proven market leadership in the SD-WAN space is now complemented by Fortinet’s brand recognition and leadership in the security marketplace,” said John Maddison, executive vice president, products and solutions at Fortinet, as part of the companies’ joint announcement. “With a FortiGate option for Windstream Enterprise SD-WAN, customers have access to unparalleled security combined with leading WAN technology in a single offering.”


Arti Loftus is an experienced Information Technology specialist with a demonstrated history of working in the research, writing, and editing industry with many published articles under her belt.

Edited by Maurice Nagle