Seamless, secure digital transformation and cloud migration

With SD-WAN (Software Defined Wide Area Network) and SASE (Secure Access Service Edge)

Damian Murray, co-founder and sales director, Iricent. Picture: Fergal Phillips

Moving to a SASE model both requires and enables a zero-trust approach to network security.

Almost every modern distributed organisation embarking on a digital transformation and cloud migration strategy is finding it necessary to modernise the Wide Area Network. With the ongoing return to work and widespread adoption of hybrid working practices, coupled with the adoption of multiple cloud platforms, companies are finding that existing network infrastructure is no longer adequate, either in terms of its ability to support the various traffic demands or in its ability to provide adequate security given the explosion of endpoints.

With multiple clouds, remote workers, headquarters and branch offices, the attack surface has been increasing. Secure SD-WAN addresses these challenges by providing scalable, resilient connections between remote users, branches, the data centre and multiple public clouds enabling a fast, secure and low latency infrastructure with:

• Integrated networking and security

• Seamless integration with public clouds (AWS, Azure, Google, etc)

• Centralised monitoring and visibility of all application, user and device traffic

• Simplified operations allowing policies to be applied centrally and consistently in accordance with business needs

For successful WAN transformation, organisations need an approach that integrates sophisticated networking and security capabilities in a single secure SD-WAN solution. A unified platform for security and SD-WAN can ensure consistent protection and simplify network infrastructure, while enabling granular policy-based controls based on a zero-trust access approach.

To protect modern WAN environments, advanced security needs to be embedded into each SD-WAN device. This allows home users, branch office users and the data centre to use a common set of security policies and enforcement criteria. Networking and security functions become so tightly integrated that they can operate as a single unified solution under dynamic conditions.

A secure SD-WAN solution enables organisations gain visibility into network and application performance (both real-time and historical). A single management console for both networking and security with rich SD-WAN analytics can help organisations fine-tune business and security policies to improve quality of experience for all users.

An effective secure SD-WAN solution should also do more than just address the problems of the moment. It should also anticipate the networking and security needs of the near future as well, to provide flexibility, ensure consistency and reduce total cost of ownership (TCO) over time.

There are three specific capabilities that a secure SD-WAN solution should support:

Software-defined branch (SD-Branch)

With enterprise branches directly accessing internet connections via SD-WAN, next-generation security and multi-path WAN is required to improve application performance. Expanding on the capabilities of SD-WAN, secure SD-Branch capabilities offer protection for both wired and wireless connections, access controls and the ability to see and monitor all devices connected to the branch network.

Zero-trust network access (ZTNA)

Organisations need predictable application performance across locations and an effective security posture. Today’s “work-from-anywhere” paradigm requires explicit application access per user. Built-in ZTNA controls enhance both security and user experience by reducing risks while simplifying access, both off and on network.

Secure access service edge (SASE)

Organisations of all sizes are increasingly adopting different cloud-based services, migrating existing applications to the cloud and developing new cloud-native applications. A SASE architecture combines SD-WAN with ZTNA and other services and functions to build a cloud-aware and cloud-based secure network. This framework enables cloud-delivered security and unified management.

Partnering with leading global cybersecurity vendor Fortinet, Iricent’s Secure SD-WAN solutions provide a platform that includes future-proofing features so that organisations can implement advanced architectural enhancements (eg SD-Branch, ZTNA, SASE) at their own pace.

For more details contact: info@iricent.com