Apart from having a cascading effect on each other, what’s common between Covid-19, enterprise network usage, and cyber threats? There is probably a lot of buzz surrounding all three of them, and none of it is pretty.
As millions of knowledge, workers walk away from ‘robustly well-connected’ business districts to their homes in more rural and suburban locations, the endless hours of videoconferencing, online learning, and streaming are straining the ISP infrastructure the hilt.
While employers and employees are somehow “making it work,” the new Covid-19 world order creates an urgent need for a network upgrade – one that is not solely designed around a centrally hosted user base and provides better WAN security.
SD-WAN is inevitable and the COVID-19 crisis shows Why
As homes became synonymous with virtual branch offices, SD-WAN quickly emerged as IT’s saving grace, extending enterprise resources to remote workers with negligible performance degradation and almost zero availability/connectivity challenges.
From making application-aware, policy-based network link selections through real-time performance monitoring of the transport fabric to optimizing the available bandwidth by giving higher priority to business traffic, SD-WAN emerged as the true savior for both — the remote workers and back offices.
SD-WAN Security risks to watch out for
18 Million. That is the number of COVID-19 related malware and phishing emails Google reported in a week. As enterprises have geared up to deal with the health crisis at hand and the focus on cybersecurity momentarily shifts, cyber-pirates seem to be having a Black Friday gold rush. The healthcare industry saw a meteoric 150% increase in cyberattacks, while phishing attacks increased by 667% since February.
Since the onus of security lands upon the network to a large extent, what are some red flags around SD WAN security that enterprises should be looking out for?
- Scrimping on Public Links
SD-WAN lets enterprises work with the public internet, and to a great extent, replace their expensive MPLS infrastructure with less expensive internet connections. The feature is especially enticing for businesses who do not wish to invest heavily in a network infrastructure. Though it is a more pocket-friendly option, it poses a higher level of exposure to malware and hackers than private networks such as MPLS.
Even though the traffic backhauling by private networks such as MPLS is a bane for application performance, somewhere in the process, they ensure security filtering and policy enforcement, which beefs up the WAN security.
While routing through the local internet breakout (an access point to the internet located in close proximity to the user) enables a fast user experience, allowing branch offices to connect without backhauling the traffic to the central data center, it is a sweet spot for WAN security breaches. That’s precisely why enterprises need to secure the internet breakout link and the security around the branch offices when contemplating to ride on the public internet.
- Inconsistent policies
The disparate appliance ecosystem often fosters a siloed approach to security for global organizations. Most of them are trying to secure a distributed network with tools that lack both efficiency and efficacy.
The result is a catalog full of security tools for different parts of the network, or security measures that mostly sit at the gateway. This inconsistent rollout weakens the overall security posture, putting them in the crosshairs of potential attackers.
What’s required is a single security platform that plugs seamlessly into the network infrastructure and enables consistent end-to-end enforcement of policies irrespective of where the security solutions have been deployed.
- Lack of real-time application traffic flow visibility
You cannot fly blind in the clouds, not in the ones above nor into the ones where your applications sit. When thousands of users operate across hundreds of sites that run SaaS applications hosted in all sorts of public and private clouds, a vigilant pair of eyes is required everywhere.
You need to know everything about end-to-end traffic patterns – traffic type & rates, bandwidth consumption, packet loss, lossy links, and everything else on the menu – to have a clear vantage point into configuration management and capacity consumption. More so, to address the trends developing across the network and thwart threats before they occur.
How Aryaka Does It
Aryaka is an SD-WAN company that firmly subscribes to the Open Security Solution posture. We believe in providing the enterprise with the power of choice.
A single security solution will barely suffice all enterprise’s needs from reasons spanning between architectural concerns down to regulatory needs. Several industry analysts also swear by the need for a multi-layered approach to security.
So how do we do it?
First, there is the foundational aspect of SD-WAN security. In the branch, you need a basic stateful firewall and a policy-based segmentation. We integrate both functions into our branch device, the ANAP (Aryaka Network Access Point).
Second, Aryaka partners with cloud security leaders like Checkpoint, Zscaler, Palo Alto Networks, Symantec, and others to deliver choice and easy integration. In a nutshell, Aryaka’s open approach to multi-layered SD-WAN security delivers on the option that enterprises prefer, and which emerging Zero Trust security postures require as a foundational enabler.