News / Security /

Beef up your SD-WAN security with zero trust

While software-defined WANs offer encryption, authentication is harder to do over SD-WAN, particularly in our current WFH environment. Authentication relies on trust — which is why we need a zero trust approach to network security.

Share this article:

SD-WAN, security and zero trust

While the pandemic precipitated a move to cloud, those migrations are far from complete. And enterprises are now tasked with making decisions about their underlying network to support the hybrid workforce of the future.

IDC predicts by the end of this year, 80 per cent of enterprises will put mechanisms in place to shift to cloud-centric infrastructure and applications twice as fast as before the pandemic.

But the network is ultimately responsible for performance, security and the user experience. And, of course, IT managers are being tasked with supporting hybrid work — all while keeping costs down.

This could be one of the reasons why SD-WAN has attracted more attention over the past year. Software-defined WANs can support the rapid shift to cloud by delivering application prioritization, optimization and security. And while MPLS hasn’t disappeared — it tends to be deployed at the core of the network — SD-WAN uptake is happening near the edge of the network.

SD-WAN and the COVID effect

The annual WAN Manager Survey from TeleGeography, a global telecommunications market research and consulting firm, asked WAN managers how COVID has impacted their network.

At first, of course, everything came to a halt. “The pandemic slowed roll-outs for a time, but increased interest in adoption. SD-WAN frees WAN managers to select a broad mix of underlay technologies, and can also boost performance,” said Greg Bryan, senior manager of enterprise research at TeleGeography, in an article for

This increased interest has, clearly, resulted in increased adoption: 43 per cent of enterprises surveyed had installed SD-WAN in 2020, versus just 18 per cent in 2018. Two-fifths of respondents said they preferred a co-managed SD-WAN setup.

So what’s behind this growth? The two main drivers, according to TeleGeography, are the need for increased site capacity and for alternative access solutions. This shouldn’t come as a big surprise, since so many enterprises are now supporting a highly distributed workforce.

A need for new solutions

SD-WAN, security and zero trust

But it’s also caused a whole new slew of headaches for WAN managers, from dealing with the trials and tribulations of home broadband to the network security gaps caused by WFH. Cue SD-WAN.

Security is top of mind in this new hybrid world of work, where employees are working outside the traditional network perimeter. Over the past year, enterprises have been looking for ways to close those gaps in security — and it’s an issue that won’t go away as we transition to the world of hybrid work.

That’s where the network itself can play a role. Along with supporting branch offices, SD-WAN can also support a future hybrid workforce where some users work from home, some of the time. It’s not just about connecting those users to the network; SD-WAN can run natively in public cloud environments, providing optimized, secure connections.

“SD-WAN is exploding in popularity; my own research says that there are almost three times as many sites on SD-WANs today as there were a year ago. … Today, supporting small sites and even applications in the cloud is table stakes. Work-from-home, service telemetry, application prioritization, and even zero-trust security are now being added,” said Tom Nolle, president of CIMI Corp., a strategic consulting firm, in an article for NetworkWorld.

SD-WAN and zero trust

SD-WANs offer encryption, but another aspect of security is authentication. That’s harder to do over SD-WAN, particularly in our current WFH environment — because authentication relies on trust (that you are, indeed, who you say you are).

Which is why we need zero trust.

“Any virtual network offers a degree of intrinsic security, and some SD-WANs offer session-aware zero-trust security,” said Nolle. “Add intrinsic security with some intrinsic access-point prioritization and QoS classification, and you create something that’s hard to match without SD-WAN, and that might mean that SD-WAN could displace the SASE concept rather than fulfilling it.”

Read more:

The business benefits of SD-WAN for the future of work
Transforming the network: SD-WAN and SASE
Shifting gears: Enterprise IT priorities during COVID

Zero trust security can help to protect against both malicious and accidental security breaches at the edge of the network. Like the name suggests, a zero trust approach trusts no person and no application — and verifies everything. It’s also designed to provide network administrators with increased visibility, which is critical when so many employees are working from home or on public networks.

While enterprises were forced to quickly adapt to distributed work forces at the start of the pandemic, they will also be forced to adapt to the new world of hybrid work, which will include a mix of cloud, SD-WANs and, hopefully, zero trust.

Images: guvendemir/iStock; matejmo/iStock

Share this article:
Comments are closed.