为安全SD WAN铺平道路

Paving the Wayto Secure SD‑WAN Contents Superhighway or Traffic Jam? The Need for Secure SD‑WAN3Paving the Way to Secure SD‑WAN: 3 Steps to Success61. Traverse the Stack82. Roadblock the Risks113. Bridge the Lifecycle13Reach Your Destination as Planned with a Trusted Partner15 Superhighway or Traffic Jam?The Need for Secure SD‑WAN Service providers see Secure SD‑WAN as a high‑growthopportunity… if they can mitigate the complexityand rein in costs. No matter where an organization is on its digital transformation journey, itstechnology leaders are assessing SD‑WAN (software‑defined wide‑areanetworks). Whether already part of the strategy, or still under consideration,SD‑WAN has emerged as the predominant technology to access the multi‑cloud environment. By abstracting the service layer from infrastructure, SD‑WAN offersenterprises a more efficient and cost‑effective way to manage networks.Over the past decade, increasing numbers of organizations recognizedhow SD‑WAN enables MPLS bandwidths with less expensive Internetconnectivity. SD‑WAN’s policy‑based forwarding, application awarenessand centralized management have made it the on‑ramp of choice to thecloud for many enterprises. SD‑WAN has evolved from virtualizingcampus connectivity to becoming thepredominant cloud access service. Thiswas accelerated by the Covid pandemic,where the rapid shift to work fromhome (WFH) redefined networking in theprocess. The hybrid workforce – blendingon‑site, remote and WFH – along withnew cloud use cases have becomesecond nature, elevating the urgency andimportance of holistic security. PAVING THE WAY TO SECURE SD-WAN set of vendors and SD‑WAN solutionstargeting a variety of use cases. Establishednetwork equipment vendors have becomemajor players in the managed servicesmarket, developing their own offeringsand acquiring early movers. Each vendorhighlights distinct features, leading to acomplex and varied set of differentiatedcapabilities and proprietary SD‑WAN SD‑WAN enables centralized managementof WAN connections (underlays), SD‑WANoverlays, along with physical andvirtualized SD‑WAN endpoints. SD‑WANis also closely coupled with applications,necessitating that policies be tuned toachieve application requirements. controllers. Despite this specialization,vendors increasingly label their products as‘SD‑WAN’ (so‑called ‘SD‑WAN Washing’).Managed service providers (MSPs),managed security service providers(MSSPs), vendors, and end‑users are oftenleft scratching their heads, but a littleconfusion is better than getting left behind,and the industry has pressed ahead. Widespread enterprise adoption ofSD‑WAN has motivated a large and diverse FIGURE 1 The Evolution of Secure SD-WAN Migration of security functions from the data center to the multi‑cloud PAVING THE WAY TO SECURE SD-WAN SD‑WAN MSPs have a unique opportunityto deliver superior value to enterprises andachieve better margins than they havehistorically realized with legacy connectivityservices. But taming the complexity of SecureSD‑WAN can be a serious challenge forMSPs and MSSPs. To be successful, serviceproviders must rapidly and effectivelyintegrate specific SD‑WAN capabilities acrossvendors, while reducing both costs and rollouttimes. The post‑Covid migration from on‑premisefacilities to cloud‑centric ones has expandedthe complexity and threat surface, attractingmore sophisticated threats. This hasmotivated an entirely new cloud‑hostedpolicy‑based network security framework ofsecurity management known as Secure AccessSecure Edge (SASE) in conjunction with ZeroTrust (ZT). This critical evolution in networksecurity architecture is covered in greaterdetail in the next section. KEY TAKEAWAY The challenge for MSPs and MSSPs is thatenterprises are selecting different SD‑WANvendors and tailored services dependingon business needs, creating unwieldycomplexity. Managed service providers needa trusted and neutral partner for validatingthat secure SD‑WAN managed services areperforming and behaving as expected. Initially, enterprises assumed responsibilityfor their SD‑WAN solutions (the “Do ItYourself” or “DIY” approaach). But moreand more organizations recognized thecompelling benefits of delegating theirSD‑WAN networks to MSPs and MSSPs. Thistrend has accelerated as enterprises migrateapplications and data to the cloud, andsince 2019, SD‑WAN managed services haverepresented the predominant deploymentmodel. Standardization instills order, for both vendorsand operators, and helps the industry makemuch‑needed strides towards multi‑vendorSecure SD‑WAN and widespread adoption.A MEF certification is the industry’s seal ofconfidence, and leading service providers andvendors are relying on it in growing numbers.As the industry embraces MEF certification, acoherent SD‑WAN ecosystem is emerging. Paving the Way to SecureSD‑WAN: 3 Steps to Success A strategy for managingSecure SD‑WAN complexity mustbe built around industry standardsand innovative best practices fromsucc