Business & Technology

How Your Approach to SD-WAN Can Impact Your Network Security

By Abel Aberra | May 11, 2018

Fortinet featured our latest SD-WAN solution at this year’s Big Communications Event in Austin.

Light Reading's flagship Big Communications Event was held in Austin, Texas May 14-16, and Fortinet was a Gold sponsor for this year’s event. The conference, hosted by Heavy Reading's team of analysts, covered the industry's most pressing topics, and Fortinet featured our latest SD-WAN solution.

Because the cloud is growing in importance as a critical source for infrastructure, services, and applications, it is driving changes in traditional traffic patterns. As a result, organizations of all types are flocking to SD-WAN because it is well suited to addressing the emerging need for a cost-effective connectivity solution that supports evolving IT models and business priorities. With its use of commodity bandwidth and software defined functionality, a well-architected SD-WAN solution provides easy to provision, scalable connectivity that offers performance and control at a significantly lower cost than traditional transport options. So, it’s not surprising that according to a recent article based on a study by IHS Markit, nearly three-quarters of respondent companies were contemplating deploying an SD-WAN solution.

For Service Providers, SD-WAN represents a growth opportunity that cannot be ignored. With customers increasingly expecting SD-WAN as a connectivity option, most if not all major providers have added the offering to their portfolios. Some segments, particularly SMB and distributed enterprises are being aggressively targeted by the MSOs, creating a very competitive environment as well as a range of options for potential customers.

Despite its dynamism, the SD-WAN market is still at an early stage of development with a significant number of players and a lot of opinions on which implementation options are best. How the market will eventually evolve is still open to debate, but there are a number of factors that may influence its evolution. These include growth in demand for the service as well as service alternatives, the rate of market acceptance, preferred procurement sources, and integrated security that not only protects data in motion, but seamlessly integrates with the larger network security architecture

As a leading security organization, Fortinet has developed a well-established position on securing SD-WAN environments. We recognize four key architectural options for SD-WAN security:

1.     SD-WAN with embedded firewall

2.     Firewall with embedded SD-WAN

3.     SD-WAN with 3rd party NG Firewall

4.     SD-WAN with Cloud-Based Security

The option preferred by a customer may vary with their specific need and use case. However, our experience shows that there is a growing demand for what we call Secure SD-WAN, which is best exemplified by Option 2, above. In this scenario, robust SD-WAN functionality is integrated into a key element of today’s network architecture – the firewall – in order to accelerate the application of security inspection and protection as critical data moves from one remote location to the next.

Why does this matter? There are a number of fundamental security reasons why this approach provides the best possible option for a successful SD-WAN implementation. Among them is the simple fact that effective and full-featured security is increasingly recognized as an essential element of an SD-WAN network. Some industry observers have even gone so far as to predict that SD-WAN will eventually simply become a feature of the network, as opposed to a separate standalone element within a network.

In this context, adding SD-WAN features and functionality to an existing network element makes sense. Adding this service to an NGFW solution that already manages remote VPN connectivity, as well as being able to dynamically apply appropriate levels of security protection and inspection, is even better as it establishes and maintains high levels of visibility and control for data and applications passing through the SD-WAN environment. From a service provider point of view, this approach provides additional benefits because there are no additional management consoles or administrative complexities added to the environment being deployed and managed. As Service Providers and customers seek options for minimizing the complexity and cost of running their networks – which is a key driver for SD-WAN – the consolidation of management, policy orchestration, and security is a key consideration.

Fortinet’s approach to Secure SD-WAN is unique, and was well received by participants and attendees at this year’s Big Communications Event. In addition to featuring our latest SD-WAN solution in the Exhibition Hall, Abel Aberra, Fortinet’s Director of Advanced Carrier Technologies, also spoke in a well attended panel entitled “SD-WAN and the State of Software-Defined Security.” If you missed this year’s event, we invite you to take a look at what some are calling the most effective approach to deploying a Secure SD-WAN solution in the industry. You can start here and here.    


Read this eBook to find out how Fortinet's SD-WAN solution delivers critical capabilities such as:

  • Broad application visibility and classification
  • Effortless WAN efficiency for improved application SLA
  • Complete threat protection with integrated NGFW
  • Lower TCO and resource needs