Partner Opportunity: Securing Customers' SD-WAN Deployments
You can help secure your customers' SD-WANs and become their partner for life.
January 3, 2020
By Jon Bove, Vice President of Americas Channels, Fortinet
Digital transformation is on the agendas of businesses everywhere, including your customers. But as they progress along their digitization journeys and the scope of change continues to expand, their digital ecosystem becomes increasingly complex.
This poses challenges that many business leaders may not have foreseen when first embarking on the road to modernization. For remote offices and retail locations, transformation complexities range from deploying, managing and securing new hardware and provisioning new Internet of Things devices to bandwidth management and optimization across their wide area network (WAN), especially for new web applications and latency-sensitive services.
Why Customers Are Adopting SD-WAN
Business needs have changed dramatically over the last five years. IT leaders are facing intense pressure as a result of the vast changes taking place under their feet – from the exploding adoption of software as a service (SaaS) and multicloud environments, to the need to create complex connectivity and interoperability across and between all WAN edge locations, and the necessity for in-depth security measures that can span, scale, and adapt to these dramatic and continuous changes.
Distributed organizations feel the heat even more intensely. For them, especially as their remote workforce expands, cloud-based applications are now considered business-critical. New top-level strategic initiatives increasingly call for more collaboration, transparency, visibility and customer engagement through digital networks.
However, even as IT leaders face pressure from above to support these business goals, their plates are already full as they work to implement and secure the massive shift of what networking even looks like in today’s marketplace given the impact of digital transformation. With all of this play, the job of effective WAN management is something that’s increasingly out of reach.
Their problem: the tools your customers have previously relied upon for the operation and management of their WAN connections are no longer sufficient. As they grow and modernize, they’re finding that their traditional WAN infrastructures are failing in several different ways:
Latency: Branch offices that rely upon SaaS applications can experience latency under the constraints of traditional WAN connections. This can cause the performance of real-time transactions like voice over IP (VoIP) and video to suffer, especially as interconnectivity between different branch offices becomes increasingly essential.
Performance: For organizations that rely on e-commerce or otherwise provide services in real time, customers demand a seamless experience for their digital transactions. Traditional WAN cannot always keep up as traffic is backhauled back to the central hub for processing and redirection, causing significant bottlenecks as traffic volumes continue to increase.
Connectivity: Unified communications and rich media services, both of which are essential to branch locations, are hindered by connectivity issues that cap performance. As a result, branch locations lose out – especially as they increasingly rely heavily on unified communications as a service (UCaaS). As a result, collaboration suffers, productivity levels can dip and overall efficiency goals are harder to meet.
Reliability: As complexity grows, network connectivity can suffer under traditional WAN connections that lack path awareness intelligence.
Cost: Costs are rising as traditional broadband options become limited.
Resource management: Configuration is virtually unmanageable as the number of dashboard interfaces increases with network growth and the proliferation of tools and devices from multiple vendors. As a result, IT management costs rise while visibility is diminished.
Complexity: Distributed networks are inherently more complex, which reduces visibility into which data is being used and by whom. This lack of visibility into data use hinders breach detection and prevention tactics, making your customers’ networks more susceptible to attacks.
Risks of Adopting SD-WAN Without Security in Mind
With these challenges becoming commonplace across your customers’ networks, many are …
… looking at deploying SD-WAN to enable more consistent performance across locations.
However, even as SD-WAN deployments enable mobile workforces with modern networking capabilities, they can also create risk for your customers. With a complex, distributed network structure in place, your customers are dealing with reduced visibility, weaker policy management and local access to the network, the internet and cloud-based services from branch locations, making next-generation security controls imperative.
For most leaders, the risks of pursuing digitization without simultaneously considering security are well-known in today’s breach-aware business environment. Since 2014, the average financial cost of a data breach has risen to $3.92 million. That’s a 12% increase in just five years. And the most effective way to address that challenge is to approach every new project with a security-first perspective.
Since not all SD-WAN tools are created equal, your customers don’t want to deal with the complexities of integrating a proactive and adaptable security solution after the fact. Instead, they must consider security as an integral part of the process in choosing how to upgrade to SD-WAN.
When your customers are evaluating the security of SD-WAN solutions, they must be aware of these potential challenges:
Loss of visibility: Encrypted traffic is often a privacy best practice, but it can come at the cost of performance and visibility as it takes longer to inspect encrypted traffic, while some policies don’t call for inspecting encrypted traffic at all based on a mistaken assumption of security.
Increased attack surface: With every local branch that’s added to the WAN edge, there’s a bump in the size of the potential attack surface of the organization, offering cybercriminals another entryway to probe for weaknesses.
Multicloud environments. Your customers increasingly require direct cloud access to run their SaaS and unified communications (UC) activities. These applications are often hosted on multiple clouds, each with different security standards. To minimize the risk presented by multicloud environments, your customers must ensure their SD-WAN infrastructure is augmented with multicloud controls that can natively speak the language of every cloud platform being used.
Complex policy management: SD-WAN solutions without a centralized management console can create challenges in maintaining security policies and responding to alerts. Even more daunting, most security solutions are designed to protect predictable infrastructures. Given the dynamic nature of today’s complex and highly elastic networks, security added after the fact cannot be expected to adapt to minute-by-minute changes in the infrastructures it needs to defend. Instead, policies need to be tied directly to automated network management systems to seamlessly adapt in real time to every change. And that requires a security system designed specifically for such functions so it can be implemented as part of a fully integrated strategy on day one of any project.
Partner Opportunity: Ensuring Your Customers Have SD-WAN with In-Depth Security
Partners can help their customers with important business goals by …
… offering a secure SD-WAN solution that best supports their performance needs, including offering application identification and steering as well as application prioritizations.
As digitization goals rise to the top of the corporate agenda, awareness of security considerations will follow. A secure SD-WAN anticipates this need by providing best-in-class security combined with advanced networking functionality right out of the box – and without ever sacrificing performance.
Your customers are increasingly updating their network infrastructure, moving away from traditional WANs to ensure the high level of performance, access to resources and broad interconnectivity required of digital business. However, not all SD-WAN solutions are crafted with security in mind. What is really needed is a solution that can address connectivity, performance and protection in a single, integrated solution. Being able to provide this as their partner will put you at the advantage.
Jon Bove is the vice president of Americas channels at Fortinet. In this capacity, Bove and his team are responsible for strategizing, promoting and driving the channel sales strategy for partners in the United States as the company seeks to help them build successful security practices. A 17-year veteran of the technology industry, Bove has held progressively responsible sales, sales-leadership and channel-leadership positions. During his time at Fortinet, he has been responsible for establishing Fortinet’s national partner program and aligning Fortinet’s regional partner strategy to allow partners to develop Fortinet security practices with the tools and programs to successfully grow their businesses. Follow @Fortinet on Twitter or Bove on LinkedIn.
Read more about:
AgentsYou May Also Like