Overcoming the Limitations of VPN with SD-WAN
Ensure Application Performance and Security at the Edge
August 19, 2019

Michelle Arney
Cybera

Share this

Public or private, commercial or nonprofit, digital transformation has become today's paradigm for organizations seeking to improve business processes, control costs, and gain or maintain competitive advantage. Unfortunately for most, they are hampered with legacy infrastructures that were simply not intended or designed for today's compute reality, and are incapable of delivering the performance, agility and security necessary to realize the promise of true digital transformation.

One common infrastructure challenge arises with virtual private networks (VPNs). VPNs have long been relied upon to deliver the network connectivity and security enterprises required at a price they could afford. Organizations still routinely turn to them to provide internal and trusted third-parties with "secure" remote access to isolated networks. However, with the rise in mobile, IoT, multi- and hybrid-cloud, as well as edge computing, traditional enterprise perimeters are extending and becoming blurred. And, today's VPNs are actually introducing the security and compliance risks that they were originally employed to prevent.

Today's Inherent VPN Issues

Reliance on VPNs presents enterprises with a number of fundamental problems in today's digital business environment, such as management complexity. Enterprises oftentimes find themselves with multiple disparate VPN connections to accommodate the networking technology of each third party. This can become not only an administrative nightmare, but also opens up the opportunity for "lateral movement attacks" as it dramatically expands the network surface area that is exposed and vulnerable since each external user has now essentially been granted access to a "slice of the network."

Today's VPNs are also rigid and require labor-intensive management to support dynamic network conditions, especially when it comes to remote locations. For example, adjusting to changing network requirements, the addition of new applications, or responding to emerging security situations must be done quickly and continuously to ensure business continuity. Legacy networks are often too bulky to adapt to shifting circumstances in a well-timed manner.

Compounding the problems, traditional security approaches are falling short of the requirements of today's highly distributed enterprises. For example, multiple touch points for manual security configurations leave networks prone to misconfigurations or inconsistent configurations — exposing them to security risks. Moreover, then there is the rising cost factor. The capital expenditure for various point-product hardware, public IP addresses, and software continues to escalate, as do the costs of qualified IT professionals to support remote locations.

With such significant challenges presented by traditional VPNs, it is clear that distributed enterprises need a modern approach to modernize network connectivity, and support their digital transformation strategies. A software-defined wide area network (SD-WAN) presents an ideal alternative. One that is quickly being adopted by today's forward looking organizations.

Enter the SD-WAN

SD-WAN is a software-based technology for connecting remote locations to distributed enterprise networks. SD-WANs operate as a network overlay, enabling remote sites to consolidate multiple network functions and applications across low-cost broadband connections.

Because they are software-based, SD-WANs decrease the number of network devices and connections needed at each site, dramatically decreasing network complexity and costs — particularly at the network edge. Here, agility is key, as enterprises can remotely customize and reconfigure SD-WANs to support rapidly changing requirements and deploy system updates.

In particular, secure SD-WAN solutions significantly simplify enterprise networks and dramatically reduce both the capital and operating expenses (CapEx and OpEx) associated with managing enterprise WANs. SD-WANs also simply extend the multi-layer security defenses used in data centers to remote locations. Most importantly, they are able to segment various types of applications into their own dedicated logical networks, preventing them from interacting with other application traffic on the network. For example, mission-critical applications (such as payment processing) can safely coexist with public applications (such as Guest Wi-Fi) on a single network.

By virtualizing the network so that all network intelligence is managed in the software, enterprises can concurrently establish remote locations and keep them in sync using centralized cloud-based policy administration that is inherent in SD-WAN connectivity models. This modern cloud-based approach further reduces cost and complexity while increasing overall network flexibility.

Easy Street to Digital Transformation, and Application Security and Performance at the Edge

Any enterprise that would like to get started with an SD-WAN deployment should create a data connectivity and security program for their remote locations. To ensure a holistic approach, engaging stakeholders to is critical. A pilot installation can rapidly demonstrate the practical benefits of a secure SD-WAN solution. A wider, incremental roll-out on a site-by-site basis can then help to ensure a seamless deployment with virtually zero interruption in service.

The need to address legacy technology is an inescapable reality in today's dynamic IT and business environment. For most, connectivity architectures are at the top of the list. While an ideal and smart choice at the time of deployment, most VPNs have outlived their usefulness and now pose a security risk and put a damper on productivity.

The challenge for any organization on a digital transformation journey is that from infrastructure to applications to processes, every element is so very crucial. Consequently, dependence on a legacy network when for example you are deploying an innovative new application, can quickly derail your efforts. Only a modern approach to connectivity — such as a cloud-based SD-WAN solution — ensures a clear road to continued business success from the data center to the network edge and beyond.

Michelle Arney is Head of Product at Cybera
Share this

The Latest

October 05, 2022

IT operations is a metrics-driven function and teams should keep score as a core practice. Services and sub-services break, alerts of varying quality come in, incidents are created, and services get fixed. Analytics can help IT teams improve these operations ...

October 04, 2022

Big Data makes it possible to bring data from all the monitoring and reporting tools together, both for more effective analysis and a simplified single-pane view for the user. IT teams gain a holistic picture of system performance. Doing this makes sense because the system's components interact, and issues in one area affect another ...

October 03, 2022

IT engineers and executives are responsible for system reliability and availability. The volume of data can make it hard to be proactive and fix issues quickly. With over a decade of experience in the field, I know the importance of IT operations analytics and how it can help identify incidents and enable agile responses ...

September 30, 2022

For businesses with vast and distributed computing infrastructures, one of the main objectives of IT and network operations is to locate the cause of a service condition that is having an impact. The more human resources are put into the task of gathering, processing, and finally visual monitoring the massive volumes of event and log data that serve as the main source of symptomatic indications for emerging crises, the closer the service is to the company's source of revenue ...

September 29, 2022

Our digital economy is intolerant of downtime. But consumers haven't just come to expect always-on digital apps and services. They also expect continuous innovation, new functionality and lightening fast response times. Organizations have taken note, investing heavily in teams and tools that supposedly increase uptime and free resources for innovation. But leaders have not realized this "throw money at the problem" approach to monitoring is burning through resources without much improvement in availability outcomes ...