YOU ARE AT:OpinionHow secure SD-WAN enables the promise of 5G (Reader Forum)

How secure SD-WAN enables the promise of 5G (Reader Forum)

 

The journey to full-scale 5G coverage is a gradual process, especially as many devices currently do not support 5G and the majority of business applications today don’t require 5G-level performance. This leaves MPLS, DSL, 3G, 4G, LTE and 5G all as viable options when it comes to connectivity, at least in the near-term, but makes managing and securing network connections even more complex. Organizations must not only provide the right kind of connection to a specific device using a certain application, but they must also recognize when connectivity requirements change or if a connection starts to break down. Additionally, they must be able to make quick connectivity changes without impacting performance or causing interruptions.

This requires smart networks that can take into account decisions being made at the network/connectivity level, that can evaluate the performance capabilities of end-users, the edge, or IoT devices, and that understand an application’s performance requirements. It then needs to not only be able to map these requirements to the best possible connection, and then change connections when needed, but also maintain security as an integrated part of this process to ensure everything is adjusted simultaneously and sensitive traffic is always protected.

Few have been able to solve this complicated issue. And adding 5G to the list of available options is not as simple as just having another choice for connectivity. Instead, adding more options to a system built on multiple moving parts can exponentially aggravate the challenge of selecting, monitoring and managing connections – ultimately outstripping the capacity and management capabilities of typical edge-based routers.

How SD-WAN Points to 5G

As carriers begin their move to 5G, SD-WAN will emerge as a key technology. As well as already being designed to support and manage 5G connections, SD-WAN solutions can automatically determine the requirements needed to establish the appropriate connection for any given application or service. Regardless of the number of users making connections to different services, SD-WAN solutions can provide the flexibility needed to establish and change connections based on bandwidth requirements, cost and connection quality.

Beyond the Security Status Quo

However, SD-WAN is not a perfect solution. When switching from a WAN router to a standard SD-WAN solution, organizations lose the protections associated with traffic backhauled through the data center. While most SD-WAN solutions provide some very basic tools to replace the full stack of enterprise-class security, such as a VPN and a stripped-down firewall, they are simply not good enough.

Modern organizations and their applications have high connectivity and bandwidth requirements. They need a Secure SD-WAN solution delivered via a next-generation firewall in order to be able to effectively manage and secure continually changing environments in real time. Otherwise, security will be left struggling to keep up as connection and application requirements change, resulting in security gaps.

Greater Complexity, Purpose-Built Performance

SD-WAN’s complexities only increase when 5G is introduced. To keep up with 5G speeds and avoid security becoming a critical bottleneck when performing essential tasks, security will need to function faster than ever. In fact, faster than most purpose-built security products available today. And as the volume of encrypted traffic rises – which currently makes up more than 70% of network traffic – so does the adoption rate of TLS 1.3, the faster and more secure successor to SSL. Considering these changes, ensuring that security can support 5G speeds without interrupting business-critical communication is essential.

That’s not so easy. Inspecting encrypted traffic takes a heavy toll on next-generation firewall (NGFW) performance – so much so that many vendors refuse to even publish their performance numbers. Which means that actively inspecting the ever-increasing volume of encrypted traffic – especially when using TLS 1.3 to secure 5G connections – will have an increasingly negative impact on both the firewall and SD-WAN connectivity, ultimately threatening one of the primary reasons why 5G was initially adopted.

Consequently, organizations must implement a purpose-built secure SD-WAN solution designed from the ground up for performance. Security must also be seamlessly integrated with the networking side of SD-WAN to ensure that when a connection needs to be changed, both pieces respond as a single, consolidated system. Additionally, a unified management interface will ensure that any changes within the SD-WAN environment will be visible and easily managed through a single pane of glass. So, with advanced functionality on their side, organizations can avoid risks as they journey to full-fledged 5G capability.

 

About the author

With more than a decade of experience in the cybersecurity space, Satish Madiraju leads innovative enterprise security and WAN Edge solutions at Fortinet, addressing advanced threats and digital transformation challenges for global enterprise customers. Prior to Fortinet, he held strategic product management roles launching successful products and solutions at Cisco and engineering roles at security companies including IronPort and Infoblox.

 

 

 

 

ABOUT AUTHOR

Reader Forum
Reader Forumhttps://www.rcrwireless.com
Submit Reader Forum articles to engageRCR@rcrwireless.com. Articles submitted to RCR Wireless News become property of RCR Wireless News and will be subject to editorial review and copy edit. Posting of submitted Reader Forum articles shall be at RCR Wireless News sole discretion.