Go Summarize

Securing SD-WAN: 5 Considerations

sd-wan#software defined wan#software defined networking#ztp#secure branch#sd-wan overview#versa#velocloud#viptella#fortinet#meraki#viptela#sdwan#ccna#security#cisco#what is sd-wan#what is sdwan#ccnp#ccie#comptia#security+#next gen firewall#Cisco Certifications#network chuck#overlay#certifications#palo alto#gartner#cybersecurity#firewall#utm#zero touch#mpls vs sd-wan#sdn#networking#riverbed#WAN edgeg#orchestrator#iwan#isr#silver peak#nuage#juniper#netscaler#cpe#vnf
11K views|4 years ago
💫 Short Summary

Organizations are adopting SD-WAN technology for cost savings and improved application performance, but choosing from a wide range of vendors and security offerings can be challenging. On-premise security is preferred over cloud-based solutions for additional services and increased performance. Offloading security inspection to the cloud can lead to higher costs and reduced benefits. Best practices involve identifying and categorizing applications based on security risks, maintaining business continuity for critical applications, and using CASB for greater visibility and policy enforcement for cloud applications. Strong encryption and VPN tunnels are crucial for data transport over the public internet.

✨ Highlights
📊 Transcript
Adoption of SD-WAN technology for cost savings, improved performance, and simplified management.
Integration of SD-WAN features into traditional networking and security products leading to a wide range of vendor options.
Security considerations for SD-WAN solutions include cloud-based, third-party integrators, and built-in security options.
On-premise security preferred over cloud-based solutions for additional services, lower bandwidth costs, and increased performance.
Proper cloud inspection requires forwarding branch internet traffic through GRE or IPSec tunnels to the cloud datacenter.
Importance of On-Premise Security in SD-WAN.
Offloading security to the cloud in SD-WAN can lead to higher costs and reduced benefits.
SD-WAN vendors offering security services on-premise or through service chaining provide better performance and cost-efficiency.
Cloud security services should only be used when on-premise security is not feasible.
Application routing best practices involve categorizing applications based on security risks and ensuring business continuity for critical applications.
Importance of layer 7 identification for risky applications.
Creating application groups for unwanted categories and blocking them before leaving the site is crucial.
Need to watch out for network leakage and manage interfaces to simplify administration.
Be cautious with SD-WAN rules to prevent unexpected security challenges.
Analyzing network requirements and ensuring flexibility in making individual interface decisions to avoid issues like internal users leaking private IP information.
Importance of strong encryption and VPN tunnels in using unsecure public internet for data transport into private resources.
Best practices for VPN usage include utilizing secure protocols like IPSec, avoiding weak encryption methods, and ensuring long pre-shared keys.
SDN provides remote offices with direct access to cloud applications without the need for expensive MPLS circuits.
Security challenges arise for organizations using sensitive data with cloud applications such as Salesforce and Office 365.
Benefits of using CASB in combination with SDN at the branch for greater visibility and policy enforcement for cloud applications.
CASB allows control down to the file level, preventing data downloads to unsanctioned devices and monitoring PII data movement.
CASB is crucial for security in the era of digital transformation, with a prediction that 60% of large enterprises will use CASB to govern cloud services by 2020.