The solution is to use internet connectivity to the cloud and web applications directly from the branch .
Thus , the SD-WAN solution needs to make these internet connections secure and reliable by creating encrypted tunnels between every site in the enterprise SD-WAN .
It can take advantage of SSL security provided by the SaaS application for traffic going from the branch to the application directly over the internet .
This makes the internet access more secure . With these encrypted links and a stateful firewall , an SD-WAN solution can prevent unauthorized outside traffic from entering the branch .
The SD-WAN components need to be secure and the solution must meet compliance mandates assume that all attacks can be prevented by protective controls . Currently there is not much visibility of branch user traffic . Visibility and security analytics are crucial for detecting attacks .
Last , but not least , the current security provisioning model for applications is largely manual and device-centric .
Broadband internet access needs to be secured
The internet is not very secure for enterprise WAN requirements . Hence cloud-based application traffic is often backhauled from the branch to HQ before being handed off to the internet . WAN bandwidth constraints at the branch and added latency from backhauling connections introduce delay and jitter , which affect application performance .
The components that make up the Nuage Networks SD-WAN 2.0 solution ( VNS – Virtualized Network Services ) end points , control plane and data plane are secure , including their internal control traffic .
End-point security is achieved by multifactor authentication ( MFA ) and security key management .
Control plane – PKI certificates and security keys are generated and used in various communications between the VNS components . •