SD-WAN
Unified threat management
While SD-WAN has strong encryption built-in from the start,
this is designed to be at site level rather than on a per-user
basis. In basic terms, the firewall provides the capabilities to
keep threats away from the site, but it can’t provide more
advanced functionalities and policies that provide a granular
way of looking at how to secure devices and people in the
organisation.
This additional layer of security is provided through
Unified Threat Management (UTM). These devices, either
virtual or physical, are more comprehensive in how they’re
able to apply rules and security on traffic and policies down
to the user level. So, in order to enhance the base level of
security of SD-WAN, companies can route all traffic back
to a central point, where an advanced UTM firewall can
manage the security on a per-user basis. This could be via
a next-generation firewall service in the data centre or
alternatively, there are vendors who can provide a cloud-
based service where the traffic can be routed to and security
policies are then applied.
Rapid security development
The evolution of SD-WAN security technology continues
to advance rapidly in order to keep up with increasingly
sophisticated methods that cybercriminals are using.
Advancements are already becoming a reality with security
mechanisms such as advanced cryptographic cyphers. With
this technology, in order to hack into each SD-WAN appliance,
the hacker would need to get past a node key that applies
only to that site. To take this even further, rotating cyphers
can be added which changes the key every hour – meaning
that hacking into the system is almost impossible.
At the basic level, SD-WAN already has sophisticated
security features, but it must be used correctly to ensure
the appropriate level of security is matched to how the
organisation is structured. There are already a number of
options to enhance the security of SD-WAN further, the key
for vendors is to ensure that customers have all the facts
to hand that are applicable to their business set-up so that
the appropriate additional layers of security can be applied
where relevant. n
SECOM Networks Ltd
Specialised Electrical & Communications
Design and Cabling for the IT Industry
Secom Networks advise, design, install and project manager complete pre-terminated cabling
systems for DC’s and office new and refurbishment projects.
We specialise in rack building, server installation, advise on power and cable management, and
labelling. Labelling is often forgotten until you have to find something, therefore it is best to
label everything. We can build your rack on or off site fitted with power, electronic locks, and
cable management. We have the latest Fluke diagnostic and cable analysers, in house CAD,
Visio resource as well as 3D Printing resource.
We design and manufacture bracketry for all those awkward components that need to
be mounted somehow, somewhere. On completion of every Project you will receive a
comprehensive Operation and Maintenance manual, complete with cabling topologies.
• Rack tidy • Rack audits • Patching audits • Retrofit cable
management • First Aid trained engineers • Safe Contractor accredited
[email protected] • 0845 450 7494 • www.secomnetworksltd.co.uk
Designed, manufactured and supported by a UK company
www.networkseuropemagazine.com
43