If your enterprise hasn’t seriously considered SD-WAN or secure access service edge (SASE), you might be missing critical capabilities to survive COVID-19 and beyond, as Zeus Kerravala, principal analyst of ZK Research, pointed out during his Enterprise Connect Digital Conference & Expo session, which can be viewed
on demand here. Simply put, traditional hub-and-spoke WANs are inadequate for the cloud era and can be a barrier to advancing business goals, according to Kerravala.
That’s to say, the traditional WAN was meant to support a client-server model in which branch office employees accessed applications sitting in a corporate data center. That hub-and-spoke architecture is outdated now that users are getting their application access from the cloud, not the corporate data center. And, that they can do so from anywhere — as we’ve learned well during this crisis —effectively makes every user a mini branch office, Kerravala said. Traditional WAN architecture generally doesn’t account for remote access — or the proliferation of Internet of Things devices — which makes them less and less useful. With SD-WAN, users can directly access cloud applications via a broadband connection, whereas traditional WANs required users to connect first with an MPLS before accessing the enterprise's data center.
Not only does SD-WAN optimize performance for remote workers, it minimizes the manual work required for WAN management — which means fewer network errors and less downtime, Kerravala noted. Because SD-WAN separates the software and control elements from hardware, IT can manage policies from a centralized place either via an on-prem controller or cloud service, he said. Since the software and hardware are separate, IT can make one change for automated rollout to all applicable devices, in some cases cutting the installation time from months to hours, he added.
And SD-WAN is just the start of WAN optimization, with SASE being
the next evolution, Kerravala said. Unlike traditional networks, SASE integrates security into the network itself, instead of overlaying a network with firewalls and security products, he explained.
This has a clear benefit in work-from-home (WFH) environments. For example, a WFH employee using a VPN to access cloud applications can expose the enterprise if that cloud application has been breached, Kerravala said. While VPNs provide a secure tunnel into the WAN, without other security services, malware can still travel across encrypted traffic. Kerravala joked that the solution comes down to two things: installing a bulky security hardware device in every WFH worker’s house or using SASE. With SASE, users gain the full benefits of the enterprises’ cloud security services.
And Kerravala stressed that while SD-WAN (or
SASE) might have been a “nice to have” pre-pandemic, it is more essential now. WANs are no longer just a tactical resource (the plumbing that makes communications and collaboration possible); with digital transformation, they’re a strategic asset for supporting and growing the business, Kerravala said. For many enterprises, the network is the business, and without it, a business can’t function, Kerravala pointed out. And like so many things in IT, “So goes the network, so goes the business.”
