SD-WAN Security: a New Era of Flexibility and Individual Networks

Irek Bagautdinov

Irek Bagautdinov

Head of Cybersecurity at Andersen

IT Security
Aug 1, 2022
9 minutes to read
  1. What SD-WAN is
  2. The essence of SD-WAN
  3. Opportunities provided by SD-WAN
  4. SD-WAN security: features and privileges
  5. Conclusion

Today, businesses use cloud services for many procedures - from telephony and accounting to building management. Gartner predicts that by 2021, more than half of the world's companies will have fully migrated to the cloud. According to Cisco AIR, by 2023, the number of Internet users will have grown to 5.3 billion (66% of the population), and the number of connected devices - to 29.3 billion. In such conditions, IT security services for networks come to the fore. We will tell you what the innovative scalable solution SD-WAN is and whether the new technology is able to cope with the set tasks.

What SD-WAN is

In the recent past, the only practice that allowed for the efficient work of users with applications was the deployment of costly MPLS services. The spread of cloud computing has led to the emergence of software-defined technologies. In these technologies, services are separated from underlying hardware and function as a virtual service or system. The SD-WAN technology is one of such solutions.

SD WAN in action

SD-WAN (software-defined networking in a wide area network) is a technology or software that helps to efficiently route traffic based on such factors as priority policy and quality of service (QoS) settings.

SD-WAN allows companies to use any combination of transport services, including MPLS (a protocol for accelerating and forming network traffic flows by data priority), LTE (a standard for wireless high-speed data transmission), broadband Internet access, cellular network, and a satellite for secure use of applications.

What's the main difference between the new technology and the already established router-based WAN structure? The SD-WAN solution is designed to fully support and deliver software hosted in data processing centers (DPCs), public or private clouds, and SaaS platforms (, Workday, Office 365, and Dropbox).

With the help of SD-WAN, centralized management of secure and efficient routing of traffic through the broadband network is carried out. This increases software performance and improves the quality of interaction with the user. Thus, the new solution increases the productivity and flexibility of a business and reduces its IT costs.

SD WAN Architecture

The essence of SD-WAN

A typical telecommunications infrastructure of an organization is built as follows. There is a head office and branches that require creating a common information space without losing the quality and reliability of data transmission. The company buys a communication link from a telecommunication provider, the cost of which exceeds the price of a regular Internet connection. Next, the customer needs to create their own telecommunications network that includes routers, network devices, and firewalls, and then configure it.

However, if a company plans to open a branch in an area that is not served by the telecom operator, there may be problems. For example, the launch of a new office will be delayed or costly. In such situations, the connection problem can be solved in non-standard ways: by laying optical fiber at best and by using an LTE modem at worst.

These difficulties can be eliminated far more easily - by using the SD-WAN technology. Special software is installed on the controller of the head office’s DPC, which establishes and controls the operation of the software-defined WAN. Less “smart” low-cost switches in the branches connect to the host computer's controller.

Thus, there is no need to send a specialist to a newly-opened branch - any employee can cope with the task. Send a router, insert a SIM card or a patching cord, plug it into an outlet - and the job is done.

Opportunities provided by SD-WAN

SD-WAN processes traffic by order of importance, QoS, and security according to the needs of a business. This technology can leverage physical, virtual, and cloud devices for consistent centralized management of app policies and threads across all branches of WAN.

SD-WAN widens a company's opportunities in the following ways:

  • Allows firms to monitor and efficiently distribute traffic.

By acquiring an SD-WAN solution, the customer doesn’t need to develop and maintain a concurrent monitoring system. Typically, the controlling system of SD-WAN includes solid monitoring functionality. Vendors offer ready-made techniques for managing device configuration, which simplifies the routine tasks of network administrators.

Let's say a branch has direct access to the Internet and a channel dedicated by a provider. The router constantly checks the quality of all available channels, which makes it possible to organize application traffic routing, taking into account service level agreement (SLA). For example, voice traffic goes through LPS, and then the delay on the provider's network increases. The SD-WAN Controller will automatically transfer the voice traffic to the channel with the required SLA. Thus, it is possible to distribute program traf