1272 Bond Street, Naperville, IL 60563 630-505-7500
Network Services
Article originally by ATI partner Ken Presti, Research VP, AVANT Research & Analytics

Like everything in this world of technology, effective security needs to be baked in to virtually every value proposition put on the table. This is important to today’s enterprise technology buyers who evaluate different offerings and build the internal consensus to either accept or decline and offered solution.

According to AVANT’s State of Disruption Report, 74 percent of surveyed technology decision makers fear that a successful cyberattack could cost them their jobs. Fewer than half believed that their companies were well prepared to handle an attack and mitigate the results.

SD-WAN solutions typically include their own security protections, such as stateful firewall capabilities, site-to-site encryption, application policy control, segmentation for VLANs and split tunneling, and authentication between edge devices and the controller. How SD-WAN companies deliver security solutions varies widely, with some becoming security technology providers with their own technology and development as a core part of their SD-WAN value proposition, while others are partnering with market leaders to embed security solutions within their product. Most will interoperate effectively with third-party security tools and services, although some may interoperate better than others. Therefore, your current set up of firewalls and other security gear may not need to be displaced with the advent of SD-WAN, but it does make sense to review the technical notes of the specific SD-WAN company for their preferred recommendations.

The addition of new technologies and infrastructure almost always expands the attack surface. Thus, technology buyers as well as technology sellers need to be keenly aware of their level of exposure. This is especially true of companies leveraging local Internet breakout, rather than backhauling through a data center. As the data travels across the Internet, protections for layer 4 through layer 7 of the OSI stack will likely be necessary. Security technologies of particular focus should include next-generation firewall with intrusion prevention, web filtering, and DNS security. These, however, can become quite costly when being applied to a large number of remote facilities. Looking at the other side of the coin, it’s also true that a successful breach at a remote office can often be used as an effective bridgehead to gain access to central corporate resources.

“Security continues to be the number one concern that IT decision makers have when considering migration to SD-WAN,” said Ray Watson, Vice President of Innovation at Masergy. “This ultimately favors solutions which tightly integrate and support unified threat management as well as managed detection and response.”

According to AVANT’s Assessment Data, 54 percent of customers entering the SD-WAN decision discussion are uncertain of how to approach security, while 22 percent are planning to install a next-generation firewall at each site. Another 14 percent are planning to use a cloud-based firewall service. Those who are uncertain would be well advised to work closely with her Trusted Advisor to ascertain the best solution for their needs.

It’s also a good idea to more fully assess what types of data your company needs to store, and the duration of that storage. While some people believe that virtually all data is worth keeping, it’s also true that limiting stored data can vastly reduce your attack surface and, ultimately reduce security costs while increasing peace of mind. So many companies are taking a fresh look at what data deserves to be kept and what data should be discarded.

For more information on SD-WAN, download AVANT’s free 6-12 Report at

Network Services

Velocloud NSX SD-WAN for Enterprises offers clear advantages for very large and multinational organizations with thousands of existing branches, long-term contractual provider agreements, global reach and substantial infrastructure investment.


Current Enterprise WAN Challenges

  • Expensive Bandwidth – Delivering increased bandwidth to meet enterprise application growth is expensive, time consuming and comes with long lead times.
  • Branch Complexity – Increases in distributed offices, agility demands for existing offices, and the explosion in applications and services has made branch offices complex to deploy, upgrade, manage and maintain.
  • Rigid Architecture – Traditional WAN designs are optimized to back-haul branch traffic to data center applications using closed networks relying on restrictive class of service assignments.


How Your Enterprise Will Benefit


  • Inexpensive Bandwidth – Transform inexpensive broadband Internet into an enterprise grade secure WAN without a data center head-end while improving the performance of your existing WAN.
  • Reliability & Performance – Maximize throughput, reliability and performance of private MPLS and broadband Internet with application steering and link impairment remediation technologies.
  • Cloud Service Access – Your wide area network can now securely, reliably and pervasively meet your cloud applications and services where they live — in the cloud.
  • Service Insertion – Seamlessly insert services such as security, optimization and collaboration in the cloud and in the branch office on the NSX SD-WAN Edge.

[Whitepaper] Learn how SD-WAN addresses the unique challenges of the enterprise, pervasive never-static networks.

Scaling Enterprise SD-WAN Deployments