Michael started in IT in 1997 as a Pre-Sales Specialist for new and emerging technologies. He progressed through to a Technical Architect working with emerging fibre solutions such Wave Division Multiplexing and Metropolitan Area Networking. He has been working with Chess for over 9 years in varying roles designing and building local area networks, wireless infrastructure and wide area networks. Michael is a big lover of playing golf.
Michael Smyth, Network Consultant at Chess, reviews why SD-WAN is gaining popularity and deployed in enterprises. He covers:
- Jump to Why SD-WAN? >
- Jump to The SD-WAN Transformation Journey >
- Jump to SD-WAN and Cyber Security >
- Jump to SD-WAN Customer Project: Care Home >
- Jump to Book a Consultation >
WAN technologies have steadily evolved over the last twenty years. Chess has seen the transfer from dedicated point-to-point to point to multi-point communication, and between private and public network underlays. However, increasing speed and lower operational expenditure have been many enterprises' only significant visible benefits.
SD-WAN provides a transformational change in network capability. It offers enterprises a significant opportunity to deliver a truly disruptive solution that provides key competitive advantages. SD-WAN builds on the latest automation and virtualisation technologies to service businesses, providing more agility and control. It offers a better user experience and, most importantly, allows to exploit new capabilities emerging from solutions such as edge computing and SASE. These advances will allow businesses to understand their infrastructure better, have a flexible means to scale up and down, and demonstrate significant ROI (Return on Investment).
The SD-WAN Transformation Journey
Any organisation interested in a network transformation has a lot to consider. Having Chess as a trusted and experienced partner has helped many businesses throughout their transformation journey. Our team works with companies to review when or why to adopt SD-WAN technology. We focus on the principal benefits of reliability, bandwidth, WAN management and the potential cost benefits. Balanced against these is the impact of change on the organisation and the often forgotten security factor. The economic and value implications of SD-WAN are unique to each business and each industry, so it is better to engage with a trusted partner to develop a realistic business case.
Something to keep in mind is that the integration of technologies onto an SD-WAN solution is still very much in the development phase. This doesn't mean SD-WAN doesn't provide a business-grade SLA network service itself - this has been proven many times over with traditional WAN technologies. Instead, it refers to how businesses will leverage the platform and advance communications in new and seamless ways. For example, SD-WAN improves the QoS (Quality of Service) for critical applications by utilising predictive analysis and traffic management. Furthermore, the solutions can detect anomalous spikes in network usage for the time of day, a known bad IP address or unusual geographic sources. These are analysed by the system observing the corporation's unique traffic trends, thereby adaptively reducing false positives.
Protect Your Data with SASE
Secure Access Service Edge (SASE) Explained (Includes Video Summary)
SD-WAN and Cyber Security
When reviewing security within SD-WAN technology, we see that the majority of the risk is similar to other platforms. However, there are some additional considerations that are likely to be new to security and IT teams. While SD-WAN is a predominantly a network offering, it also provides the capability to manage disparate security services, both in terms of vendor and geographical, from a single pane of glass and in a standardised fashion across the entire network. SD-WAN provides the benefits below:
- Greater agility and innovation since Much of the process of integrating network security products can be reduced to a few careful clicks - reducing the deployment time of new solutions, and quickly reducing the attack surface.
- Security component configurations can be modified by approved administrators on demand, by either individual admins or extended to trusted groups with granular permissions. Self-serve portals where you can manage multiple vendor components will become more prevalent with service provider solutions.
- Secure communications between SD-WAN locations can be built into standard connection templates and automated across any connectivity medium.
- Simplifying patch management, increasing confidence that security patches on platforms are maintained using zero-touch upgrade techniques.
- Clear and complete reporting of all infrastructure components within the SD-WAN umbrella.
- Reduced reliance on the operator or vendor(s) to develop credible end-to-end solutions utilising best practice security principles throughout the entire solution stack.
- The centralisation of the Management suite provides a honeypot for bad actors. As more Virtual Network Functions (VNFs) are applied, this should no longer be viewed as just a WAN management tool but as a suite of closely aligned and critical Enterprise Infrastructure managed by the SD-WAN service.
- WAN or site edge components will likely be exposed to a mixture of private and public, or trusted and untrusted in nature and have multiple egress and ingress points to their network. Businesses must be confident that sufficient controls are applied at major hubs and branch offices.
Due to the fluidity and transitional nature of traffic routing, the complexity of operating and securing the platform increases. For instance, the SD-WAN could be extended to public clouds, distinguishing between publishing sensitive applications privately and public applications to the Internet. Therefore, office staff could connect to the same public cloud via both private WAN and public Internet. At Chess, we understand that flows and access at any given time should be high on any security agenda, so having a platform which can provide this information out of the box is paramount.
We often work on projects to migrate or transition organisation's current WAN's to SD-WAN technology. We design and deliver an SD-WAN solution which provides an enhanced application experience with multiple hybrid active/active circuits and dynamic path selection that steers critical applications over multiple connections. This eliminates network problems and allows delivery of pervasive security with SASE on-premise or in the cloud with zero trust foundations of authentication, encryption and segmentation, along with next-generation firewall security. Businesses have the advantage of extended visibility of the network fabric and into the cloud. It allows organisations to correlate telemetry, provide insights and transform network operations to a more proactive model. Finally, our customers are choosing SD-WAN primarily because of the operational simplicity provided, the highly visualised interface and intuitive user experience enabling simplified configuration, management, operation and monitoring across the business-wide area network.
SD-WAN Customer Project: Care Home
For example, a large care home company with over 70 sites wanted to enable a more hybrid and remote working workplace. Our customers asked us to complete a full investigation on how they could enable the delivery of digital transformation initiatives, improve performance, accelerate their applications with multi-cloud connectivity and replace or augment their current MPLS WAN. After an initial review of the business infrastructure, we recommended deploying a Cisco Meraki SD-WAN solution.
Soon after the project was delivered, the care home noticed that SD-WAN delivered a more stable, reliable and scalable network for remote, hybrid and office end-users with improved application performance. Furthermore, by adopting the Cisco Meraki SD-WAN solution, the company could swiftly adopt emerging technologies as well as cloud-based and/or SaaS applications, accelerate digital transformation projects and enjoy quicker deployment timelines for new sites.
The company found that its IT team saved both valuable time and resources by adopting a managed solution, saving an estimated 10-25% of IT resources' time since deploying the Cisco Meraki SD-WAN.
It decreased network TCO by reducing hardware costs and time spent on incident resolution. The care home's IT team now focuses on other priorities, evolving into more strategic partners to the business.
We can help you on your journey and advise on the best approach for your organisation. Contact our expert team and book your FREE technology consultation today.
Protect Your Data with SASE
Gavin Wood, CTO at Chess, explains the emerging cyber security concept SASE (Secure Access Service Edge).
Hybrid Warfare and Cyber Attacks
Luiz Simpson, Director of Security Testing, reviews the most recent news on cyber attacks, hybrid warfare and the conflict in Ukraine.