The majority of service provider experts say they feel pretty confident about how their companies are handling software-defined wide-area networking (SD-WAN) security as part of this month's Thought Leadership Council (TLC).

Nevertheless, more than 80% of those experts say it's imperative for their companies to continue researching, developing and investing in security because it's just a matter of time before those companies experience a security breach that affects SD-WAN.

Specifically, more than 50% of TLC panelists think their companies will experience a security breach that directly affects SD-WAN service within two years. About 20% more say it will happen within five years. One panelist admits his company already has experienced such a breach.

But, overall, TLC panelists say their companies are aware of major security pitfalls and have attainable options for strengthening SD-WAN security, as found in the newest TLC report, SD-WAN Focus Group: Security Good for Now, but Don't Rest on Laurels. Council members were asked a series of ten questions about overall security, technology and outside influences related to SD-WAN security.

The report also shows that TLC members think service providers should focus on established technologies to secure SD-WAN. When asked to determine the most important technologies for their company's SD-WAN security plans, 100% of TLC members chose both distributed denial of service (DDoS) and encryption as being critical.

Likewise, more than 90% of panelists said next-generation firewalls (NGFWs) are critical to SD-WAN security. One panelist explained, "SD-WAN security creates the need to look beyond simple or individual applications and mechanisms for more advanced attacks. Security solutions should understand relations between different patterns and attacks on different systems."

Another key takeaway in the report is that service providers are best at securing the network layer in relation to SD-WAN. TLC panelists gave their companies scores of either A or B in relation to securing the network layer. Scores were quite a bit lower for maintaining security integrity over the entire lifecycle, where more than 50% of panelists scored their companies as either average or needing improvement.

TLC is a Heavy Reading research initiative that consists of panels of communications service provider experts focused on key areas of telecom development, including B/OSS Transformation, SD-WAN, Automation, 5G, Emerging Technologies & Services (Project 2025) and IoT. Members participate in Q&A forums several times a year, and all information disclosed by Council members remains anonymous.

— Denise Culver, Director of Online Research, Heavy Reading