When Making SD-WAN Plans, Don't Shirk Security

Jeff Baumgartner
10/4/2018
50%
50%

DENVER -- NFV & Carrier SDN -- If you embark on SD-WAN plans and don't factor security requirements into the early stages of the process, you do so at your own peril.

That was a key message here last week from John Isch, a keynoter who serves as practice director of network and voice center of excellence at Orange Business Services .

Isch said it's critical to insert security (how it looks today and how it's expected to look years down the road) into the discussion from the get-go and avoid any delay-inducing surprises that could unexpectedly crop up well into the process, or even near the end of it.

And that comes from experience, as he recalled getting three meetings into a project only to find that it was time wasted, as those talks were irrelevant because the SD-WAN network needed to be in complete sync with the company's security policies.

The security elements of SD-WAN services "can change the design of your overall network dramatically," he stressed. He noted earlier that customers tell him that the majority of their traffic (55% on the low side, and as much as 95%) is destined for the Internet.

And that security vetting spans not just the SD-WAN system, including components such as log retention for user traffic, but also user security. The use of "zero-touch provisioning," for example, must match up with the security requirements, he said.

But he's a realist about the challenge, as it can be difficult to get the IT and security people in the same room, as they typically have different requirements and divergent views. While IT tends to emphasize simplicity and visibility, security people are more interested in exposing only what is absolutely necessary, Isch explained.

And the security issue is only amplified when working with global multi-nationals that are using a multitude of firewalls, he added. Among the example is China's "Great Fire Wall," whose mere existence is not even acknowledged by that country's government.

"You can't petition the government if something doesn't work, because it's not really there…even though we all know it's there," he said.

Security was also a topic of a follow-on panel focused on future business models for SD-WAN. And some said that the message that security needs to be part of early discussions is being heeded.

For Comcast Business , security has become a "big deal" for every SD-WAN customer, Jeff Lewis, the unit's VP of data product management, said.

"Our customers are absolutely requiring security," added Kevin Sahim, VP of engineering (managed services) at GTT Communications Inc. . "Security is going to maintain... a high profile."

Sahim said security is also being redefined in the SD-WAN era. "It's no longer edge or perimeter-based security; it's fabric security," he said.


Now entering its second decade, the Future of Cable Business Services event is the premier independent conference focusing on the cable industry's continuing efforts in the commercial services market. Join us on November 15 in New York – all cable operators and other communications service providers get in free


But sometimes it's almost impossible to stay ahead of that requirement, as separate security departments are sometimes brought in after the fact to ensure that new systems meet the security constraints they have for legacy systems.

"Even if a new solution could potentially be more secure, oftentimes, matching what they have today is a first step," Aaron Tomosky, director of solutions consulting at QOS Networks, said.

Once you're able to blaze the necessary inroads with the security department, only then are you free to improve or make changes to those security systems going forward, he added.

— Jeff Baumgartner, Senior Editor, Light Reading

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Featured Video
Flash Poll
Upcoming Live Events
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 6, 2018, London, United Kingdom
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
March 12-14, 2019, Denver, Colorado
April 2, 2019, New York, New York
May 6-8, 2019, Denver, Colorado
All Upcoming Live Events
Partner Perspectives - content from our sponsors
One Size Doesn't Fit All – Another Look at Automation for 5G
By Stawan Kadepurkar, Business Head & EVP, Hi-Tech, L&T Technology Services
Prepare Now for the 5G Monetization Opportunity
By Yathish Nagavalli, Chief Enterprise Architect, Huawei Software
Huawei Mobile Money: Improving Lives and Accelerating Economic Growth
By Ian Martin Ravenscroft, Vice President of BSS Solutions, Huawei
Dealer Agent Cloud – Empower Your Dealer & Agent to Excel
By Natalie Dorothy Scopelitis, Director of Digital Transformation, Huawei Software
All Partner Perspectives