Cisco sees strong shift towards SD-WAN
As security in a cloud-first world becomes increasingly complex, Cisco is seeing a solid shift towards the adoption of software-defined wide area network (SD-WAN) technology.
This according to James Brown, head of product and cloud security for Europe, Middle East, Africa and Russia (EMEAR) at Cisco, who was speaking at ITWeb Security Summit 2019 in Sandton yesterday.
“We are seeing a very strong move towards the adoption of SD-WAN technology, so much so that we feel in the very near future networking decisions and security decisions will not be two separate conversations any longer,” he said.
He said there is a need for the traditional security model to change for more software-as-a-service (SaaS) adoption and cloud adoption to really take flight.
“On the networking side, we have seen a movement away from the historically centralised approach to a more decentralised approach. On the branch side, one of the most interesting shifts is a movement towards direct Internet access (DIA) and what we have seen growing at an exponential rate at Cisco is the adoption of SD-WAN capabilities,” he added.
Brown highlighted some research that Cisco did over the past few months to find out how quickly the trend towards DIA and SD-WAN was moving. The vendor interviewed around 500 security practitioners, predominantly in North America and Europe and in larger organisations.
It found that four out of five organisations are shifting to direct Internet access (DIA) and 76% of organisations are either starting to use SD-WAN or have fully on-boarded SD-WAN.
What follows this trend is the security aspects that need to be changed or introduced to keep network’s secure. The survey found that 42% of branch office security deployments take over a month to fully apply the appropriate security controls.
“A month is too long to have security vulnerabilities and the challenge on the security side is that we don’t want to be the people who are holding back the movement toward better usage of the network and more flexible work situations,” Brown said.
“We are also seeing a very strong move toward attacks being focused on remote users. It makes sense, a single person working in Starbucks is a more vulnerable device than going after the headquarters’ database. So they attack the remote worker and the worker takes the Trojan horse into the headquarters and that is the criminal’s way in.”
In fact Cisco found that 68% of remote users were targeted in recent attacks.
“We need a way to address the branch office gap and the rise of attacks on mobile users and we found that people are wanting to do this in a more centralised manner. There is a definite interest from the market of moving towards a more centralised management, and a single-vendor and single-platform approach.”
Of those surveyed 76% said they prefer a multi-function security platform to solve the remote security challenge.
“This has given rise to a new category within the security space, called the secure Internet gateway. At Cisco we are moving in this direction and many security vendors are moving in this direction as well”
He said this is essentially where on-premises security converges in the cloud for more effective protection of branch offices and you get more effective protection across the SD-WAN fabric.