While SD-WAN provides solutions for networks in a cloud environment, it also requires a new security configuration.Enterprises that aren’t completely onboard with a total cloud migration are still adopting cloud solutions incrementally. In fact, many are finding they can better optimize their IT environments with a hybrid approach, so they abandon a comprehensive migration strategy for a plan that evaluates each workload independently. Before long in these situations, the network configuration becomes too complicated, and network engineers begin pushing for the deployment of a software-defined wide area networking (SD-WAN).

Most enterprises use multi-protocol label switching (MPLS) to backhaul their internet traffic back through a central location before pushing it out to a cloud solution. As hybrid solutions become more complex, this approach causes latency and performance issues, and it can get pricey. MPLS is highly secure and reliable, and SD-WAN makes it possible to continue leveraging MPLS for mission-critical traffic.

When an enterprise switches from MPLS to SD-WAN connectivity, they get the solution they need: the ability to connect each branch location to the cloud. What this also means is that the enterprise requires a new approach to network security. Here are the elements that need to be addressed:

New security rules: The days of building a secure perimeter around a network are, unfortunately, over. There’s no firewall that will protect a hybrid environment when accounting for branch locations and repeated use of cloud solutions. Fortunately, you can still create a firewall at each branch location, and then you need to follow these additional guidelines:

1.     Consumer-grade connection aggregation for SD-WAN termination

2.     Optimizing bandwidth options through WAN optimization

3.     The routing of traffic

4.     Firewalls installed at each location to protect the perimeter of the branch

5.     Threat protection through sandboxing technology


Sandboxing: the sifting of emails and web traffic that comes with a centralized firewall and protect your enterprise from malware. You’ll need sandboxing technology that replaces the centralized version you had before.

This is just one more area where it makes sense to access options in the cloud. Cloud sandboxing allows you to simultaneously route traffic based on what’s important to your organization. Unless, of course, you can afford to install sandboxing technology at each branch location.

Centralized security isn’t the only approach to protecting yourself against a cyber attack, and it’s inadequate in the era of cloud technology. It’s important to prioritize the development of your network security to match your SD-WAN adoption to support cloud solutions.

Find out more about how to protect your network in the age of cloud solutions. Contact us at SimpleWAN to learn about security strategies to meet your specific business needs.