SD-WAN Security Needs a 'Refresh,' IDC says

GTT's Todd Kiehn, SVP global product management - GTT-commissioned research finds SD-WAN security needs a refresh

SD-WAN Security Needs a 'Refresh,' IDC Says

Julia King | Editorial AssistantNovember 17, 2022 10:00 AM

IDC released results of a new study that showed over 95% of enterprises have deployed SD-WANs or plan to do so within the next 24 months.

Enterprises today are facing what IDC calls “storms of disruption:” waves of economic, political, and social disruptions that are hampering companies’ efforts to become “truly digital enterprises” – like the Russia-Ukraine war, global recession, and industry-wide skills gaps.

Networks need to support businesses in their move toward a cloud-native, digital-first, hybrid-working model of operation, and SD-WAN is now a cornerstone of network transformation, IDC added in its GTT-commissioned study.

However, the research firm also found that as SD-WAN deployments have grown in scale, they have increased in complexity and support a growing proportion of enterprises’ critical networks and applications.

As a result, the “early solutions need a refresh,” IDC said, forecasting that worldwide spending on managed SD-WAN services will grow 21% per year to reach over $15 billion in 2026.

SD-WAN Study Shows Improving Security Is Top Priority

The move to cloud-first and internet-first, the explosion in remote working, and the growing uncertainty of economic and geopolitical environments have created “some extreme security challenges,” IDC noted.

But nearly half (42%) of the study’s respondents said they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all. Still, improving network security was the top WAN priority among respondents, with seven out of 10 worldwide indicating they expect to use integrated security in the next 12 months.

Todd Kiehn, SVP at GTT, said “There will be a continued evolution to SD-WAN integrated with cloud security over the coming year.”

“The IT organization is going to require ever-increasing visibility into the actions of the end user,” he told SDxCentral.

To combat the growing threat landscape, networking and security need to converge “both technologically and organizationally,” the firm added.

Kiehn said, “Consistently through our customers, prospects, CIO roundtables and through this recent research, the biggest obstacle enterprises are having in implementing new security solutions is finding and securing a staff with the necessary skills. The cybersecurity skill shortage particularly is a global problem.”

Companies that have no position on SD-WAN-specific security yet face the challenge of adopting these new technologies on their own or through managed service provider partnerships — either of which take time and resources.

IDC also echoed a familiar call to remove organizational networking and security silos, saying “Enterprises also need to understand how networking and security can converge in an organizational sense. As the technology converges, so too do the teams within organizations that are responsible for defining and managing these critical domains.”

Over 40% of responding organizations in the study claimed that these teams are fully integrated under single management today. “This has grown from very low levels only a few years ago and indicates the speed at which these two worlds are coming together,” the IDC said.

Is SASE the Solution?

At the heart of the networking and security conversation sits secure access service edge (SASE) – the Gartner-coined term for a cloud-native convergence of the two IT stacks.

SASE, particularly in combination with an SD-WAN overlay, is seen as a less expensive way to get circuits exactly where they are needed — especially to remote locations — than using traditional architectures like MPLS. Scaling the enterprise WAN out to more user devices and more locations also becomes easier, a necessity at a time when hybrid and remote working continues to be popular.

“Enterprises can view SASE as a security architecture transformation alongside the deployment of SD-WAN. Our customers are deploying security to support their varied digital transformation initiatives such as work from anywhere, branch transformation or cloud migrations,” Kiehn noted.

The IDC study found that more than 80% of respondents worldwide have either made SASE a priority (39%) or have recognized its benefits and are already incorporating it into company initiatives (42%). Only 19% of respondents worldwide reported they do not view SASE as a priority.

Kiehn added, “Security solutions based on the SASE framework provide choice and a roadmap to address the specific business needs of the enterprise such as enhancing the security posture of mobile users by replacing legacy VPN technology, improving security for guests and employees at brick and mortar locations, and developing a more comprehensive posture to support a hybrid cloud model.”

This article was updated to include quotes from GTT on Nov. 17, 2022, at 12:05 PM ET.

Find the full article here.