BLOG

Security and the Hybrid WAN

SD-WAN combined with regional cloud-based firewalls offers the best centralized security. Read to learn more.
August 3, 2021

In the early days of the Internet, enterprise networks followed a well-established blueprint: applications ran in centralized data centers, and users accessed them over private WANs. Connectivity to the Internet-based applications of the time – email, file transfers, and web browsing – was likewise centralized, and the associated public traffic was carried over the same private WANs. This was an appropriate architecture when Internet traffic was modest and sub-second latency was acceptable. And because connectivity to public networks was limited to a few physical locations, it made the network easier to secure by minimizing the potential attack surface.

But as the Internet rose to prominence, the situation changed. Many internally hosted applications were replaced with powerful SaaS alternatives, and the amount of Internet traffic on the WAN increased substantially. Moreover, new bandwidth-hungry applications such as cloud-based storage began to overload legacy WAN links, and real-time applications such as UCaaS performed poorly across congested WANs with the latency overhead of centralized Internet access.

Consequently, enterprises scrambled to deploy hybrid WANs, adding local Internet access at each location. This had the desired effect of offloading Internet-based traffic from the private WAN, and it avoided the latency overhead of routing through centralized data centers. But these gains weren’t achieved without trade-offs: the network grew more complex and difficult to manage, and the potential attack surface increased significantly, making the hybrid WAN more difficult to secure.

SD-WAN: Harmonizing the Hybrid WAN

With the emergence of SD-WAN, the physical distinction between private WAN and public Internet has blurred: the private WAN has become a virtual “overlay” network running atop one or more public networks (the “underlay”), and SD-WAN software now determines how application traffic is routed. Internet-based applications can be broken out locally to use the underlay natively, while private traffic is encrypted and tunneled between locations in the overlay.

Although SD-WAN adds intelligence and flexibility to the hybrid WAN, it is subject to the same security and latency trade-offs. Using local breakout minimizes latency, but it expands the attack surface to include every location, and some of SD-WAN’s most powerful features such as Forward Error Correction and packet level link steering are only available in the overlay.

Cloud Firewalls to the Rescue

Fortunately, there is an alternative wherein the benefits of centralized security can be achieved while keeping latency in check. Managed secure SD-WAN providers who operate their own backbone networks can offer cloud-based firewalls for regionalized secure Internet access. This avoids the need to open up public network access at all locations, and it allows Internet traffic to enjoy the full benefits of riding the SD-WAN overlay. A well-designed cloud-based firewall design will align with the geographical footprint of the enterprise, ensuring all locations can reach the Internet without excessive delay. From a performance and security perspective, SD-WAN combined with regional cloud-based firewalls offers the best of both worlds!

Acerca de GTT

GTT connects people across organizations, around the world, and to every application in the cloud. Our clients benefit from an outstanding service experience built on our core values of simplicity, speed, and agility. GTT owns and operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. We also offer a complementary portfolio of managed services, including managed SD-WAN from leading technology vendors.

 

 

Related RESOURCES

OUR GARTNER RATING

4.2

62 reviews

88%

as of the last 12 months
Scroll to Top

GTT Recognized as a Leader by ISG

See Why GTT Stands Out in the Latest ISG Provider Lens™ Report

We’re proud to share that GTT has been named a leader in the newest ISG Provider Lens™ report. This recognition reflects our continued commitment to delivering secure, high-performance network solutions for global enterprises.

Read the full report to see how GTT compares.

GTT Recognized as a Leader by ISG

See Why GTT Stands Out in the Latest ISG Provider Lens™ Report

We’re proud to share that GTT has been named a leader in the newest ISG Provider Lens™ report. This recognition reflects our continued commitment to delivering secure, high-performance network solutions for global enterprises.

Read the full report to see how GTT compares.

GTT Reconocido como Líder por ISG

Descubre por qué GTT destaca en el último informe ISG Provider Lens™

Nos enorgullece anunciar que GTT ha sido nombrado líder en el nuevo informe ISG Provider Lens™. Este reconocimiento refleja nuestro compromiso continuo con ofrecer soluciones de red seguras y de alto rendimiento para empresas globales.

Lee el informe completo y compara los resultados.

GTT als führender Anbieter von ISG ausgezeichnet

Erfahren Sie, warum GTT im neuesten ISG Provider Lens™ Report hervorsticht

Wir freuen uns, mitteilen zu können, dass GTT im aktuellen ISG Provider Lens™ Report als führender Anbieter ausgezeichnet wurde. Diese Anerkennung unterstreicht unser Engagement für sichere, leistungsstarke Netzwerklösungen für globale Unternehmen.

Lesen Sie den vollständigen Bericht und erfahren Sie mehr.

GTT riconosciuta come leader da ISG

Scopri perché GTT si distingue nel nuovo report ISG Provider Lens™

Siamo orgogliosi di annunciare che GTT è stata riconosciuta come leader nel più recente report ISG Provider Lens™. Questo riconoscimento testimonia il nostro impegno costante nel fornire soluzioni di rete sicure e ad alte prestazioni per le aziende globali.

Leggi il report completo per saperne di più.

GTT reconnu comme un leader par ISG

Découvrez pourquoi GTT se distingue dans le dernier rapport ISG Provider Lens™

Nous sommes fiers d’annoncer que GTT a été reconnu comme un leader dans le dernier rapport ISG Provider Lens™. Cette reconnaissance témoigne de notre engagement constant à fournir des solutions réseau sécurisées et performantes pour les entreprises internationales.

Lisez le rapport complet pour en savoir plus.