The enterprise business is now borderless, where users, devices, sites, and clouds are all creating any-to-any connections with new access control requirements. Digital innovation has led to the proliferation of apps and IoT devices where the cloud and web have become an encyclopedia of applications.
Back in the 2000s, MPLS was used to backhaul all traffic to central data centers to consume on-premise applications, which was efficient and delivered with SLAs. Then in the 2010s, the increasing demand for voice, video collaboration, and cloud applications resulted in a need for increased WAN bandwidth in the branch. MPLS became expensive, static, and lacked application level visibility and control. SD-WAN emerged to solve these challenges, combining internet economics with application visibility and control over low cost internet-transport.
Now, we’re at another inflection point where it’s time to look beyond legacy SD-WAN. The sheer volume of cloud applications and IoT devices has exploded and legacy SD-WAN solutions with controls based on application-centric policies are not enough, especially if the specific SD-WAN solution lacks zero trust principles. The evolving enterprise now needs zero trust-enabled, context-aware SD-WAN to provide fast, reliable, and secure access to any application and device at any location with full visibility and the right set of controls. This is possible using contextual policies that include understanding applications, application risks, user, user risk, device, and device risk, all of which make network operations more intelligent and more secure.
Legacy SD-WAN can’t deliver the right controls.
Limitations include the following:
- Limited number of applications can slow innovation– Having a limited number of applications a SD-WAN solution can support can hamstring a business’ ability to innovate and stand out from the competition. Legacy SD-WAN was designed to manage 3,000-4,000 applications, but this is now only a fraction of the number of applications that exist on web and cloud, which exceed multiple tens of thousands.
- Manual configuration is an operational nightmare – SD-WAN promised to deliver software-defined configuration, management, and monitoring—and it delivered on those promises. However, assigning traffic prioritization priorities to all supported applications remains a big challenge. Network operations teams need to configure these applications manually one at a time, which is an extremely slow and error prone process, and doesn’t scale for tens of thousands of applications
- Without visibility there is no control – Visibility and control are two sides of the same coin. If you can’t discover applications, how can you control them? Without having full visibility into all applications, how do you identify sanctioned applications vs unsanctioned applications that are hogging your precious WAN bandwidth