Cywest Blog

Cywest exists to disrupt the telecom industry by provisioning communication and infrastructure services the way they were intended. We are earnest in our belief that every one of our customer’s networks is important to us, because at the end of the day, it is our network too. It has our name on it, we own it. It is with sincere effort that we not only say, but back up the fact, that we have the best network on the planet.

Here’s Why SD-WAN Can’t Be Trusted for Network Security

Posted by Steven Buck on Jul 28, 2020 10:23:00 AM

When traditional MPLS-based network strategies couldn’t address the evolving twenty-first century network challenges, a new solution promised to take its place.


The broad appeal of the shiny, new SD-WAN technology has chiefly been its low cost. Other than this major selling point, its providers promise easy deployment and centralized management.

A Major Drawback in SD-WAN Network Design

But when it comes to offering a holistic solution for enterprise networks, SD-WAN can’t seem to fulfill the lofty promises it makes.



In a Gartner survey about WAN adoption, 72% of respondents said security was their number-one concern. Lo and behold: SD-WAN’s greatest weakness is its fundamental failure to provide adequate security.


In what ways does SD-WAN fail organizations who need enterprise-level protection?


1) No embedded security

What you would expect from an enterprise-level wide-area network is a suite of security tools embedded in the solution, such as IPS, web filtering, NGFW, encryption, anti-virus, and high-speed encrypted data inspection.


Is your network keeping up with your speed? Click here if you’re ready to put it to the test.


These features must integrate with the organization’s security tools that are already deployed elsewhere in their distributed network.

cywest_blog_network security2

A wide-area network that has embedded security allows organizations to use a single security strategy, and to ensure secure connections without hiring third-party cybersecurity services. SD-WAN doesn’t have any embedded security.


To provide the essential security services that protect the average branch office, organizations need complex strategies that work alongside their vendor’s SD-WAN solution. This can be time-consuming and complicated to manage. Which brings us to…

2) Lack of cybersecurity expertise

It’s well-known that many large organizations lack experienced IT staff. Across the globe, there’s a troubling shortage of cybersecurity professionals, as many educational institutions are failing to keep up with advancements in the cybersecurity sphere.

Network analysts

These IT-deficient organizations, as a result, don’t have the resources to build, manage, and monitor the new suite of security tools necessary to maintain new network infrastructure.


SD-WAN doesn’t solve this expertise gap. It’s taking over the market without providing anything beyond basic security. At the end of the day, it isn’t actually a low-cost solution—since it demands additional security expertise and tools, organizations using SD-WAN end up with pretty sizeable IT bills.

One small step (backward) for network security

If SD-WAN solutions aren’t providing security, its promises of seamless connectivity mean nothing—you cannot guarantee 100% uptime when your network is vulnerable to cyberattacks.


As more and more virtual network experts are realizing, SD-WAN doesn’t really add anything new to the evolution of WAN connectivity.


And sure, the promise of reduced carrier costs sounds fantastic… but should organizations take the risk of running on unreliable Internet circuits? Of sending sensitive data over weak encryption protocols at Layer 3 only?


The network you sell shouldn’t be this way.

One giant leap for WAN connectivity

it business

Security should be natively embedded in your network solution. This way, you reduce security overhead and total cost of ownership while ensuring consistent protection and policy enforcement.


Thankfully, there are other options. Find out more about the SD-WAN alternative that has security built-in so deeply—at the level of wires and cables—that there’s no need for additional (and costly) third-party protection.

Topics: IT Networking, SD WAN, Data Security, SD-N

Leave Comment