Securing the perimeter
During the late 90s, enterprises invested in expensive, high-capacity (e.g., T3 and OC3) connections as they raced towards the burgeoning online world to support their B2C and B2B initiatives. The servers, applications and databases to support this were hosted in data centers, which made it convenient to provide centralized Internet access to all of their business locations. Enterprises, recognizing the dangers of the Internet deployed firewalls to protect and control access to their systems, applications and network.
The next 15 years saw a rise in data center services as many enterprises initially embraced colocation, then dedicated hosting, and eventually cloud. Security followed a similar evolution in the same environment, initially using dedicated firewalls then multitenant platforms, and eventually virtual firewalls. A virtualized firewall compared to its physical brethren requires no space, less power, and can be orchestrated. The security benefits of a stateful firewall were now available as software, setting the stage for the ascent of secure SD-WAN solutions.
Transition to SD-WAN
Coinciding with the shift to cloud computing, WANs became virtualized with software-defined networking (SDN), which separated the control plane (i.e. networking decision making) from the data plane. Software-Defined WAN (SD-WAN)’s ability to use inexpensive broadband connections to build faster and more reliable WAN connections brought numerous Internet circuits to the doorsteps of branch offices and other remote locations. Securing the SD-WAN locations meant the deployment of a physical firewall to every location or using a service provider’s network-based firewall to provide a single point of enforcement in the cloud.
Today, Network Functions Virtualization (NFV) architecture for SD-WAN is both a branded appliance running on proprietary hardware and a Virtual Network Function (VNF) running on universal CPE. Both options can support a service chained firewall VNF incorporating advanced, policy-away network and security functionalities. Sharing local computer and cloud management resources can provide meaningful cost efficiencies and agility. Deployment of new security capabilities is no longer dependent on equipment delivery and truck roll, giving customers the flexibility to adapt their network security approach to the new distributed enterprise perimeter.
In the case of Windstream Enterprise ‘s new MNS-VNF service, the same security capabilities from Fortinet that previously only ran on dedicated appliances now run as software. That means businesses can deploy an integrated solution with Windstream Enterprise ‘s SD-WAN VMware edge device starting immediately, with other technology options like universal CPE as a supported option in the future. As with any Windstream Enterprise product, visibility and control remain simple with our award-winning WE Connect portal.
Peace of mind is also a consideration. As it’s estimated that a business will fall victim to a security attack every 11 seconds by 2021*, businesses are hard-pressed to protect their networks as quickly and comprehensively as possible. As a leader in managed services for 20 years, Windstream Enterprise ‘s security expertise, tools and services help businesses remove tactical security burdens and free up valuable IT resources to focus on more strategic initiatives.
Get in touch for more details
If you think the MNS-VNF could benefit your organization, reach out to our security experts. We’ll answer any question you may have and recommend the best solutions to accelerate your business.