Looking to help customers batten down the edge, Cisco is marrying its software-defined wide-area networking (SD-WAN) software with security features while boosting support for cloud services.
Many times SD-WAN customers have been forced to choose between adding more security to their SD-WAN at the expense of application performance or vice-versa, said Ramesh Prabagaran senior director of product management at Cisco.
“We are looking to help customers solve the security and complexity problems at the cloud edge where networking, security and multicloud environments meet,” he said.
What Cisco is doing is adding support for its Umbrella security system to its SD-WAN software which runs on top of the IOS XE operating system that powers its core branch, campus and enterprise routers and switches.
Cisco describes Umbrella as a cloud-delivered secure internet gateway, that stops current and emergent threats over all ports and protocols. It blocks access to malicious domains, URLs, IPs, and files before a connection is ever established or a file downloaded. It basically protects customers and communications at the Domain Name Server (DNS) layer.
Umbrella’s key features come from OpenDNS which Cisco bought for $635 million in 2015. OpenDNS offers a cloud service that prevents customers from connecting to dangerous internet IP addresses such as those known to be associated with criminal activity, botnets, and malicious downloads.
“Umbrella blocks access to malicious destinations before a connection is ever established, and it is backed by the threat intelligence of Cisco Talos,” Prabagaran said. Advanced security is now integrated into Cisco SD-WAN devices and can be managed through a single pane of glass, greatly simplifying the management and control of the SD-WAN and cloud edge, he said.
Pumping up the security of SD-WAN packages is a key feature for Cisco and other SD-WAN players because of the increasing use of the Internet as a primary transport mechanism, said Lee Doyle, principal analyst at Doyle Research.
“With WAN traffic going here, there and everywhere it can be tough for enterprises to establish a secure perimeter. Cisco is looking to solve that challenge,” he said.
Cisco partners with Microsoft to optimize Office 365
In addition to the security enhancements, Cisco said it has partnered with Microsoft to optimize cloud-based Office 365 application access through Cisco SD-WAN. Prabagaran said the SD-WAN package monitors in real time all available paths to the Microsoft Office 365 cloud and is also able to determine the closest cloud, resulting in up to 40 percent faster performance for users.
Linking to cloud offerings such as Office 365 makes great sense as a feature for Cisco to offer customers, Doyle said.
“Linking up with many different [software as a service] platforms is something you’ll see from other SD-WAN players too. It will be a key part of SD-WAN players’ – not just Cisco – feature sets going forward,” he said.
IDC earlier this year stated that as enterprise customers add SaaS and IaaS services they will increasingly look to SD-WAN as a way of “intelligently automating how application traffic is delivered to branch sites, moving away from traditional hub-and-spoke WAN architectures and the backhauling of internet- and cloud-bound traffic to on-premises datacenters toward the increasing use of broadband internet breakout and other network transports – 4G/LTE and 5G – at the branch for cost-effective application delivery.”
In its “Worldwide SD-WAN Infrastructure Forecast, 2018–2022,” IDC stated that the SD-WAN segment of the networking market will hit $4.5 billion and grow at a 40.4 percent compound annual growth rate from 2017 to 2022. In 2017 alone, SD-WAN infrastructure revenues increased 83.3 percdent in 2017 to reach $833 million.
In addition to SD-WAN security and Office 365 announcements, Cisco said it opened a new segment of its DevNet software development program designed specifically for the SD-WAN community. The DevNet SD-WAN center includes new SD-WAN open-developer APIs, learning labs, and sandboxes.
Cisco also added a couple of new appliances aimed at branch offices. The ISR 1111X-8P and the ISR 4461 include integrated SD-WAN support. The ISR 1111X-8P includes Wi-Fi and LTE support, while the ISR 4661 targets larger branches and integrates storage and compute features.