denisismagilov - Fotolia
Due to the convergence of IT and telecom, network teams at communications service providers have been introduced to a succession of enterprise networking concepts and products. But talking about SD-WAN, virtual security and secure access service edge one after another misses the point.
All of these are laudable products. SD-WAN is multifaceted but generally misunderstood; virtual security -- the often-used and vague term that really just means virtual firewall -- makes total sense in an edge-delivered, dynamic environment, and secure access service edge (SASE) is the shiny object term du jour, but it has real merit and clearly is an idea at the right place at the right time. What do these technologies have in common? The list could be long, but they have four overarching characteristics:
- Each is a virtual technology, self-configuring and self-managing.
- Each focuses on the edge -- which is expanding rapidly with the meteoric rise of public cloud and remote work.
- Once some edge infrastructure exists, each can be delivered on demand.
- For security, all of them can and must be coordinated, consistent and service chained.
Appledore Research's SD-WAN research has argued as far back as 2019 that network operators have a huge opportunity to establish a new and dynamic enterprise edge on which to build a new business of on-demand, chained and managed services for enterprises. In particular, the report said:
- Single communications service providers (CSPs) can find significant synergies to deliver this bundle of bandwidth, and application-aware traffic steering and security.
- Demand exists for simplification and attractive commercial models.
- Huge operational efficiencies are inherent in the automation, but automation is complex and lends itself to a managed service.
In general, major CSPs agree. Even their portfolio names suggested a similar vision. Rather than "SD-WAN," Verizon refers to its family of "virtualized network services," while Frankfurt-based ngena, a global end-to-end orchestrated SD-WAN-as-a-service company, describes its platform as a way to deliver services from an exponentially increasing set of partners and suppliers. Lumen, based in Monroe, La., refers to its ability to orchestrate bandwidth, SD-WAN, cloud as a service and third-party APIs as its secret weapon.
Over the past 18 months, CSPs worldwide have slowly been turning their aspirations into reality. It is a slow process that demands an automated mindset and significantly reorganized systems. If we are critical, most CSPs' product groups began with major gaps (covered in detail in reports and in-depth profiles on many CSPs' offerings). Yet to give credit where credit is due, many have steadily added capabilities from basic ones (cross-layer dependency analysis) to more advanced (API environments to support third-party capabilities within an orchestrated service chain).
CSPs must look beyond security
While I applaud the vision, at the same time, I am concerned by the focus on individual capabilities. SD-WAN is not all about security, although it offers major steps forward when used correctly. Security shouldn't be a one-trick pony for CSPs, but instead part of a well-engineered family of on-demand services to provide better service with far less effort, at arguably lower cost. By keeping the big picture in mind, a win-win is likely for both buyer and seller.
So it's time to start thinking about the dynamic enterprise edge, complete with its own universal CPE, flexible orchestration and a unified vision of transport, security and vertical add-ons. This enterprise edge has operational merit for the reason SD-WAN, WAN, firewall, remote access services, acceleration, public cloud access and site routing configuration all interact. Change one, change many -- and this is the spawning ground for errors that may be simply annoying, or may be open security vulnerabilities.
By acknowledging the dynamic enterprise edge as a distinct domain, to be considered as a whole, vendors and communications service providers can turn today's footholds into a dynamic and growing business.
About the author
Grant Lenahan is a principal analyst at Appledore Research, with more than 25 years of experience in telecom infrastructure and software. He has an MBA from MIT and a BSc from Drew University.
Appledore Research is a specialist research, analyst and advisory firm covering network automation, security, AI and other telecom and IT convergence topics in enterprise and telecom.