Loading Events

« All Events

  • This event has passed.

Software Defined WAN (SD-WAN): Security Implications and Design Solutions

November 15, 2017 @ 12:00 - 17:00 EST

Software Defined WAN (SD-WAN) is transforming Wide Area Networks (WANs) by providing a highly available Secure WAN Transport combined with Direct Internet Access in the branches. With SD-WAN, Enterprises can mix WAN service offerings from multiple providers (MPLS, Internet, Carrier Ethernet, 3G/4G, …) to optimize their bandwidth costs and dynamically balance applications across the various links. This session will discuss the security implications of this new architecture. SD-WAN can be implemented either using a tunnel transport centralized security method which adheres to the current security design models where users still access the Internet centrally, or with Direct Internet access where users in each branch access the Internet directly from the branch. With Direct Internet Access, enterprises can improve public cloud application performance and offload the private WAN of Internet bound traffic, which reduces the need for more private WAN bandwidth. This has security implications however, in terms of NG-Firewall, NG-IPS, VPN, encryptions suites, web secure gateway access for users, and advanced anti-malware placement and design. These security assets can be provided locally in the branch, centrally at the head end, or in the cloud. Security design pro’s and con’s for centralized tunnel transport and Direct Internet access will be laid out. The problem of how to intercept applications and dynamically redirect a small number of whitelisted ones only out the local internet connection is a difficult one currently to solve. Possible solutions will be discussed.

Watch the Recorded Webinar


Ken Kaminski
Ken Kaminski, Cisco Systems, is the Network Security Technical Solutions Architect for the Northeastern United States and Global Financials. He specializes in BYOD implementation, Security in the Data Center, Identity Management Systems, Network Segmentation, Cisco Security, and Wireless and Network Switching and Routing Products and Technologies for large enterprise and global accounts. Mr. Kaminski has been a member of the Security Field Advisory Board at Cisco that drives security training and programs for Cisco's Security Systems Engineers and provides customer feature requirements to Cisco Engineering. He teaches and speaks often on security related topics including Cisco Networkers and other industry forums. Prior positions include Security Architect for the Northeast US and Consulting Systems Engineer for Voice, Video, and WAN technologies at Cisco Systems. He was one of the first Consulting Systems Engineers hired at Cisco. Prior to that, he was the Senior Systems Engineer for a startup company in the carrier ATM switching market. He was also a Telecommunications Officer in the US Army leaving the service as a Forward Signals unit Company Commander. Ken has his CISSP, GCFA, GPEN, GAWN, GMOB, GPYC, and GCIA along with a BA and MA from Boston University.


November 15, 2017
12:00 - 17:00
Event Category:
Event Tags:
, ,



Reader Interactions

Leave a Comment