Optimal hybrid working with VPN, SD-WAN, zero trust, and SASE
Published on 16/06/2022 in Tech, tips & tricks
Hybrid working means that network management and security is quite challenging. Kristof Spriet, Products & Solutions Manager at Proximus, explains what a high-performance and secure network needs to do to support hybrid working.
In the past, a company's applications ran, by default, in the on-premise datacenter. That made organizing teleworking quite easy. Employees had access to the company network through the firewall. "However, this classic configuration is less than optimal when using cloud services," says Kristof Spriet.
SASE for optimal cloud security
Companies that decide to give the employee direct access to the cloud without additional security are on dangerous ground. Hackers can try to access the company network via employees’ PCs. "The right methodology to tackle security is by using SASE (Secure Access Service Edge)," said Spriet. "That is a combination of security and network solutions geared to the company's cloud services. Employees first connect to a security layer in the cloud, and only then to the application."
Protecting critical data traffic
When opting for the principle of zero trust, an additional layer of security is built in for the homeworker. With zero trust, the starting-point is that nothing can be trusted. Zero trust security reverses the classical security logic. Everything is suspect by definition: all network traffic, all data, and so on. Not just anything from outside the network perimeter, but also all internal traffic.
In zero trust security, therefore, everything is prohibited except what is explicitly permitted. Only when users pass an additional authentication can they gain access to applications and data.
Classic ‘perimeter security’ is no longer enough. Building blocks such as VPN, SD-WAN, zero trust and SASE ensure a solution that best covers your organization's networking needs.
Kristof Spriet, Products & Solutions Manager at Proximus
SD-WAN for managing connectivity
Hybrid working does not just rely on working from the head office or working from home. More and more companies, these days, are using satellite offices. "There you have yet another type of environment," said Spriet. "You cannot organize the security of an employee in a satellite office in the same way as for someone working from home. Contact with the headquarters here is via the company network - for example via Proximus Explore - and not just via the internet."
This brings us to the area of SD-WAN. "This means that employees not only connect to the headquarters easily but can, at the same time, access the cloud directly without going via the headquarters." SD-WAN has the advantage of offering additional possibilities in the area of connectivity control. "Using Explore lets you choose which critical applications are given priority on the network. SD-WAN takes this a step further."
Optimal network use
SD-WAN makes it possible to protect critical data traffic better by making optimal use of the total available network bandwidth. With SD-WAN, you define which applications are prioritized via which connectivity. "You can also decide to divert some data streams to non-critical connectivity. This makes your network more agile. You can respond much faster to your specific networking needs. By offering this as a managed service, Proximus also takes the complexity out of network management."
Adapting security to your networking needs
“At the same time, there are still customers for whom the benefits of SD-WAN are not relevant. But even if they do not use cloud applications and only connect to headquarters, Explore remains the best choice."
In any event, you always need a clear view of the company’s specific needs and then to provide them with the right solution. This is how you build the correct approach: with VPN, SD-WAN, zero trust or SASE. "The key message to be learned is that classic perimeter security no longersuffices," Spriet concluded. "That is perhaps where the greatest danger lies: in a false sense of security."
Kristof Spriet has almost eighteen years of experience at Proximus. He has been Products & Solutions Manager since 2019.
At Groep Haeck, SD-WAN guarantees the stable connectivity that car dealerships need.