Why VPNs Are Better with SDN
Software defined networking (SDN) brings many benefits to the enterprise – streamlined architecture, network agility, even improved security. But on a fundamental operations level, its chief advantage is that it allows users to establish virtual private networks (VPNs) quickly and without having to learn a host of archaic network provisioning skills.
The VPN, of course, is the abstract networking environment that allows apps to connect to both local and distributed resources on the cloud or the edge. By building their deployment into a DevOps-oriented SDN architecture, worker productivity gets a huge shot in the arm just at a time when data and data services are about to form the central plank of the enterprise business model.
According to CradlePoint’s Todd Krautkremer, the rise of mobile connectivity all but demands greater agility over the wide area. This means the new VPN will have to incorporate a number of advanced features, including topology independence, policy-based traffic steering between physical and virtual resources, and end-to-end management capabilities that essentially eliminate the boundaries between WAN and LAN. Ultimately, this will drive traffic off fixed MPLS infrastructure toward Internet-based SD-WAN environments that can accommodate an expected dramatic spike in endpoints over the next decade or more.
Indeed, says VPN Compass’s Heidi Finigan, we can expect VPNs to be nearly universal as early as 2022, connecting not only PCs and smartphones but also routers, televisions and smart IoT devices of all kinds. Recent research points to 13 percent compound annual growth for VPN connectivity over the next five years, driven by nearly 40 percent expansion in enterprise settings and 27 percent growth on the personal consumer side. With expanded adoption, however, a key question is whether authorities will impose tighter regulations on VPNs, which currently are not required to monitor or store data. Implementing VPNs under an SDN model represents more than just convenience, however. As Forbes’ Larry Biagini noted recently, traditional VPNs come up short in a number of ways in the modern data architecture. For one thing, simply enabling remote access back to the corporate network ups the security risk by expanding the attack surface to enterprise data. Second, scalability is still limited because it requires the continued deployment of hardware appliances for firewalls, threat detection, data loss prevention and other functions. Under a software defined ecosystem, security and governance policies can occupy the application or data layers, offering protection no matter where the network extends.
This need to drive greater security across dynamic VPN environments is a key aspect of future growth, which is one of the reasons Symantec recently acquired a platform called SurfEasy from developer Opera Software. The $38.5 million deal will end up folding SurfEasy into Symantec’s consumer business unit, although it will likely gravitate to the enterprise in time, given the rise of BYOD policies in the workplace. SurfEasy enables secure, flexible, end-to-end connectivity for iOS, Android, Mac and Windows devices, and it already provides the security backbone for Symantec’s Norton Wi-Fi VPN system.
It seems, then, that the VPN is alive and well in the enterprise, and in fact is being given a new lease on life through SDN. As the pace of business quickens, having to wait for someone else to provision network resources is not only an annoyance but a real performance-killer.
Arthur Cole is a freelance journalist with more than 25 years’ experience covering enterprise IT, telecommunications and other high-tech industries.