1.09.2020

Fusion secure SD-WAN trumps online threats

The current pandemic has resulted in a migration of the workforce from centralised locations to a more distributed model.

People have been working exclusively from home during the lockdown period and as a result using technologies that facilitate that desired strategy.

Working from home is disruptive when you have a situation where there is limited privacy, lack of resources, adverse effects of isolation, inability to perform tasks that require an office environment, the need for in-person discussions with colleagues, and unreliable unsecure connectivity.

Additionally, for most South Africans, working from home is not economically feasible. Zoom, for example, has been used to enable a distributed work environment, however the data associated with a single Zoom call can be high, especially if only LTE is available.

Notwithstanding, the pandemic has proved the concept of remote working and that large, centralised offices are not a necessity. An example of the best workable solution is a hybrid solution as that proposed by Workshop 17.

These are co-location workspaces that you can use when you travel to remote cities or use when you need to touch base. It is a blend of the remote working and the physical aggregation of a community.

Fusion’s award-winning secure SD-WAN technically enables the Workshop 17 distributed work environment from a connection reliability and security perspective.

Initial “’n Boer maak ’n plan” approach

The pandemic has been handled as an unplanned crisis and most IT departments have followed the “n boer maak ’n plan” approach.

The first plan was to use the Windows Remote Desktop Protocol (RDP) as a mechanism to gain office access.

This is typically achieved using a port forward from a router or firewall. Although it solves the access problem, it is also a common threat vector creating a security headache.

A better alternative plan is to use VPNs which is what IT professionals have been using for ages. The issue is that scaling these to an enterprise level is a massive undertaking.

The mechanism is better than using RDP and less prone to abuse but not perfect as security needs to be an onion. There needs to be multiple layers with each one protecting the next level.

The issue with a VPN is that a compromise on the remote end can be exploited to compromise the enterprise servers being accessed. An example of this is the breaches conducted by an Advanced Persistent Threat (APT) group known as Cloudhopper.

As we emerge from the pandemic, it is time for a solution that protects and secures the connection in an end to end manner.

Fusion’s secure SD-WAN and service chaining approach

Software defined wide area networks (SD-WAN) can provide and secure sites in a network. Fusion’s secure SDWAN solution creates a private network overlay over normal broadband networks and makes it secure.

The connection is secured on both ends using zero trust capabilities while having the ability to encrypt the whole connection.

This ability is further enhanced by service chaining where additional services are integrated into the solution. SD-WAN is the next layer in the security onion.

The biggest factor to consider when implementing Fusion’s offering, is its level of automation and ability to scale. There is no requirement to have extra resources assigned for manual configuration and maintenance in this automated SD-WAN solution.

With VPN and legacy network solutions, as the user count in the network increases, so too does the number of people you need to hire to work on the increased size of the network overlay. SD-WAN’s costs less than the cost of hiring dedicated IT resources assigned to construct and support a legacy network.

Fusion has a scalable administrative portal that has insight into the whole SD-WAN environment, not only for configuration but network performance management. It is a tool that keeps your broadband provider honest and is an excellent solution for a managed service provider to add to their arsenal.

One of the many advanced abilities of the SD-WAN solution from Fusion is the ability to troubleshoot using Wireshark from your desktop to any part of the SD-WAN. This is done using a secure micro network management plane, which even includes the ability to manage networking kit.  Additionally, features also include inventory and vulnerability assessment scans.

Fusion’s active threat intelligence benefit

In South Africa, Fusion has pioneered adding active threat intelligence to its SD-WAN deployments.  This means that even if your end point security has failed the threat intelligence can still stop the bad guys by pulling the rug from under their feet.

A good practical example of this was when Marcus Hutchins stopped the initial Wannacry ransomware by breaking its command and control. In this exact same manner, the effects of bots doing spam, IoT based swarming, crypto mining, malware, or ransomware can be mitigated using Fusion’s active threat intelligence.

The Fusion threat intelligence effectively cloaks your sites from hacking adversaries. It is proactively updated daily and is not used like static predetermined firewall rules.

Furthermore, standardised content management also makes a big difference. Content management from Fusion blocks inappropriate content at the network edge.

So as an example, it is possible to block access to ads or porn sites. The latter being a notorious source of malware.

Fusion’s physical locations resilience benefit

Now that employees are geographically dispersed, the connectivity to the office has become important. It is crucial to ensure that this connectivity is 100% reliable.

Fusion’s ability to fuse multiple ISPs and connection types via a single CPE, significantly improves reliability and reduces support costs. In addition Fusion has tested and confirmed interoperability with leading fixed wireless solutions from RADWIN!

Access the application note dealing with this testing by referring to Application Note: Implementing SD-WAN from Fusion Broadband using Fixed Wireless from RADWIN. Fusion recommends a mix of fixed and fixed wireless to build resilience.

Fusion’s technical support benefit

Fusion’s technical team is available to share information and guide your adaption of SD-WAN in your organisation.

Read our previous articles:

Contact Fusion Broadband at [email protected] before your network is compromised and your business goes pear-shaped as a result.

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter