In today’s business environment, satellite offices are more important than ever. For the average enterprise, remote offices generate the vast majority of revenue — and 80% of users are located there. But in most organizations, security at the branch office is limited, if it exists at all.
Historically, enterprises used a wide area network (WAN) to connect branches to a data center, backhauling all traffic through a central corporate network. But new business and IT demands are challenging that architecture. The use of software as a service (SaaS) and infrastructure as a service (IaaS) applications, via multiple clouds, has become central to business operations. And every year, workers use more connected devices at more locations. Users need every one of those devices to have fast, reliable access to the internet, so they can be as productive as possible.

What changes are happening at remote offices?

The WAN was built to give branch offices and roaming users access to IT resources within private data centers. But today, as networks become more decentralized and users connect directly to SaaS applications, backhauling traffic to apply security policies just isn’t efficient. And that’s not the only problem. Backhauling internet-bound traffic is expensive, and it adds latency.(Read More:The Ultimate List of SD-WAN Benefits)

The adoption of software-defined WAN represents the largest WAN transformation in recent history. Organizations are turning to SD-WAN to improve connectivity, reduce costs, and simplify management at their satellite office locations. In fact, a recent research study from the Enterprise Strategy Group (ESG) found that 4 out of 5 organizations report using SD-WAN in some capacity already. The research also indicated that 79 percent of organizations are shifting to direct internet access (DIA) for all or some remote and branch offices. With DIA, enterprises can accelerate their digital transformation with faster access to cloud applications and workloads. While the benefits are clear, this also introduces new security challenges.(Read More:6 Ways SD-WAN Redefines Brand Networking)

68% of recent attacks involved branch offices and roaming  users as the
source of compromise.

What’s driving the need for branch office security?

Clearly, IT decision-makers have realized that they can accelerate growth, significantly decrease telecom costs, and improve network performance by allowing their branch offices and remote employees to connect directly to the internet. But as full or partial DIA increases, so do the risks — and not only because the attack surface has dramatically increased, although that’s a central part of the problem:

By 2022, as a result of digital business projects, 75% of enterprise-generated data will be created and processed outside the traditional, centralized data center or cloud.

Security + networking: An integrated approach

Security has to be top of mind as you transform your network with SD-WAN and move to DIA. Branch offices and roaming users are more vulnerable to attacks, and attackers can quickly exploit weaknesses. Scaling security at every location often means more appliances to ship and manage and more policies to separately maintain, which translates into more money and resources needed.

But it doesn’t have to be that way. SD-WAN makes your networking simple, and that’s the way that your security should be, too. At Cisco, we believe that branch-to-cloud-edge architecture can and should be integrated to provide better security and better networking.

Secure the cloud edge with a secure internet gateway.

Cisco Umbrella is a secure internet gateway (SIG) that provides the first line of defense against threats on the internet wherever users go, starting with DNS-layer enforcement. Just point your DNS to Umbrella, and deploy a layer of protection to stop threats before malware can ever reach your network or endpoints. Beyond the DNS layer, Umbrella delivers a secure web gateway, cloud-delivered firewall, cloud access security broker, and interactive threat intelligence in a single, integrated cloud platform.

To read full download the whitepaper:
Network Security for SD-WAN