Wide area networks or “WAN” is how individual devices and networks communicate with each other across geographically separate locations, requesting and receiving data from hosted servers or applications such as Google or Spotify. WAN connections are typically internet connections, though they can also be logical links between business sites or data centres – essentially any connection that transports data between physically separate points.
WAN connections come in two distinct flavours; private and public. Private connections are favoured by businesses – they offer higher SLA’s and speeds, dedicated infrastructure and are generally viewed as inherently more secure. Public connections are favoured by residential users and are typically cheaper, subject to change (in terms of speed and availability) and utilise shared public infrastructure – none of which are very good for business use.
So how do you go about ensuring your connection to the outside world is secure?
- Edge security appliances (commonly known as firewalls) are the first line of defence. Through them you can set security policies for what sort of external sites and IP addresses you don’t wish your users to visit, as well as license them for deep packet inspection features such as Application Awareness, Intrusion Prevention and Anti-Malware (typically referred to as Next Generation Firewall or NGFW features)
- Utilise secure VPN when accessing business critical information stored off site. A VPN encrypts your data and obfuscates your source IP, making it infinitely harder to steal and use any data you may transmit externally, as well as masking where it came from, reducing the chance of any would-be external threat knowing where to send their malicious content.
- WAN architecture also plays an important role in security. There are many ways and concepts for this such as SD-WAN, MPLS and VPLS however the latest emerging technology in this area is SASE – Secure Access Service Edge. This is essentially the convergence of numerous WAN and network security services into a single cloud based “as a service” model. This gives you access to all the latest security services and advancements, without having to re-architect and re-invest in your network every 12 months.
All of these factors discussed across these past 3 articles contribute towards your ideal security posture as a business. The Cyber security war will never end, but every small victory in battle is another step gained in keeping your business and your users safe.