The combination of SD-WAN and 5G provides faster access to local networks while also enabling direct internet access to multi-cloud/SaaS applications (LAN/WLAN). When organizations use LTE/5G connections, it gives the branches more high-quality internet links for their cloud access. SD-WAN also has more ways to reach performance benchmarks, which improves the user experience. Using LTE/5G for fast cellular failover, active load balancing, and out-of-band management can be used to improve reliability and continue branch operations in the event of a wired outage. If cable or DSL connections are not available, the branches that need cloud access can use LTE/5G instead because it’s integrated into the SD-WAN fabric.
Cellular technology can be used for wireless WAN, but a wireless solution that is separated from SD-WAN makes deploying and managing branch connectivity more challenging. In addition, the companies that offer only wireless WAN capabilities may not be able to provide the security controls required to protect traffic.
Far too often, security is applied as an afterthought. When security solutions are deployed in silos so they are not well integrated with each other or the underlying network, security risks and gaps naturally arise as the attack surface expands and adapts.
These gaps and blind spots enable sophisticated multi-step cyberattacks and are partly responsible for the recent dramatic rise in successful ransomware attacks. When you open branches to the internet, security must be robust, multilayered, and integrated.
Organizations need a unified security framework to deliver an automated and reactive security posture that spans the entire attack surface. The framework needs to offer integrated security technologies and support the convergence of security and networking to improve productivity and the user experience.
For secure SD-WAN, the combined SD-WAN and LTE/5G solution must include a native and integrated set of multilayered security controls. To automate protections for both wired and wireless local breakouts, the solution should include controls like an intrusion prevention system (IPS), a next-generation firewall (NGFW), and a secure web gateway (SWG). In setting up an integrated LTE/5G SD-WAN solution, organizations should consider the following.
1. Make sure the cellular gateway is separated from the SD-WAN device
When deploying an integrated LTE/5G SD-WAN solution, the cellular modem should not be placed inside the SD-WAN device. If it is feasible, you can use a separate cellular gateway that is placed near a window for optimal reception. Then you can connect it to the SD-WAN device using an Ethernet cable, which isn’t expensive and delivers good signal quality.
2. Provide out-of-band management
Because wired service providers can experience outages, the LTE/5G SD-WAN solution should offer out-of-band management for branches, so a network operator can continue managing the branch and the devices during an outage.
3. Use a single dashboard for network management
When SD-WAN and LTE/5G technologies are integrated, a network administrator can use the same dashboard and operating system for network management. Splitting the management among vendors adds complexity and costs, but with an integrated solution, the administrator can set policies, metrics, and controls in SD-WAN, and have them applied to all LTE/5G connections. This consolidated management makes it easier to set up new branches, make network changes, and adjust connectivity policies that must be automated and applied to both wired and wireless connections at once.
4. Ensure 5G is included in analytics
Secure SD-WAN has graphical dashboards with rich network analytics, bandwidth predictions, and consumption controls that can provide enormous visibility and control, but it’s important to ensure that LTE/5G links are part of the equation.
A Platform Approach for Securing 5G
To secure public and private 5G, organizations need a broad, integrated, and automated cybersecurity mesh platform that provides centralized management and visibility, supports and interoperates across a vast ecosystem of solutions, and automatically adapts to dynamic changes in the network. Secure SD-WAN is part of the Fortinet Security Fabric, which is an integrated end-to-end security platform that provides the required security visibility, automation, and control across public and private 5G networks.
Learn how Fortinet’s FortiExtender 5G/LTE and dual modem gateways enhance secure SD-WAN for OT, retail & more.
Take a security-driven networking approach to improve user experience and simplify operations at the WAN edge with Fortinet Secure SD-WAN.