Opaq: Replacing MPLS With SD-WAN Helps Save Money, Boost Security
Businesses that rip up legacy MPLS and replace it with SD-WAN will cut down on infrastructure costs and obtain superior security, an Opaq executive said.
Derek Gabbard, senior vice president of partnerships and channels at the Herndon, Va.-based cybersecurity vendor, said a multi-protocol label switching (MPLS) network requires a difficult infrastructure to be deployed and managed separately at each customer location. At the same time, Gabbard said companies using MLPS have to manage their cloud connections as well.
"It [MPLS] is a dying technology," Gabbard said during a session at XChange 2018, hosted by CRN parent The Channel Company. "I think carriers are trying to extract all of the capital they can out of it before it's completely replaced by the kinds of stuff we're doing in software-defined wide-area networking."
[Related: CRN Exclusive: Opaq Networks Combats Lateral Attacks With New Network Segmentation Feature]
Opaq can eliminate all the security infrastructure associated with MPLS by taking a company's edge devices, sticking them at a customer location, and routing an encrypted tunnel from the company's engine to the cloud, according to Gabbard.
Opaq can run the tunnel through the entirety of the security stack living in the cloud, he added, making it so that the internet provides a direct connection to the customer's cloud infrastructure in Amazon Web Services, Microsoft Azure or the Google Cloud Platform.
Once the MPLS goes away, Gabbard said businesses are able to move away from commodity broadband to paying a lot less for connectivity while getting a far higher level of security in the stack than they would have seen in the previous configuration.
In addition, customers and partners capitalizing on SD-WAN no longer have to deploy, manage, upgrade or otherwise care for infrastructure, Gabbard said. Since the security infrastructure is being deployed in the middle of Opaq's cloud, Gabbard said all a partner needs to do is connect to enjoy all the benefits.
Fusing SD-WAN and security together rather than relying on MPLS will allow customers to reduce their costs, making it possible for them to more quickly address other deficiencies in their portfolio that had been pushed out into the future, said Kelvin Justice, COO of Enfuego Solutions.
Enfuego is currently using separate vendors for SD-WAN and firewall, and Justice said having an offering that fully integrates the two together would be completely new for the Dallas-based solution provider.
"It should reduce the cost to the customers," Justice said. "And our headache as well."
Even though the technology is no longer on-premises, Gabbard said partners and customers still retain the ability to generate more clouds and manage the entire security stack as well as individual components of the stack. All told, Gabbard said customers can expect a cost savings of roughly 60 percent from ripping up and replacing their MPLS.
Customers looking to leverage Opaq's offering can be configured and operational in less than two weeks, Gabbard said, due to a one-box deployment that takes advantage of Opaq putting the tunnel capability at the edge of the network.Customers also will enjoy superior security thanks to Opaq's internal capabilities as well as the strength of its partnerships, according to Gabbard.
The stack includes multifactor authentication from Duo and Microsoft; DDoS protection and web application firewall and filtering from Cloudflare; and malware, intrusion detection and prevention, and endpoint agent functionality from Palo Alto Networks, Gabbard said.
Opaq itself handles the backup and routing, Gabbard said, and assists with the endpoint agency functionality to help with managing user IDs as well as application and user access.
"Security hasn't really caught up with that in terms of being delivered through a utility model, a consumption-based model," Gabbard said. "There's a lot going on here."