Security in the MPLS vs WAAS Wars

WAN as-a-service (WAAS) is one of the most disruptive technologies to enter the WAN market over the last few years. The core tenant of WAAS is to do away with the costly and timely-to-deploy MPLS network. Any business with offices spread across several different countries now have a choice, global MPLS or WAAS. WAAS is the more simpler solution, with the only requirement being an Internet connection, router, and firewall with VPN capability. Most businesses already have an Internet connection and router/firewall in place, so all they need to do is configure the software, and WAAS will be up and running in minutes.

All of that is music to the ears of network engineers who were frustrated with MPLS. WAAS is very promising, but now the WAAS market is in the process of being disrupted itself by another threat, the cyber attack threat. In the WAAS model, each site requires an Internet connection and firewall, so users can access cloud applications like Salesforce. However, for companies with dozens of sites that require firewalls, that in itself is going to be an administrative nightmare, having to manage all those firewalls. Lets keep in mind that most IT departments are understaffed, and overworked. Having to manage a global firewall infrastructure is going to be a major undertaking. Firewall rules and polices need to be maintained regularly, and patches loaded promptly. Any hiccup that happens, such as misconfiguring a rule, and the attacker will feast on the opportunity to steal data.

With carrier MPLS, customers can sign up for MPLS, and each location will be an MPLS node that connects to the carrier network. Once in the carrier network, the carrier can provide next generation firewall and Internet access, where they manage the firewalls, rules, and software updates. So deploying WAAS is not as simple as it sounds, and it must be carefully evaluated taking into account the security risks of WAAS. In many cases, a hybrid approach might make sense, where a combination of carrier MPLS, and WAAS are used in a complimentary fashion.

MPLS vs WAAS
MPLS vs WAAS