August 24, 2020 | Trent Pham

The evolution of security driven by the advancements in network designs

Other WE Blogs
Trent Pham, Head of Product, Security Services

Trent Pham

Trent is responsible for WE’s enterprise security service strategy, development, and lifecycle management. He joined Windstream in 2016 and has 20 years of security product management experience with communication service providers and security service providers.

Securing the perimeter

During the late 90s, enterprises invested in expensive, high-capacity (e.g., T3 and OC3) connections as they raced towards the burgeoning online world to support their B2C and B2B initiatives. The servers, applications and databases to support this were hosted in data centers, which made it convenient to provide centralized Internet access to all of their business locations.  Enterprises, recognizing the dangers of the Internet deployed firewalls to protect and control access to their systems, applications and network.

The evolution of security enhancements

The next 15 years saw a rise in data center services as many enterprises initially embraced colocation, then dedicated hosting, and eventually cloud.  Security followed a similar evolution in the same environment, initially using dedicated firewalls then multitenant platforms, and eventually virtual firewalls.  A virtualized firewall compared to its physical brethren requires no space, less power, and can be orchestrated.  The security benefits of a stateful firewall were now available as software, setting the stage for the ascent of secure SD-WAN solutions.

Transition to SD-WAN

Coinciding with the shift to cloud computing, WANs became virtualized with software-defined networking (SDN), which separated the control plane (i.e. networking decision making) from the data plane. Software-Defined WAN (SD-WAN)’s ability to use inexpensive broadband connections to build faster and more reliable WAN connections brought numerous Internet circuits to the doorsteps of branch offices and other remote locations. Securing the SD-WAN locations meant the deployment of a physical firewall to every location or using a service provider’s network-based firewall to provide a single point of enforcement in the cloud.    

Today, Network Functions Virtualization (NFV) architecture for SD-WAN is both a branded appliance running on proprietary hardware and a Virtual Network Function (VNF) running on universal CPE. Both options can support a service chained firewall VNF incorporating advanced, policy-away network and security functionalities. Sharing local computer and cloud management resources can provide meaningful cost efficiencies and agility. Deployment of new security capabilities is no longer dependent on equipment delivery and truck roll, giving customers the flexibility to adapt their network security approach to the new distributed enterprise perimeter.

In the case of Windstream Enterprise’s new MNS-VNF service, the same security capabilities from Fortinet that previously only ran on dedicated appliances now run as software. That means businesses can deploy an integrated solution with Windstream Enterprise ’s SD-WAN VeloCloud edge device starting immediately, with other technology options like universal CPE as a supported option in the future.  As with any Windstream Enterprise product, visibility and control remain simple with our award-winning WE Connect portal.

Peace of mind is also a consideration. As it’s estimated that a business will fall victim to a security attack every 11 seconds by 2021*, businesses are hard-pressed to protect their networks as quickly and comprehensively as possible. As a leader in managed services for 20 years, Windstream Enterprise ’s security expertise, tools and services help businesses remove tactical security burdens and free up valuable IT resources to focus on more strategic initiatives.

Get in touch for more details

If you think the MNS-VNF could benefit your organization, reach out to our security experts.  We’ll answer any question you may have and recommend the best solutions to accelerate your business.

* 2019 Official Annual Cybercrime Report, Herjavec Group.


Head of Product, Security Services

Trent Pham

Trent is responsible for WE’s enterprise security service strategy, development, and lifecycle management. He joined Windstream in 2016 and has 20 years of security product management experience with communication service providers and security service providers.