Examining the role of Secure SD-WAN in the retail space

The convergence of network and security allows operators in the retail industry to minimize risks while optimizing the customer experience. In an episode of the Packet Pushers podcast, Fortinet CISO for Retail, Courtney Radke, and Batteries Plus Infrastructure Architect Jason Thelen sat down to discuss the role of Secure SD-WAN in the retail space. 

 

The Retail Industry Failover and Security Challenges

 

Many retailers have traditionally relied on back-up connectivity alone for business continuity in the event their primary internet connection went down. If their connection went down entirely, they may have only missed out on a small portion of potential sales. But that is not the case today. With robust applications being critical to retail operations and the digital “always on” experience being the table-stakes, retailers can no longer take the same approach to connectivity as they did just a few years ago.

 

For example, before recent upgrades, Batteries Plus used a less sophisticated firewall with dedicated Internet Protocol security (IPsec) connections that lacked an automated way to failover to a secondary connection. So if a store’s primary internet connection went down, it would take several minutes to connect to an LTE backup device, call into the help desk, or get their virtual private network (VPN) password reset. When these outages occurred, they would lose sales as customers could not be adequately supported and would unfortunately walk out the door. 

 

Security is also a significant concern for retailers, particularly because they are responsible for ensuring customer data (i.e., credit card numbers, personal information, etc.) is kept safe. A conflict emerges, however, when beefing up security leads to a less efficient system full of delays, or conversely, when security is sacrificed in favor of customer experience. 

 

The Role of SD-WAN in the Retail Industry

 

Software-defined wide-area network (SD-WAN) solutions can provide retailers with flexibility and automation, allowing for rapid architecture changes, optimization of multiple active connections, and seamless failover when outages occur. Retail is all about customer experience, and SD-WAN is built in a way that protects and enables that experience. 

 

Batteries Plus has incorporated SD-WAN into their current setup, which uses a terrestrial circuit and an LTE circuit in combination. Most traffic is prioritized over the terrestrial connection during regular use, with a fraction of it occurring through LTE – but when one circuit goes down, or is in a state that doesn’t meet business SLAs, the other one picks up the load. Since this move, operations have changed dramatically. “We no longer dread the day our terrestrial connections go down,” says Thelen. “Today, we have stores failover seamlessly between their primary connection to their cellular backup.” 

 

Another significant feature of SD-WAN in the retail space is that it enables the business to open new sites very quickly since there is no longer a need to wait weeks for circuit provisioning. Instead, users can plug in whatever circuit they want and have it ride on an SD-WAN backbone, supporting an “always-on” experience. As a result, retailers are able to focus on running the business instead of micro-managing the network without worrying about sacrificing performance. “Over the last few years, and definitely over the last 12 months, we’ve seen SD-WAN really go from a ‘nice-to-have’ to a ‘have-to-have’,” says Radke.

 

SD-WAN and the Retail Industry Security

 

While all SD-WAN solutions promise greater flexibility, rapid failover capabilities, and more, it’s important to note that not all SD-WAN solutions are created equally, particularly when it comes to security. In fact, many don’t come with their own security at all, instead requiring a security overlay or bolt-on solution provided by the customer, or forgone entirely, which can lead to more expensive, inefficient and unsecure setups.

 

Fortinet’s Secure SD-WAN solution, however, takes a security-driven network approach that consolidates SD-WAN, next-generation firewall (NGFW), and advanced routing capabilities to enable superior quality of experience at scale, the ability to orchestrate consistent network and security policies, achieve operation efficiencies, and more. “The threats are real,” says Radke. “But Fortinet’s SD-WAN is Secure SD-WAN.” 

 

According to Thelen, “We definitely sleep better at night knowing that’s all baked into the product.” He further cites the tremendous degree of confidence that comes with Fortinet’s security standing as a primary reason for choosing Fortinet for Batteries Plus’ SD-WAN solution. 

 

The Additional Benefits of Secure SD-Branch 

 

After replacing aging WAN connections with Secure SD-WAN to boost unified communications, better enable interconnectivity, and fully integrate security, retail organizations should consider incorporating a Secure SD-Branch solution, as well.

 

Secure SD-Branch integrates SD-WAN technology with network access to deliver an even more secure and manageable remote branch. “SD-WAN is all about protecting that experience and making sure that you’re getting the best investment from your transports,” says Radke, “And SD-Branch is all about getting the best investment from a long-lived infrastructure.”

 

This more comprehensive secure SD-Branch solution not only incorporates secure SD-WAN, making things easier to manage and more secure, but it also allows retailers to embrace a zero trust approach in its entirety. “When you start to think about your switches, APs, and firewalls in an integrated way, zero trust is much easier,” says Radke. “And moving to a zero trust methodology is honestly where everyone should be going.”

 

Fortinet is named a Leader in the 2021 Gartner® Magic Quadrant™ for WAN Edge Infrastructure (Gartner, Magic Quadrant for WAN Edge Infrastructure, Jonathan Forest, Naresh Singh, Andrew Lerner, Evan Zeng, 20 September 2021.) Fortinet Secure SD-WAN can extend SD-WAN with cloud-delivered security to protects all edges, deliver a world-class user experience and reduce costs and complexity.