SASE ROI Calculator

SASE can save your company a lot of money. Use the industry’s-first SASE ROI calculator to quantify the cost savings you can achieve in services, asset consolidation, and labor when deploying Versa SASE.

SASE ROI Calculator

SASE can save your company a lot of money. Use the industry’s-first SASE ROI calculator to quantify the cost savings you can achieve in services, asset consolidation, and labor when deploying Versa SASE.

Top Energy Firm Achieves Comprehensive “Work-From-Anywhere” with Versa SASE

A large, publicly traded energy company operating in all areas of the oil and gas industry has dramatically simplified their network stack and realized huge cost savings with Versa SASE.

Availability and Buying Options in the Emerging SASE Market

EMA evaluates the different SASE vendors and their approaches to architecture, go-to-market, and support for their cloud-delivered and hybrid services.

Gartner Magic Quadrant for WAN Edge Infrastructure

Gartner Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

Versa SASE (Secure Access Service Edge)

SASE is the simplest, most scalable way to continuously secure and connect the millions points of access in and out of the corporate resources regardless of location.

Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

The Modern Secure
Network Blog

Customers & Partners

My WFH Story with Versa Secure SD-WAN (Part 2)

By Robert McBride
Sales Engineer
April 9, 2020

Part 2 of a 3 part series (read part 1 and part 3)

Now, my journey. I requested a Versa Cloud Services Gateway appliance, specifically the CSG750-WLA (that’s our 750 series appliance with an integrated Wi-Fi AP (Access Point) and an integrated cellular modem for LTE). I submitted a request to our Versa Titan operations team [sent an internal PO] to create my organization and provide me with licenses for 4 sites – each license was the Versa Titan CSG750-Advanced Security software license. The Advanced security license provides routing, SD-WAN, NGFW, URL Filtering, AV and NG-IPS [for those who are curious the Versa Titan Enterprise base software license provides everything but AV and NG-IPS]. Sure, while I am a Versa Networks employee, you could argue acquiring this is straightforward, but I wanted to also test the purchasing and orchestration elements of the Versa Titan Service [similar to how a customer or partner would engage with us]. After submitting the order, I was provided with my “Welcome Email” to do the following:

Login to the Versa Titan Cloud Portal and set my initial password along with download a mobile application [for me I am an Android guy, so I went to the Google Play Store to download the Versa Titan mobile app].  After logging in I simply dragged a license onto the dashboard to create my first site, my home office. My site was pre-configured for everything prior to me even touching any configuration knobs. What was pre-configured you ask?

  • Each WAN port (2) was preconfigured for Split-tunnel functionality [VPN and Internet]
  • LTE was preconfigured to back up my wired WAN links
  • Wi-Fi came preconfigured with multiple SSIDs [Corporate for VPN access (SDWAN) and Guest for DIA only)
  • LAN ports all came preconfigured with IP addresses and DHCP Server pools
  • Security was preconfigured for URL Categories and Reputation, AV scanning for email and NGIPS was preset for a Versa Recommended profile
  • SDWAN Traffic Steering was preconfigured with 4 intuitive categories (Real Time, Business Critical, Default and Low Priority)
  • Application QOS was preconfigured to match each category: Real Time was EF, Business Critical was AF, Default was default priority and Low Priority was given no priority queue)
  • Each category was preconfigured for relevant SDWAN SLA parameters (low latency, jitter, delay) per each category type along with having applications already pre-added for identification
  • DIA (or local internet breakout) was also pre-configured for load-balancing and to prioritize traffic based on the same Application QOS configuration mentioned above.

At this point I only changed a few parameters (LAN side addressing) and NGFW policies to protect lateral communication between two different network segments along with some policies I wanted to explicitly allow. I then hit “Deploy” and selected Bluetooth from a selection of three possible activation methods [Bluetooth, Wi-Fi and GZTP (Global ZTP)].  This took me about 5 minutes from setting up my password, it took me longer to unbox the CSG, power it up, cable it and cable my other in-home devices and switches. I then logged into the mobile application I downloaded on my Google Pixel XL, selected my office [my site] and was presented immediately with a notice to “Activate Device”.  With the CSG powered on, I hit activate.

My phone, using the Mobile app, discovered the Versa CSG appliance, authenticated and began to configure it right out of the box out-of-band with the configurations I mentioned above. In about 7 minutes, my CSG had rebooted and the mobile application then indicated to me that my Versa Titan appliance and site was successfully deployed and activated.  Voila! In about 12 minutes with minimal touch and effort I had successfully deployed my first Versa Secure SD-WAN site. I replicated this process for a few virtual instances to setup the rest of my fabric and broader network:

  • Virtual instance in AWS (cx5.large instance type) to act as a cloud gateway specifically for my Zoom and RingCentral traffic (I could have also used the system of Versa Cloud Gateways, but opted to deploy my own for testing)
  • Virtual appliance (VM on a KVM hypervisor) as a test site

This whole process for 3 locations took about 20 minutes [took me longer to launch my CloudFormation template to deploy Versa Operating System VOS™ as a cloud-gateway and wait for AWS to do its thing]

For my fourth site, I needed some help from a colleague at our corporate office to cable up an appliance and activate it for me at headquarters. After creating a temporary Enterprise User account [limited control] in my organization for them, talked them through it over a Zoom with screensharing and again <10 minutes later the corporate Versa Titan site was online.

Logged into the portal and within a few seconds of successful activation notice, I was able to see my sites all online and green. My initial architecture was using our default topology setting which was Full-Mesh (Because of various demos and expanding the team I have moved to a hybrid topology – both Full Mesh for some sites and Hub-and-Spoke for others). What this means is that by default every site I turned up created an SD-WAN IPsec tunnel to each other and began redistributing LAN side routes into the SD-WAN fabric. Route redistribution and updates all happened without me needing to configure anything, our default configuration ensures any site in the same organization will build SD-WAN tunnels. It is also worth noting that the only thing I had to activate or do was the following:

  • Change my account password
  • Create the sites
  • Slightly modify and customize my site-specific configurations for LAN side parameters [since I had an existing IP schema]
  • Add a temporary Enterprise User for some on-site assistance in San Jose to activate a Versa Titan CPE at HQ

What I did NOT have to do was the following:

  • Install an orchestrator and management application
  • Install and configure any provisioning servers, nodes, or staging servers
  • Install any SDWAN Controllers
  • Configure any templates from scratch
  • Configure any SDWAN Traffic steering policies and SLAs from scratch
  • Configure any QOS policies or schedulers
  • Create any zones
  • Create any virtual routers
  • Create any CGNAT policies or rules for DIA
  • Create any split-tunnels parameters
  • Add interfaces [LAN, Wi-Fi or WAN]
  • Create any IPS profiles
  • Create any URL Filtering or Reputation rules and profiles
  • Configure any VPN settings

Everything above was done already due to the Versa Titan service hosted in the cloud. Leveraging our multitenant capability across the stack, my organization was created as a sub-tenant to the larger Versa Titan Cloud service, which also provided my organization with pre-configured templates to deliver secure branch connectivity (e.g. Secure SD-WAN). I only needed to worry about the branches [sites]

In part 3 I share all the things my home office is equipped to do by default and share details about the advanced features I enabled for my home deployment of Versa Secure SD-WAN.