My WFH Story with Versa Secure SD-WAN (Part 3)
April 13, 2020
Part 3 of a 3 part series (read Part 1 and Part 2)
So, with the default configuration with minor LAN and NGFW customizations, what was I capable of using now at my home office?
- Always on VPN to corporate whether I was wired or wireless at my house
- Multi-link WAN with LTE providing me backup services to have 99.99% uptime for all my devices
- Prioritize my voice, video conferencing, O365, SFDC, Virtualization applications over Netflix, Hulu, PlayStation Network, Google Play Music, Spotify and other social media-oriented applications
- Secured my Internet with not only a NGFW but URL reputation and filtering [need to block those sites folks shouldn’t be visiting but also block things like advertisements], virus scanning for any and all email traffic and an NG-IPS for malware and vulnerability detection and protection
- Multi-pathing for Zoom and RingCentral and auto-QOS for these to be set for the highest priority so I can collaborate reliably with my coworkers, customers and partners
Now moving from the default was my next step to turn some other advanced features on. Specifically, I wanted to use Traffic Replication across my multi-link WAN for Zoom, VOIP and RingCentral. So, using the mobile application I enabled Replication for the Real Time category by simply clicking a box. I next did the same for the AWS cloud gateway I setup along with ensuring it was advertising itself as the next hop for Zoom and RingCentral across the Secure SD-WAN fabric. Why you ask did I do this?
Well I wanted to ensure I presented a single IP as the egress to these services and also be able to suffer a link or provider outage at my home and still be on a Video Conference call and have no one notice 😉 It also does wonders in demos where I can pull a link live during a Demo and instantly show:
- Sub-second failover of links across multiple mediums
- No impact to any voice or video calls during a hard-local outage
Another reason I do this is to show the end-to-end Application QOS with SLA based traffic steering as well. To do this I will initiate any large volume file transfers between a test site and my home office while on a demo or training session. This is to show the immediate throttling of non-Real time traffic and prioritization of Real Time traffic during heavy session or bandwidth usage across not only DIA (doing public IPERF/SpeedTest) but also SD-WAN fabric.
So, beyond the ease of configuration and auto-configuration of arguably complex features, I now have incredible visibility and analytics not only in the palm of hand [mobile app] but also within the dashboard. The Versa Titan service provides 3 levels of visibility:
- Simple and quick monitoring to capture immediate issues and usage [Dashboard and app]
- Historical and near real-time analytics for trending analysis and troubleshooting [Dashboard]
- Live monitoring of devices and sites [Dashboard]
So not only did I spend very little time in getting a Secure SD-WAN up and running but I have the visibility and monitoring to see what was on my network, how it was performing and even have deep logging and outputs of any threats that are being seen.
Since the beginning when I started on this journey, I have of course modified the architecture as the broader pre-sales team has expanded [other WFH users]. Now each of us on the team have an always-on VPN to access our critical work services, reliable traffic steering for our collaboration and communication tools while also segmenting our work services and traffic from our personal devices on the same CPE appliances we have all deployed.
The result has been that I have never been disconnected from corporate resources, rarely had issues with any voice and video conferencing and can provide a seamless experience for my work traffic and family internet usage without compromise. Moving forward I am excited to be able to configure more granular rule sets through the Versa Titan interface, setup some 3rd party VPN connections, deploy some Dual-LTE appliances and perhaps even deploy an HA (High availability) Active-Active pair at the home office just for kicks using the Versa Titan service and experience
Whether using the Versa Titan Secure SD-WAN cloud service for your corporate branch offices or your remote office workforce, you can reliably deploy:
Secure SD-WAN with full control to provide a better and secure business experience for all your IT organization and users.
Now for your viewing pleasure, a few screen grabs to show some of the ease of configuration, the interface and visibility that the team is using in our broader efforts.