SASE ROI Calculator

SASE can save your company a lot of money. Use the industry’s-first SASE ROI calculator to quantify the cost savings you can achieve in services, asset consolidation, and labor when deploying Versa SASE.

SASE ROI Calculator

SASE can save your company a lot of money. Use the industry’s-first SASE ROI calculator to quantify the cost savings you can achieve in services, asset consolidation, and labor when deploying Versa SASE.

Top Energy Firm Achieves Comprehensive “Work-From-Anywhere” with Versa SASE

A large, publicly traded energy company operating in all areas of the oil and gas industry has dramatically simplified their network stack and realized huge cost savings with Versa SASE.

Availability and Buying Options in the Emerging SASE Market

EMA evaluates the different SASE vendors and their approaches to architecture, go-to-market, and support for their cloud-delivered and hybrid services.

Gartner Magic Quadrant for WAN Edge Infrastructure

Gartner Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

Versa SASE (Secure Access Service Edge)

SASE is the simplest, most scalable way to continuously secure and connect the millions points of access in and out of the corporate resources regardless of location.

Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

The Modern Secure
Network Blog

Customers & Partners

How Service Providers Can Leverage Software-Defined Security (SD-Security)

By Versa Staff
Versa Networks
February 16, 2017

In our last post, we talked about the benefits of network function virtualization (NFV) for managed service providers. Taking a step further, we’ll now examine how providers that deploy NFV can further benefit from this rapidly growing industry trend of evolving previously hardware-centric networks by leveraging security technologies into software-based services.

A core element of NFV is the virtualized network function (VNF), which is a software-based or virtualized version of a specific function such as a next-generation firewall (NGFW). Employing VNFs goes far beyond just converting from point hardware to virtualized software instances such as an NGFW. VNFs, which are centrally managed, policy orchestrated, zero-touch provisioned and service-chained, address many of the operational challenges noted earlier (that virtualized single instances are still prone to).

Applying NFV (and VNFs) to enterprise security and managed security services results in the ability to software-define security in terms of both form-factor and operations (policy creation and enforcement). These benefits are compounded by the fact that software-defined security (SD-Security) created from NFV de-couples security functions from proprietary hardware, enabling security functions in software to run on commodity x86 servers and appliances.

Another key aspect of SD-Security using NFV is its ability to service-chain to easily achieve multi-layer security. For example, a SD-WAN provider can service-chain a NG Fire Wall and secure web gateway to provide security for direct Internet access. Because the traffic flow has been service-chained centrally, each branch office is easy to deploy using a centralized orchestration tool.

Other advantages to creating a software-defined managed security service or enterprise deployment include:

  • Elasticity: When deploying branch security through a software-defined and NFV-based model, capacity can easily and dynamically be scaled up or down without having to replace proprietary security appliances. For example, a branch firewall can be doubled in capacity in minutes using commands from the central provisioning portal, with no truck roll or firewall appliance swap-out required.
  • Flexible and distributed service architecture: With the advent of NFV, SD-WAN providers and large enterprise have the capability (and flexibility) to decide where to run each layer of required security – either on-premises in the branch office or centrally in the data center or PoP. For example, compute-intensive services such as malware sandboxing, intrusion prevention (IPS) and anti-virus (AV) filtering can be run centrally, while services that are key in the branch, such as a firewall and a web gateway for securing direct Internet access, can be run locally.
  • Centralized, automated operations: A software-defined and NFV-based approach to security also provides a way to deliver services from a single point of control, avoiding the challenging requirement for skilled personal available to be on-site whenever needed. Instead, services can be deployed, increased in capacity and enhanced with additional functions, all without requiring any on-site presence, hardware refreshes or manual provisioning. Also, if a particular customer site (or sites) requires a different set of security functions, it can be configured individually from a single management portal within a few minutes instead of in days or weeks.

In summary, the best SD-Security solution is the one that fits your enterprises’ needs. This flexibility is actually one of the widely touted advantages in the move towards SDN, NFV and virtual CPE. So it comes as no surprise that vendors are gravitating towards a software-defined architecture that encompasses all the different needs of the valuable enterprise WAN and branch network market. The recent IHS Infonetics survey is a case-in-point; according to this survey of service providers controlling 43 percent of worldwide telecom CapEx, 95 percent have deployed or evaluated NFV in 2016. One hundred percent will evaluate NFV by 2017.