Full-featured SD-WAN Solution Deep Dive

Learn about the capabilities you should expect to find in a full-featured SD-WAN design and how these features operate within the larger Secure SD-WAN architecture.

SD-WAN Growth Report 2020

Futuriom outlines the market trends for SD-WAN in their June 2020 report and provides their predictions for growth and change in the space.

Versa Redefines McLarens F1 Speed Strategy

NTT Communications and Versa Networks provide McLaren with reliability, security, stability, and flexible management of their data traffic flows so they can set up a secure, optimized network connectivity in preparation of race weekend.

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

 
Gartner Magic Quadrant for WAN Edge Infrastructure, 2020

Gartner 2020 Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

The Secure
SD-WAN Blog

Customers & Partners

How Service Providers Can Leverage Software-Defined Security (SD-Security)

versa-staff
By Versa Staff
Versa Networks
February 16, 2017

In our last post, we talked about the benefits of network function virtualization (NFV) for managed service providers. Taking a step further, we’ll now examine how providers that deploy NFV can further benefit from this rapidly growing industry trend of evolving previously hardware-centric networks by leveraging security technologies into software-based services.

A core element of NFV is the virtualized network function (VNF), which is a software-based or virtualized version of a specific function such as a next-generation firewall (NGFW). Employing VNFs goes far beyond just converting from point hardware to virtualized software instances such as an NGFW. VNFs, which are centrally managed, policy orchestrated, zero-touch provisioned and service-chained, address many of the operational challenges noted earlier (that virtualized single instances are still prone to).

Applying NFV (and VNFs) to enterprise security and managed security services results in the ability to software-define security in terms of both form-factor and operations (policy creation and enforcement). These benefits are compounded by the fact that software-defined security (SD-Security) created from NFV de-couples security functions from proprietary hardware, enabling security functions in software to run on commodity x86 servers and appliances.

Another key aspect of SD-Security using NFV is its ability to service-chain to easily achieve multi-layer security. For example, a SD-WAN provider can service-chain a NG Fire Wall and secure web gateway to provide security for direct Internet access. Because the traffic flow has been service-chained centrally, each branch office is easy to deploy using a centralized orchestration tool.

Other advantages to creating a software-defined managed security service or enterprise deployment include:

  • Elasticity: When deploying branch security through a software-defined and NFV-based model, capacity can easily and dynamically be scaled up or down without having to replace proprietary security appliances. For example, a branch firewall can be doubled in capacity in minutes using commands from the central provisioning portal, with no truck roll or firewall appliance swap-out required.
  • Flexible and distributed service architecture: With the advent of NFV, SD-WAN providers and large enterprise have the capability (and flexibility) to decide where to run each layer of required security – either on-premises in the branch office or centrally in the data center or PoP. For example, compute-intensive services such as malware sandboxing, intrusion prevention (IPS) and anti-virus (AV) filtering can be run centrally, while services that are key in the branch, such as a firewall and a web gateway for securing direct Internet access, can be run locally.
  • Centralized, automated operations: A software-defined and NFV-based approach to security also provides a way to deliver services from a single point of control, avoiding the challenging requirement for skilled personal available to be on-site whenever needed. Instead, services can be deployed, increased in capacity and enhanced with additional functions, all without requiring any on-site presence, hardware refreshes or manual provisioning. Also, if a particular customer site (or sites) requires a different set of security functions, it can be configured individually from a single management portal within a few minutes instead of in days or weeks.

In summary, the best SD-Security solution is the one that fits your enterprises’ needs. This flexibility is actually one of the widely touted advantages in the move towards SDN, NFV and virtual CPE. So it comes as no surprise that vendors are gravitating towards a software-defined architecture that encompasses all the different needs of the valuable enterprise WAN and branch network market. The recent IHS Infonetics survey is a case-in-point; according to this survey of service providers controlling 43 percent of worldwide telecom CapEx, 95 percent have deployed or evaluated NFV in 2016. One hundred percent will evaluate NFV by 2017.