Versa SD-WAN and Microsoft Entra Combine for End-to-End Networking and Security

Maurice Landrum
By Maurice Landrum
Solution Architect
November 19, 2024
in
Share
Follow

With sophisticated cyberattacks increasing year over year, organizations are scrambling to upgrade their access security and complement it with intelligent and secure transport at the WAN for improved end-to-end protection and performance. In any organization, it’s crucial to address every potential vulnerability, but we need to do so without compromising the user experience – even better if we can enhance it!

A one-two combo

The combination of Versa Secure SD-WAN with Microsoft Entra Internet Access addresses different aspects of potential vulnerabilities and hardens points of potential attack by building a robust and resilient security posture against a wide range of threats. Versa Secure SD-WAN complements Microsoft Entra Internet Access by providing agile, secure network connectivity with integrated network security for an optimized user and app experience.

Not only does this integration enhance security and connectivity, but it also simplifies the deployment process with automated workflows for assigning IP addressing, BGP AS Numbers and Microsoft regions for a complete integration. This all can be done from a single console which reduces time-to-production. Versa’s Secure SD-WAN integrates seamlessly with Microsoft Entra Internet Access, allowing organizations to establish secure IPsec tunnels effortlessly across cloud, on-premises, and hypervisor environments. This flexibility empowers businesses to adopt the deployment approach that best fits their needs while maintaining consistent security policies. With Versa’s detailed configuration guides, setting up this integrated solution is streamlined, enabling teams to achieve secure, high-performance connectivity without the complexity.

An application-aware SD-WAN

Versa’s SD-WAN provides Microsoft Entra customers with best-in-class traffic steering with first packet detection for apps such as Microsoft  365, along with many other capabilities. Versa’s carrier-class routing and intelligent path selection ensure efficient data transmission, low latency, high availability, and fault tolerance, while enabling efficient and dynamic routing decisions for an optimized user experience. Among its traffic-shaping capabilities, the SD-WAN is application-aware, which means that administrators can identify and prioritize transport for specific SaaS applications or application categories based on their criticality, helping prevent network congestion and ensuring that bandwidth is allocated appropriately for each application. See more details on Versa’s SD-WAN here.

An identity-centric SWG

Key capabilities for Microsoft Entra Internet Access include:

  • Web Content Filtering
  • Conditional Access
  • Compliant Network
  • MFA
  • Traffic Forwarding

Flexible implementation options

Versa’s SD-WAN can be deployed either via cloud, hypervisor, or an on-prem bare metal appliance. The combination of Versa and Microsoft Entra Internet Access leverages IPsec tunnels between Versa and Microsoft Entra, although many deployment use cases are supported. The “base” use case is the Versa Secure SD-WAN deployed with one IPsec tunnel to Microsoft Entra Internet Access and a split tunnel via local breakout for all other internet-bound traffic. In this scenario, Versa can also optionally inspect egress internet traffic with the Versa NGFW/UTM capability.

Options include scenarios where some sites require a failover mechanism to Microsoft Entra, which can be accomplished via private transport backhauling.

Configuration guide available

To ensure the combined solution components work in harmony, Versa has developed best practices that you can follow with full configuration details for several use cases. See the solution guide for Versa Interoperability with Microsoft Entra Internet Access here.

Recent Posts













Gartner Research Report

2024 Gartner® Magic QuadrantTM for SD-WAN

For the fifth year in a row, Versa has been positioned as a Leader in the Gartner Magic Quadrant for SD-WAN. We are one of only three recognized vendors to be in the Gartner Magic Quadrant reports for SD-WAN, Single-Vendor SASE, and Security Service Edge.