We’re thrilled to announce that Versa has been recognized as an SD-WAN partner for Microsoft Entra at this year’s Microsoft Ignite Conference. This integration brings together Versa’s Secure SD-WAN and Microsoft Entra’s identity-centric security, providing a seamless blend of intelligent network connectivity and security. In an era of increasingly sophisticated cyber threats, this collaboration underscores our commitment to delivering end-to-end protection that strengthens network resilience while ensuring a superior user experience. Together with Microsoft, we’re advancing the future of secure, high-performance networking.
With sophisticated cyberattacks increasing year over year, organizations are scrambling to upgrade their access security and complement it with intelligent and secure transport at the WAN for improved end-to-end protection and performance. In any organization, it’s crucial to address every potential vulnerability, but we need to do so without compromising the user experience – even better if we can enhance it!
A one-two combo
The combination of Versa Secure SD-WAN with Microsoft Entra Internet Access addresses different aspects of potential vulnerabilities and hardens points of potential attack by building a robust and resilient security posture against a wide range of threats. Versa Secure SD-WAN complements Microsoft Entra Internet Access by providing agile, secure network connectivity with integrated network security for an optimized user and app experience.
Not only does this integration enhance security and connectivity, but it also simplifies the deployment process with automated workflows for assigning IP addressing, BGP AS Numbers and Microsoft regions for a complete integration. This all can be done from a single console which reduces time-to-production. Versa’s Secure SD-WAN integrates seamlessly with Microsoft Entra Internet Access, allowing organizations to establish secure IPsec tunnels effortlessly across cloud, on-premises, and hypervisor environments. This flexibility empowers businesses to adopt the deployment approach that best fits their needs while maintaining consistent security policies. With Versa’s detailed configuration guides, setting up this integrated solution is streamlined, enabling teams to achieve secure, high-performance connectivity without the complexity.
An application-aware SD-WAN
Versa’s SD-WAN provides Microsoft Entra customers with best-in-class traffic steering with first packet detection for apps such as Microsoft 365, along with many other capabilities. Versa’s carrier-class routing and intelligent path selection ensure efficient data transmission, low latency, high availability, and fault tolerance, while enabling efficient and dynamic routing decisions for an optimized user experience. Among its traffic-shaping capabilities, the SD-WAN is application-aware, which means that administrators can identify and prioritize transport for specific SaaS applications or application categories based on their criticality, helping prevent network congestion and ensuring that bandwidth is allocated appropriately for each application. See more details on Versa’s SD-WAN here.
An identity-centric SWG
Microsoft Entra Internet Access is an identity-centric Secure Web Gateway (SWG) for access to SaaS apps and internet traffic. A component of Microsoft’s Security Service Edge solution, it provides conditional access to enforce policies based on a user’s identity, location, risk level, device compliance, and other characteristics. You can also use Tenant Restriction regardless of operating system or browser, all while running a Continuous Access Evaluation (CAE) with the Compliant Network feature to mitigate token theft
Key capabilities for Microsoft Entra Internet Access include:
For more details, see the Microsoft Entra Internet Access data sheet here.
Microsoft 365 apps and general SaaS application traffic can be secured via Microsoft Entra Internet Access. With Versa Secure SD-WAN’s integrated security, network traffic can optionally be secured utilizing Versa’s NGFW and other security capabilities.
Flexible implementation options
Versa’s SD-WAN can be deployed either via cloud, hypervisor, or an on-prem bare metal appliance. The combination of Versa and Microsoft Entra Internet Access leverages IPsec tunnels between Versa and Microsoft Entra, although many deployment use cases are supported. The “base” use case is the Versa Secure SD-WAN deployed with one IPsec tunnel to Microsoft Entra Internet Access and a split tunnel via local breakout for all other internet-bound traffic. In this scenario, Versa can also optionally inspect egress internet traffic with the Versa NGFW/UTM capability.
Options include scenarios where some sites require a failover mechanism to Microsoft Entra, which can be accomplished via private transport backhauling.
Configuration guide available
To ensure the combined solution components work in harmony, Versa has developed best practices that you can follow with full configuration details for several use cases. See the solution guide for Versa Interoperability with Microsoft Entra Internet Access here.
Gartner Research Report