Secure Access Service Edge (SASE)

Secure Access Service Edge, or SASE, is an emerging cybersecurity concept. In this video, you understand how the key capabilities of SASE address the demands of growing network sprawl and the challenges of digitally transforming your business.

Versa for Work-From-Home

Versa has made it simple for organizations to offer Secure SD-WAN for Work-From-Home users on home appliances or working from anywhere

Top Energy Firm Achieves Comprehensive “Work-From-Anywhere” with Versa SASE

A large, publicly traded energy company operating in all areas of the oil and gas industry has dramatically simplified their network stack and realized huge cost savings with Versa SASE.

 
Availability and Buying Options in the Emerging SASE Market

EMA evaluates the different SASE vendors and their approaches to architecture, go-to-market, and support for their cloud-delivered and hybrid services.

 
Gartner Magic Quadrant for WAN Edge Infrastructure, 2020

Gartner 2020 Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

 
Versa SASE (Secure Access Service Edge)

SASE is the simplest, most scalable way to continuously secure and connect the millions points of access in and out of the corporate resources regardless of location

The Modern
Network Blog

Product & Engineering

Why Analytics is Critical for True SD-WAN

roopa-bayar
By Roopa Bayar
Principal Software Architect, Versa Networks
January 18, 2021

WANs (Wide Area Networks) allow companies to extend their computer networks to be able to connect remote branch offices to data centers, public cloud, SaaS applications, and other internet-delivered applications and services that are required to perform essential business functions. Applications and connectivity are the lifeblood of all organizations today. The ability to connect users predictably and securely across branches, HQ, data centers, public clouds, etc. is the key to their success. However, more applications mean more demands on the network – and more demands on the teams that run them.  

In addition, WANs face operational challenges, including network congestion, delay variationpacket loss, and sometimes service outages. UCaaS applications such as VoIP, videoconferencing, streaming media, and virtualized applications such as VDI  demand low latency in order to be able to perform basic business functions. In a time where employees are working from home, bandwidth requirements are dramatically increasing. To meet these new demands, IT teams can find it difficult to scale WAN capability, with corresponding difficulties related to network management and troubleshooting. A true SD-WAN solution solves the present issues that are ailing traditional WAN solutions. A true SD-WAN solution should always have a comprehensive analytics solution.  

What to Expect from Your SD-WAN Analytics Solution 

The analytics solution in a true SD-WAN provides visibility beyond just SD-WAN monitoring. For example, holistic visibility at network applications and security is needed. Visibility plays an important role since day-to-day monitoring is crucial in understanding the ongoing operational impact of SD-WAN. Visibility also enables critical performance levels to be monitored as deployments are scaled out. Your analytics solution should provide the following: 

  • Comprehensive visibility and control of users, applications, network, and security 
  • Data correlation across multiple endpoints and services for actionable insights 
  • AI/ML-based predictive networking, anomaly detection, and trends 
  • A high performance, scalable, and reliable Big-Data Analytics platform   
  • Multitenant solution for deployment, flexibility, and economy of scale 
  • On-Premises or Cloud deployment options 
  • Geo-Redundancy 
  • Connectors for interfacing with a wide range of 3rd Party SIEM and monitoring systems  
  • Compliance with regulations such as GDPR 
How to Leverage Analytics to Increase Cost Efficiency

A Secure SD-WAN network may have thousands of edge devices (CPEs) in various deployment topologies like full-mesh, hub and spoke, partial mesh, or spoke-hub-hub-spoke. These edge devices will have several services running on them such as SD-WAN, NextGen Firewall, Unified Threat Management, Routing, CGNAT, WAN Optimization, Switching, and more.  For these devices and traffic flowing through your network, a centralized analytics and management platform will provide end-to-end visibility and control at the user, application, network, and security level. 

To achieve visibility, the analytics platform needs to be able to collect data from multiple edge devices and services. Large volumes of data are streamed to the central analytics solution where the data needs to be processed, requiring resources. In order to compute all the data, the analytics platform needs to be high performance, scalable, and reliable with dedicated memory and storage resources. If the analytics platform software is not designed correctly, organizations can easily be saddled with unforeseen costs. A correctly designed analytics platform can greatly increase cost efficiency by offering the following: 

  1. Multi-Tenancy with Role-Based Access Control helps managed service providers and large enterprises share platform resources across tenants without compromising data privacy and security. This greatly reduces hidden costs, multi-tenancy and RBAC needs to be designed from the ground up and not an afterthought or bolt-on design. 
  1. Policy-Driven Data Collection helps control the amount of analytics data collected per service. The default configuration for an edge device and service should provide all basic insights without needing huge resources such as bandwidth, compute, and storage spent. By default, only summary information should be exported periodically for various usage and performance monitoring. More granular analytics collection should be enabled only on-demand or for critical traffic analysis.  
  1. Configurable Retention Policies help ensure that only critical data are kept in the analytics platform for longer periods of time, thereby saving storage and computing resources. The ability to configure per tenant retention policies provides the flexibility to handle customers with different data retention requirements in a multi-tenant environment. 
  1. Configurable Data Resolution per report type helps reduce storage and computing resources by performing aggregations at different time granularities such as 1 min, 5 mins, 15 mins, and more. Based on the importance of the report, the user should be able to modify the default resolution at the global or tenant level. 
  1. On-Premises or Cloud Deployment Options for different components of the platform provides flexibility to customers who are sensitive to cost and security. The platform should be able to scale horizontally as the SD-WAN network grows without impacting the existing data. 

When leveraging a well-designed analytics solution, customers can successfully obtain the scale and costs efficiencies they need without losing any important insights that are critical to their business. Flexible configuration and deployment options allow customers to get higher and more granular visibility custom-tailored to their specific business needs. A true SD-WAN solution should always have a well-designed analytics platform, and together, the result will yield visibility and control as well as a dramatic increase in cost efficiencies.