Deployment Options
Versa SASE is delivered via the cloud, on-premises, or as a blended combination of both and is a centrally managed solution. The management infrastructure consists of:
-
Versa Director
A centralized provisioning and management application for VOS orchestration.
-
Versa Analytics
A big data tool that provides historical insights, prediction and forensic analysis for networking, security, SD-WAN, applications, and users.
-
Versa Controller
A VPN concentrator and route reflector that provides secure connectivity from the branches to the headend nodes. Versa Controller also provides the control plane backbone for exchanging real time reachability, route, topology, performance and SLA information between branch offices.
Versa management is a true multi-tenanted system with role based access control (RBAC) to provide separation between the tenants. Versa management can be deployed and consumed in a variety of models.
On-Premises
Versa SASE services are deployed on-premises in branch offices, work-at-home, regional offices, headquarters, data centers, and cloud. An on-premises implementation includes the option to extends connectivity via SD-WAN to a distributed system of Versa Cloud Gateways which are located at the front doorstep of nearly every cloud service available.
This extension of the corporate network enables fast, reliable, secure access to cloud applications around the globe.
Versa management is typically deployed on the customer premises (Data Center) on bare metal appliances or virtual environments. Alternatively, Versa management may also be deployed in a public cloud environment.
In the on-premises deployment model, the administrative control is completely with the enterprise IT team. Based on requirements, Versa management can be deployed so that data never leaves the enterprise network. The entire Versa management system can be air-gapped from the internet to provide additional level of security.
Hosted
Organizations who prefer implemented Versa SASE as a management service will typically leverage this deployment model, also known as “managed service provider. In the hosted model, the Service Provider is responsible for configuration management and monitoring of the enterprise SASE implementation.
Service Providers leverage Versa multi-tenancy capability to deploy a single Versa management system for multiple tenants. Versa Role Based Access Control (RBAC) allows the Service Provider to securely share the co-management of the enterprise network between the Service Provider and the enterprise IT team.
Cloud
Versa provides cloud managed orchestration for Versa SASE to both Enterprise and Managed Service Providers. Versa offers cloud managed orchestration as a service in a shared or dedicated option in both public and private cloud. In this model, the Versa management is deployed in a geo-redundant design and is managed and maintained by Versa NOC 24 X 7.
Role Based Access Control (RBAC) is leveraged to segregate different tenants and to provide private Versa management. In this model Versa NOC is responsible for managing and maintaining Versa SASE, while the customer IT team is responsible for management and monitoring of the CPEs.
Blended Combination
Most Enterprises, businesses, and organizations do not fit a one-size-fits-all implementation of either cloud or on-premises. Most organizations have a variety of locations which differ by size, services, and complexity.
Some locations may require more SASE services be delivered on-premises (i.e., a power branch with several service available for clients and employees) while other locations benefit from more SASE services delivered via the cloud (i.e., a light branch offering basic services to clients) and still other locations may need a blended combination of SASE via the cloud and on-premises.
Versa SASE is flexible enough to be deployed seamlessly as a blended combination of both cloud and on-premises services. VOS (Versa Operation System) runs both on-premises and cloud SASE services which creates consistent services, features, policies, and configuration regardless where the service is delivered.
One set of locations may be mostly on-premises SASE, another set of locations may be mostly cloud SASE, while the remainder is a balance of both cloud and on-premises. All of these are managed via the same management interface and policies are applied consistently and ubiquitously across cloud and on-premises implementations.
Learn More
Find more research, analysis, and information on SASE (Secure Access Service Edge), networking, security, SD-WAN, and cloud from industry thought leaders, analysts, and experts.