Management, data, and control plane independence.
Enterprises viewed network segmentation as a necessity to accomplish Network security and as a relief from limitations on Layer 2 domains. Virtual Local Area Networks (VLANs) became the de facto standard for segmentation. It provided a mechanism for segregating Business units, zones, and security.
However, VLANs provide a minimal set of security and separation within the average Enterprise network. While it is true that a user on a given VLAN cannot directly communicate nor access information on the other VLAN, the use of Denial of Service (DOS) attacks may cause impact to the other VLANs traffic and communication.
Versa SASE provides genuine multi-tenancy across Versa orchestration platforms, control plane, and data plane. This level of multi-tenancy keeps the policies and configuration and the logs and statistics segregated from that of the other tenants.
A fully multi-tenant system is a system where multi-tenancy is at the management level, controller plane, data plane, and the analytics Level.
Versa SASE provides this level of multi-tenancy at the cloud, headend, data center, branch, and edge device locations:
Management Plane Multi-Tenancy
- Independent RBAC for each tenant
- Users of a tenant can see only devices of that particular tenant only
Data Plane Multi-Tenancy
- Routing tables separation
- Each tenant can have up to 1024 VRFs
- Data Plane independently encrypted tunnel between SD-WAN devices
- Independent instances of a routing table, BGP instances, OSPF instances, etc.
Control Plane Multi-Tenancy
- Independent SD-WAN engines for each tenant
- Independently encrypted secure tunnels with Controllers for each tenant
- Independent topologies for each tenant
The only true multi-tenant SASE architecture on the market.
Versa Networks is the only true multi-tenant solution on the market enabling organizations to achieve management plane, data plane, and control plane multi-tenancy at the cloud, headend, data center, branch, and edge device locations. Versa SASE has built-in, native segmentation with true multi-tenant implementation. Each Versa SASE on-premises VOS implementation is able to support up to 256 separate tenants.
This provides flexibility to host multiple customers, lines of business, or functions per instance while maintaining separation between each customer’s traffic. Further, each tenant is able to have multiple virtual routing and forwarding tables (VRFs), VLANs and service chains with full separation of control plane, data plane, and management plane. No other solution on the market can come close to this level of segmentation.