Managed Security
Service Overview
AireSpring Cybersecurity Protection
Security at the Edge
Core SD-WAN Security Capabilities
Security is fundamental to VMware SD-WAN, which is built on an architecture that ensures secure communication between the management, control, and data planes:
- Between management and data planes
- Between data plane and control plane components
- Within public key infrastructure-based authentication
Security functions:
- Encryption
- Authentication
- Key generation/exchange options
Stateful firewall
Included in the SD-WAN Edge, provides secure connectivity between locations.
PCI compliance
Can be enforced on a per segment basis to maintain regulatory compliance.
Segmentation
supports VLAN functionality across the enterprise, ensuring discrete connectivity between employees and business applications.
Next Generation Firewall (NGFW)
Virtual network functions (VNF) on Edge software and devices enable the insertion of NGFW functionality.
User traffic inspection
Inspection for threat detection and prevention (e.g. IDS/IPS, anti-malware, URL filtering) is available locally within the VMware SD-WAN Edge via service chaining through a firewall VNF, or remotely, by steering traffic to cloud-hosted security services through policy.
Network segmentation
Network segmentation logically divides the network into multiple, discrete subnets. A segmented network can be isolated and controlled, by allowing and disallowing traffic, based upon a variety of management and security factors.
Network segmentation use cases can include:
- Line-of-business segmentation, such as engineering, sales, and support, etc.
- Separating user data, for guest WiFi, ATM, PCI, etc.
- Overlap IP addresses in different virtual routing and forwarding (VRF) scenarios
- Secure firewall service can segregate voice, video and compliance traffic
- Group prefixes can be inserted within a unique routing table, to make a business policy and segment-aware
Deployment Options
Managed Security
Affords the organization the ability to reduce the burden of maintaining the security infrastructure.
Segmentation
Provides for the secure breakout of communications between SD-WAN locations.
Edge device functionality
Provides the ability to bring the security stack close to the user. Cost and complexity are reduced by adopting a managed approach to Security while providing the ability to scale as organizational needs change over time.
Benefits
Get In touch
Get in touch today and explore project options