SD-WAN Security

Try for Free

Security breaches are on the rise. SD-WAN can help.

Today applications are in the cloud; BYOD is ubiquitous; the use of cellular and broadband transport is common to augment MPLS or connect sites that MPLS cannot reach. These shifts have expanded the attack surface of the network, while simultaneously obscuring IT visibility. Enter VMware SD-WAN by VeloCloud, with a uniquely flexible architecture that meets your security needs, whether your business is on-premises-centric, cloud-centric, or a combination.

transform-healthcare-security

Security, Simplified

Pivotal security features required by a headless SD-WAN, or to secure cloud-destined traffic without hairpinning it through the data center, can leverage hosted security facilities, both for VPN termination, as well as for insertion of other services including firewalling and cloud-based-security (such as Zscaler). The VNF capabilities supported on the VMware SD-WAN Edge additionally allow security service insertion in the branch.

Benefits

Flexible Architecture

SD-WAN accommodates the needs of even the most security sensitive business. It also returns to corporate IT the security, compliance and control it needs to be safe.

Visibility

With SD-WAN, you gain unprecedented visibility into the use of data center or SaaS applications. It returns to corporate IT the security, compliance, and control it needs to be safe.

Service Insertion

SD-WAN applies network-wide security policies and inserts local, third-party and cloud security services wherever and whenever they are needed.

Deployment Models 

The singular flexibility of SD-WAN allows the solution components – the SD-WAN node (single and multi-tenant for on-premises and cloud), VMware SD-WAN Orchestrator, VMware SD-WAN Controller – to be deployed in multiple different architectures, including the following.

vmware-velocloud-deployment-option1a

All On-Premises

 

This architecture, where all components of the WAN are located on premises, addresses the needs of networks that have not yet migrated to the cloud and prefer traffic to flow to the data center.

vmware-velocloud-deployment-option2

Hosted SD-WAN Orchestrator/Controller

 

Management and control (provisioning, configuration) is cloud-delivered, while data continues to flow on-premises between SD-WAN nodes that remain on-premises.

vmware-velocloud-deployment-option3

Hosted SD-WAN Orchestrator/Gateway

 

Management and control (provisioning, configuration) is cloud-delivered. Cloud Saas/IaaS traffic is directed to the cloud SD-WAN node, while data center traffic continues to flow directly to the data center node.

Related Resources

Secure Your Network for Cloud

Learn new approaches that strengthen and simplify your security posture.

See Webinar

SD-WAN Security Architectures

Learn the pros and cons of various SD-WAN security architectures.

Watch Now

Next-Gen Security for the Branch

Explore the use cases of next-generation enterprise WAN.

View Recorded Webinar