Security for the Network Edge
SD-WAN is about connecting branch offices to the cloud and corporate data centers. Realizing that branches are the most vulnerable area for cyber-attacks, SD-WAN must provide strong security. The fact is, cyber-security is a constant and real threat. Ransomware continues to rise with cloud applications, BYOD, and the increasing use of cellular and broadband networks to augment MPLS. These trends are expanding the attack surface of the network, while simultaneously obscuring IT visibility.
Every day, security breaches and attacks become more frequent and increasingly sophisticated. Cloud applications and IoT in branch offices are becoming an increasing concern. Securing branch offices is a challenge, yet back-hauling all branch Internet traffic through a central data center just adds latency to applications, that frustrates IT and end users.
Mosaic SoftWave SD-WAN Deployment Models
WAN architectures vary from industry to industry. Mosaic SoftWave provides a single, yet flexible platform to build all the elements you need, whether single or multi-tenant, for on-premise or cloud. SoftWave SD-WAN Orchestrator and SoftWave SD-WAN Controller can be deployed within multiple different architectures, including:
This architecture presents all WAN elements located on premises, to meet the needs of enterprises that have not yet migrated to the cloud, and prefer traffic to flow through the data center.
Cloud Delivered Mosaic SoftWave SD-WAN Orchestrator/Controller
Management and control (provisioning, configuration) is cloud-hosted, while data continues to flow on-premises between SD-WAN nodes that remain on-premises.
Cloud Delivered SoftWave SD-WAN Orchestrator/Gateway
Management and control (provisioning, configuration) is cloud-hosted, and Cloud Saas/IaaS traffic is directed to the cloud SD-WAN node, while data center traffic continues to flow directly to the data center node.
The complexity associated with traditional WAN architecture VPN tunnels and PKI infrastructure management is simplified by leveraging the secure and scalable cloud-based SD-WAN PKI infrastructure. This can be enabled with a single click on the orchestrator. VPN tunnels are built where and when they are needed for branch-to-branch, branch-to-data center, and any location to the cloud.
Security capabilities to secure Internet-based traffic flowing to the cloud without routing through the data center, can leverage hosted security facilities for VPN termination and insertion of other services including, firewalling and cloud-based-security like Zscaler. VNF capabilities supported on the Mosaic SoftWave SD-WAN Edge allows for additional security service insertion in the branch.
Mosaic SoftWave SD-WAN provides the CISO and CIO with confidence, knowing that their network traffic is secure, and their company, customers, and employees are protected with an architecture that fits their specific business needs – regardless of on premises, cloud, or a combination of both.