SD- Security is an integral part of the VergX Reseller offering, so let’s take a deeper dive into how this works and what it can do for your customers. Software-defined or SD-Security is an architectural approach to network protection and compliance that separates control from the physical hardware – enabling security and compliance to work together with SD-WAN. Security has made the shift to become more programmable, adaptive, scalable and portable enabling it to become software-defined
Now that we understand what it is, let’s talk about the benefits of software-defining security.
Increase network agility
By migrating from proprietary hardware to VNF-based security services, your customers can reduce deployment time down to a few hours as opposed to days or even weeks. Truck roll deployments and upgrades become a thing of the past. With Zero Touch Provisioning or ZTP, incremental security changes can be centrally provisioned and downloaded in real time to the appliance as changes are needed and upgrades become available.
Reduce CAPEX & OPEX
Replacing proprietary security appliances and software lowers CAPEX for your customers, and as mentioned above, ZTP significantly decreases their OPEX. IT services can be managed remotely via the HQ, simplifying operations like software updates and capacity extensions, while reducing travel and staff expenditures.
Minimize operational complexities
SD-security simplifies validation and security deployment through built-in service chaining. It also simplifies integration of multiple security functions in a network stack. Compared to proprietary security appliances and software, SD-Security significantly minimizes time and required troubleshooting, and operations can be managed through a Single Pane of Glass (SPOG).
Customize the security stack based on environment
SD-Security enables providers and enterprises to cost-effectively build their own custom security stack to meet the needs of specific environments. For example, a remote office could need a simple firewall and antivirus, while other locations may have their security handled by HQ and others could have an entire suite of UTM functions all managed by service providers.
SD-Security delivers a more agile and cost-efficient security by migrating from hardware-based services to a software-defined approach that leverages VNFs like; NGFW, malware protection, URL & content filtering, in-plane switching (IPS), antivirus, dist. denial of service (DDoS), and VPN next-gen VPN. It is purpose-built for managed services, easily deployed by customers – and has capabilities like multi-tenancy, service chaining, ZTP and enables faster security delivery. Creating a solution that enables your customers to increase their network agility, reduce their costs, and minimize operational complexities.
Why SD-WAN & SD-Security Go Together
The Versa SD-WAN and SD-Security solutions share a similar architecture – both are designed using VNFs and open hardware, but the synergy doesn’t end there.
One of the value propositions of SD-WAN is the ability to seamlessly include connectivity alongside MPLS and create a hybrid and unified WAN. The downside to this value proposition is that enabling DIA at each branch office requires strong security at each branch office as well. This can be very costly and very difficult to manage – which is where SD-Security comes into play.
With SD-Security, multi-layer security can be more easily integrated into an SD-WAN solution via software, which isn’t possible with a standalone appliance-based approach. Alleviating some of that cost associated with securing each branch.
The benefits for providers and enterprise IT teams alike is much simpler insertion of security into the branch to protect Internet access, far more timely service deployment and upgrades, and greatly reduced chances of one standalone network or security component breaking another one.