VxClouds proposed solution is to utilise the internet to gain access to important company information and applications as well as private and public cloud solutions. Our SD-WAN solution is a major step in creating a secure internet access networking medium. We have partnered with ZSCALER to create a integrated SD-WAN and secure web access solution. The focus point of the solution is to control internet access, prevent access to un-authorised internet content and to secure information that is transferred to and from the internet. ZSCALER is integrated into the VxCloud SD-WAN solution hosted in South Africa. The “No More Appliances” approach is a major business driver for VxCloud.
VxCloud realises that today’s applications are in the cloud and almost all organisations are accessing some type of cloud service or solution. These types of trends expand the attack surface for the network and branch offices. Cloud security is an important concern for all CIO and IT managers and is becoming a bigger issue with cloud solutions and access.. Enter the VxCloud Delivered SD-WAN that provides a robust architecture uniquely flexible to secure both traffic and data, deployed as a secure overlay to networking or internet service providers. With several different deployment architectures, a Cloud-Delivered SD-WAN accommodates for the needs of even the most security sensitive business. It also returns to corporate IT security and compliance, controls it needs to be safe.
VxCloud has partnered with one of the leading Firewall solution providers in the world and included Firewall services as part of our SD-WAN solution. VxCloud can protect the client’s offices from unauthorised access through the internet and also include a robust and well-supported firewall. Security is a key consideration in distributed network deployments. Attempting to secure the modern distributed enterprise with a traditional centralised security approach is like trying to keep the rain off a football game using umbrellas. We also include our security services in the cloud connections hosted in Azure and AWS to create an end to end cloud security managed service.
VxCloud Fortinet Cloud Security
Medium and Large Enterprise Fortinet and SD-WAN Cloud Security Use Cases
VxCloud Secure SD-WAN Distributed Regional Branches : Challenge 1
The designing, implementing and maintenance of service chaining and complex traffic forwarding in large, geographically distributed WAN deployments can significantly increase deployment and operational burden and costs.
VxCloud Secure SD-WAN Distributed Regional Branches : Solution 1
VxCloud can provide a one-click service insertion capability through the VxCloud SD-WAN business policy framework. This reduces complexity and aligns business policies with application needs and business objectives. The solution can eliminate hundreds of CLIs/PBR rules, resulting in reduced administrative burden. Traffic policies can be effectively managed to easily forward traffic from many branches to the regional data centre with a VxCloud Edge and Fortinet firewall installed.
VxCloud Securing and Optimising access to Private and Public Clouds : Challenge 2
With enterprises increasingly leveraging cloud services to run their data centre workloads, IT departments often run into challenges of increased complexity as a result of having to manually configure “NxN” secure overlay tunnels to access their “N” IaaS instances from “N” branches. They also lose performance and security when doing so.
VxCloud Securing and Optimising access to Private and Public Clouds : Solution 2
With our SD-WAN Gateway the enterprise automatically sets up a secure and optimized overlay using VxCloud SD-WAN Dynamic Multi-Path Optimization. The VxCloud Gateway service chains the AWS or Azure instances, thereby requiring only N tunnels, avoiding the complexity associated with creating NxN tunnels in a traditional scenario, and ensures optimization for application performance. Fortinet FortiGate VM for Azure and AWS can be deployed on-demand, thereby ensuring enterprise-grade security by having FortiGate firewalls and FortiWeb Web Application Firewalls in the IaaS (Public and Private cloud) environment.
VxCloud Securing the SD-WAN Edge : Challenge 3
Organizations are increasingly pressured to reduce costs and eliminate the administrative complexity, truck rolls and burdens associated with deploying and managing CPE equipment and physical appliances at branch sites. Can the WAN and Security management complexity be reduced for IT to manage.
VxCloud Securing the SD-WAN Edge : Solution 3
VxCloud will deploy the SD-WAN Gateway together with Fortinet FortiGate VM VNF, thereby reducing management burden and costs. Alternatively, they can deploy the Fortinet FortiGate-VM VNF on the VxCloud SD-WAN Edge for ease in enabling distributed firewall services and wired and wireless control to deliver secure access for employees, guests, and contractors for the enterprise.
VxCloud as a Cloud Service Provider to Reduce Appliances for SD-WAN : Challenge 4
The rise in online collaboration and rich media applications is driving enterprises to explore using Internet links for economical expansion of their private MPLS networks. To satisfy these requirements, VxCloud SD-WAN will augment existing network services effectively. VxCloud as a service provider have adopted this network architecture to accommodate the increasing shift of applications and data centres to the cloud while delivering the expected levels of reliability, performance, and security. We have evolved, adapted and expanded out service offerings to meet client needs.
VxCloud as a Cloud Service Provider to Reduce Appliances for SD-WAN : Solution 4
We have included the solution to deploy Fortinet firewalls and VxCloud SD-WAN multi-tenant gateways as VNFs in the hosted data centre, thereby delivering both “last mile” optimized performance to remote cloud and centralized enterprise services. In addition, VxCloud now offers unparalleled security by leveraging the industry’s best validated security protection offered by Fortinet’s FortiGate network security platform. We have added this service to the portfolio of products and services in the field. Customers are looking to offload headaches that are hard to automate and deliver, such as wireless and wired (switch) management, protection, and guest-networking, which can often be the next steps in a process for deploying a remote site office. The provisioning of ports and wireless access can be a cumbersome and expensive task.