With First-packet iQ application classification and seamless service chaining (see Figure 1) supported in the Unity Orchestrator, highly-granular security policies can be configured and automated to protect the branch office with Silver Peak’s industry-leading technology and security integrations with our alliance partner ecosystem (see Figure 2). For example, security policies might be defined to:
- Send all known, trusted business SaaS and web app traffic directly to the internet
- Send “home from work” applications like social media and entertainment applications to a secure web gateway such as Zscaler
- Send all untrusted, suspicious and unknown applications back to a hub or headquarters-based next-gen firewall from Palo Alto, Fortinet or Check Point
In addition, EdgeConnect provides basic firewall and security capabilities for “thin branch” offices that do not host applications. The EdgeConnect stateful firewall allows traffic out but only allows ingress traffic in response to user-initiated sessions. It creates a trusted whitelist of SaaS and internet applications to steer them directly to the Internet while directing other app traffic to a secure web gateway or next-generation firewall at a regional hub or headquarters.
The stateful firewall coupled with granular security orchestration provides the highest levels of application performance based on business intent, simplifies the branch office, and lowers Capex while protecting the business from vulnerabilities.
Resources
Centrally Orchestrated End-to-End Segmentation
PCI Compliance Across the SD-WAN Protecting Personal Financial Data
Palo Alto Networks and Silver Peak
Check Point + Silver Peak securing the Internet for SD-WAN
Fortinet and Silver Peak Integrated Security Solution for SD-WAN
Zscaler and Silver Peak Solution Brief
Six Ways to Improve Network Security with SD-WAN
Simplified, Consistent Security for Applications - No Matter Where They Reside - Solution Brief