I have built several locations, trying to bring as close as possible to reality what many companies are facing today and so I have several locations that have vEdges for each location.Routers, Switches, Firewalls and other Data Networking infrastructure discussions welcomed. For those unfamiliar with EVE-NG, very briefly, this is a simulation platform especially for network devices. In order to convince someone of how gready the SD-WAN is, I had to convince myself first, and that's how I started with this network topology in the EVE-NG simulation platform. Below I will show what I was able to do with some of the templates I created. We can create, control and deploy security policies at scale as the business changes and grows, or as you provision new applications. Suspicious activity can be automatically redirected and reported to the administrators. The centralised controller allows you to filter and block malicious traffic without affecting the rest of the network’s operations. You can create and distribute security policies across the business, which can then be enforced and maintained centrally.
The centralised controller in SD-WAN can set security policies for the entire network. With SD-WAN you can prioritise traffic from your locations, moving voice and/or video traffic over low-latency, high-bandwidth links (such as MPLS) and using cheaper local internet for less time critical traffic. This enables you to ensure the connectivity used is appropriate for the generated data. Today's business are combining a variety of network connection types into your WAN, such as private circuits, mobile networks and any internet connection. Traffic prioritisation from remote locations SD-WAN protects traffic between locations by connecting them all with a secure tunnel that employs strong built-in encryption like 128- and 256-bit AES encryption and Internet Protocol Security (IPsec) virtual private network (VPN). One great thing about zero-touch provisioning is that lets you add a new branch or remote location online in a matter of minutes.
Segmenting out virtual networks within the SD-WAN’s overlay prevents traffic coming from less secure locations from compromising other segments that contain more sensitive information. SD-WAN microsegmentation allows admins to segment traffic according to application characteristics and network policies. There are many security features that SD-WAN is capable to do, and I want to talk about few of them, let's say the ones that I've discovered on my attempt to build an SD-WAN infrastructure in to a virtual environment like Eve-Ng. I was amazed to find so many gread thinks about SD-WAN or in other words a solution to think about all aspects when it comes not only to your security but also your network management. Now that more and more companies adopt remote work, it is very important to think first about security, a very challenging goal for companies when we talk about multiple locations and think about making the right choice for your infrastructure security. In what follows I would like to share with you a little of my experience with SD-WAN and a few words about Security in SD-WAN. Why Cisco SD-WAN? A question that kept me thinking until I came to understand SD-WAN.
0 kommentar(er)
