Oreta advances hyperconvergence capability with HyperFlex Specialisation.

Oreta advances hyperconvergence capability with HyperFlex Specialisation.

by | Jun 4, 2021 | News

More and more organisations are recognising the need for multi-site distributed computing to meet the growing requirements in a branch office, remote sites, the Internet of Things (IoT), and other intelligent services at the edge. In a technology-dependent world having infrastructure ready for any application, any cloud and ready to be deployed anywhere is vital to an organisation’s success. Oreta knows this. That’s why we are proud to have recently advanced our expertise in the cloud domain and accomplished a HyperFlex specialisation with Cisco.

HyperFlex is Cisco’s solution for simplifying today’s multi-cloud installations, making them highly scalable and resilient within a hybrid IT environment. With the specialisation, Oreta can build its capability to deliver HyperFlex solutions and strengthen its brand as a trusted Cisco Authorised Partner and advisor to our customers within the HCI market.

Oreta achieved the HyperFlex specialisation and became qualified to install, design, manage and troubleshoot HyperFlex solutions by completing a formal authorisation process and having our technical specialists complete prescribed learning pathways, including a rigorous examination.

Several of our customers are already reaping the benefits of our HyperFlex specialisation. They are seeing the high-performance gain and cost reduction with the ease of putting their entire IT environment in the cloud with great speed. They are also experiencing more effective management of critical applications, coupled with high availability and performance.

We will continue to advance our expertise in HCI technology by having exclusive access to learning maps and training, which will ensure we provide a consistent service to our customers.

Suppose you are considering shifting to a multi-cloud environment and are keen to augment your mission-critical applications? Then, consider Cisco HyperFlex as the right solution for you. Our technical experts are available to talk to you about the benefits of Cisco HyperFlex today.

Contact Us
SD-WAN; Battle of the Titans

SD-WAN; Battle of the Titans

by | May 20, 2021 | Network

Awareness of Software-Define Wide Area Networking (SD-WAN) is growing. More and more companies are looking toward the next generation of WAN technology. And, the battle between the geniuses of SD-WAN technology, Cisco and VMware, is heating up.

In this article, we compare SD-WAN solutions, discuss the benefits of each, and outline which solution may be best for your business depending on your requirements.

SD-WAN – Biggest Trend In Enterprise Networking Today 

For those of you who are still fresh to the game, let’s quickly explain what SD-WAN is and why more and more companies are investing in it.

SD-WAN is the most significant trend in enterprise networking today. Demand is accelerating as companies look to increase agility, achieve high performance, and secure connections to cloud applications. SD-WAN uses software to control the connectivity, management, and services between data centres and remote branches.

The five main features of SD-WAN include the ability to;

  • combine multiple connection types, from MPLS to broadband to LTE, serving one location into a single pool of capacity available for all applications and services,
  • centrally define and manage policies and network traffic without requiring manual configuration at each device,
  • set up a simple interface for managing WAN which supports zero-touch provisioning at a branch or site,
  • support VPNs and other third-party services, such as WAN optimisation controllers, firewalls, and web gateways,
  • customise bandwidth and connectivity to meet the needs of specific network services, locations, or users.

As a Gartner report recently mentioned, SDWAN is a key technology helping enterprises transform their networks from “fragile to agile”. SD-WAN can help companies overcome many of the challenges they experience with legacy WAN, empowering their IT to work smarter, faster, and at a lower cost through network automation, traffic programming, and policy development.

Cisco SD-WAN vs VMware’s Velocloud

Now that we’ve defined what SD-WAN is let’s look at the differences between the two top contenders in the market; Cisco SD-WAN and Velocloud by VMware.   

Before we start, we would like to emphasise that there is no definite answer to which vendor offers the best SD-WAN solution for your business. There are many variables you need to consider before you decide what is the best solution for your business. You need to take the time to understand each of their strengths and whether they complement your business objectives. In this article, we aim to help you make a more informed procurement decision.

What is Cisco SD-WAN?

In summary, Cisco SD-WAN is a highly adaptable solution allowing each site to have different control policies at a control plane level or data plane level.

What is Velocloud by VMware?

Velocloud offers out-of-the-box configurations making deployment fast and simple. Whilst SD-WAN components can also be customised, the solution is designed to allow DIY management with pre-configured policies. It is a critical component of the Virtual Cloud Network. 

What Are The Eight Main Differences?

Difference 1 – Dynamic Path Selection 

SD-WAN can select the most appropriate path or channel the network traffic will use, enabling cloud applications to leverage various options. By choosing the best approach, SD-WAN can maximise the use of circuits such as 4G/5G, Broadband, and Ethernet, thus increasing uptime and bandwidth.

Cisco SD-WAN Dynamic Path Selection – Cisco SD-WAN can help direct route traffic to the best-performing link by establishing route prefixes, metrics, link-state information, and route removals.

Based on SLA requirements, network traffic is recognised, and a policy is chartered to the traffic application. Identifying specific traffic applications requires the use of layers within the packets (e.g. ports, protocols). These packets, otherwise known as Viptela BFD’s (Bidirectional Forwarding Protocol), are used to screen the path’s characteristics and detect whether other paths need to be used due to possible latency.

Velocloud Dynamic Path Selection – Velocloud offers a Dynamic Multipath Optimisation feature that is very similar to Cisco SD-WAN’s BFD in the way that it can sense application characteristics. The feature includes link checking and detection of a specific provider. It allows automatic configuration deployment based on link properties, routing, and quality of service.

Difference 2 – Quality of Service (QoS)

SD-WAN makes QoS much more effective than MPLS. It removes the end-to-end benefit of an MPLS VPN and replaces it with a host of link preferences, out-of-the-box configuration templates, and pre-classification of link characteristics.

Cisco SD-WAN Quality of Service is similar to MPLS without the end-to-end characteristics of private network traffic flow. The Viptela capability allows ingress and egress interface direction toward vEdge routers in the network. With SD-WAN, Cisco SD-WAN can determine which links to use and applies a QoS capability depending on their characteristics.

Velocloud Quality of Service provides application traffic WAN settings across approximately 2,500 traffic sources. The advantage is an out-of-the-box ability to automate QoS and assist any one of those particular sources. SD-WAN builds application profile awareness, making it easier to outline QoS and bandwidth allocations.

Difference 3 – Link Steering and Remediation

Link Steering and Remediation occurs either per session or per packet. It is one of the key benefits of SD-WAN. It enables connections to link to traverse over WAN links, adjust link preferences, and create robust failover.

Cisco SD-wAN Link Steering and Remediation (Cloud OnRamp for SaaS) enables applications to choose their preferred connection, depending on the destination or if it is a Cloud application. If applications experience packet loss, increased latency, or complete outage, links can be steered to a new destination. Link performance is calculated by ranking, from 0 – 10, how well an application’s requirements are being met. A cloud interface manages the configuration and continuous changes to the Viptela platform.

VeloCloud Link Steering and Remediation – Velocloud’s SD-WAN solution can dynamically monitor traffic by censoring both the WAN edge and cloud application performance. With SD-WAN, a standard branch has two or more connections that require dynamic per packet switching for path optimisation.

Detecting traffic performance issues is done with link analysis. From here, the results provide information as to whether link switching is required and packets automatically routed.

Difference 4 – Application Performance Monitoring 

Application Performance Monitoring is one of the critical deliverables of any SD-WAN solution. It provides network management engineers and IT teams the ability to observe issues and trends over time, which, in turn, helps them make strategic decisions regarding their network.

Cisco SD-WAN Application Performance Monitoring – The network’s performance, individual circuits, carriers, tunnel and individual application data points are assessed using a single dashboard, known as Viptela VAnalytics. For example, Network managers can instantly detect which applications are using the most bandwidth, as well as any unusual behaviour that requires immediate attention.

Velocloud Application Performance Monitoring –  Velocloud provides insight into the performance across voice, video, and mission-critical data applications by calculating a WAN quality score. The monitoring tool provides a thorough assessment of application behaviour on single links and indicates where enhancements and changes are required.

Difference 5 – Security 

Security – SD-WAN vendors often need a different device to ensure security is factored in. Whether or not your SD-WAN service supports Next-Gen firewall functionality depends on your vendor’s offering and your internal security strategy.

Cisco SD-WAN Security – Cisco SD-WAN provides stateful firewall capability, which in some ways is like the customary world of standard Firewalls (e.g. not Next-Gen firewalls).

Velocloud Security –  Velocloud provides in-built context-aware (e.g., application, device, user) with Next-Gen Firewall. With SD-WAN, data can be micro-managed and mico-applications can be directed with proximate security.

Difference 6 – Network Function Virtualisation (NFV)

Network Function Virtualisation (NFV) segregates network functions from hardware to design a virtualised machine that operates on cloud-based commands, resulting in a flexible, cost-effective infrastructure. 

Cisco SD-WAN Network Function – Cisco SD-WAN’s VEdge Cloud virtualises the technology from a physical VEdge capability and creates a Virtualised Machine (VM). With VEdge Cloud, a Virtual Network Function can create a Virtual CPE (vCPE) deployment within a company’s head office or branch location.

Velocloud Network Function – VMware Edge hardware supports Velocloud’s capability to virtualise. The technology is listed as VMware SD-WAN Gateway and is available with service chaining support which is seamlessly delivered by partners such as Zscaler and Websense.

Difference 7 – Zero-Touch Deployment 

A major benefit of SD-WAN is fast deployment. It can quickly start an internet connection without fundamentally having to physically connect to any hardware.

Cisco SD-WAN Zero-Touch Deployment – Any Viptela device with internet connectivity is efficient at ‘zero provisionings’. Cisco SD-WAN needs a DHCP address from the network to get public DNS information. When booting, the vEdge router will connect to ztp.viptela.com.

Velocloud Zero-Touch Deployment – When connecting to the internet, Velocloud devices will auto-connect, authenticate and receive the appropriate configuration. The benefits of Velocloud’s Zero-Touch include deployment simplification and network migration.

Difference 8 – Automation and Orchestration 

SD-WAN service providers need Software WAN orchestration to control, manage and deliver the end customer service. It often requires an SDN controller with virtualisation software that can automate the provisioning process. 

Cisco SD-WAN Automation and Orchestration – Cisco SD-WAN provides a robust and true orchestration of SD-WAN services via its initial point of authentication. Distribution lists of their components, including VSmarts and VManage, are all supported across the deployment. The vBond Orchestrator delivers the SD-WAN capability by authenticating and authorising the Cisco SD-WAN elements into the network. Cisco vBond Orchestrator endorses the data points (i.e. Cisco VSmart Controllers and vEdge routers) in the network and coordinates how they will connect.

Velocloud Automation & Orchestration – Velocloud Orchestrator delivers Velocloud configuration across all aspects of the network. When devices connect to the internet and zero-touch deployment is active, VMware SD-WAN Edge appliances can auto-connect by following customised configuration instructions. Integration with existing networks can also be achieved, including support for the OSPF routing protocol.

Here’s a summary of the main differences between the SD-WAN solutions;

Cisco SD-WAN

VMware – Velocloud
An open solution is known for its flexibility and ease of deployment Fast deployment
Functions on-premises or in the cloud Three versions: internet only, hybrid SD-WAN, and on-premises
“Zero Touch” deployment “Zero Touch” deployment
Policy provisioning via vSmart controller Policy provisioning via VeloCloud Orchestrator
Number of applications supported: 3,000 Number of applications supported: 2,200
Unidirectional measurement and steering – No Unidirectional measurement and steering – Yes
Network Performance Measurement: (passive) Proprietary Network Performance Measurement: (active) BFD
Forward Error Control (for packet loss): No Forward Error Control (for packet loss): Yes
Data Encryption: Yes Data Encryption: Yes

 

What Else Do You Need To Know About VMware’s VeloCloud?

With Velocloud by VMware, it does not matter whether companies use MPLS or not; they can leverage wireless broadband internet or wired broadband internet. The solution has a performance indicator called VeloCloud Quality Score, which gives IT managers visibility regarding how the solution is operating.  

Velocloud provides a robust Cloud Gateway-centric approach to SD-WAN, providing a continuous solution that reaches into multi-cloud, data centres and other application hosting solutions. The approach is not only considered forward-thinking but cutting edge.  

What Else Do You Need To Know About Cisco SD-WAN?

Wich Cisco SD-WAN, companies can implement and manage this SD-WAN solution entirely within the cloud. Its open architecture makes it ideal for working in conjunction with IPFIX interfaces, Syslog, Netconf, SNMP, and REST APIs. SD-WAN forwarders work in sync with the central policy controller.

What Is The Right SD-WAN Solution For You?

IT departments are looking at more different ways to deliver secure and efficient cloud connectivity in the current business climate, a challenge that SD-WAN can solve. As a result, SD-WAN will be vital in managing networking, cloud connectivity and security in the future. 

The common consensus by IT and networking managers is that SD-WAN is making their lives easier. They are reaping the benefits of improved security capabilities, better bandwidth management, improved application performance in the cloud, improved network orchestration and automation and greater visibility into the network. 

                                                                                                                                                      

 About Oreta

At Oreta, we ensure that all our customers network right. We have deep skills in understanding and designing networks to advise your company on the right SD-WAN solution to meet your needs and continuously focus on adopting new technologies that will further enhance our customers’ outcomes.

Contact Us
Migrating to cloud? Consider Microsoft Azure

Migrating to cloud? Consider Microsoft Azure

by | May 19, 2021 | Cloud

Key points

  • Microsoft Azure gives enterprises the flexibility to start small and grow their infrastructure as their business grows.
  • Enterprises can easily integrate Microsoft apps and services into its existing solutions.
  • Microsoft Azure offers secure cloud solutions by using sophisticated encryption algorithms and techniques.

Australia is at the forefront of cloud adoption. Approximately 95% of organisations are running applications or experimenting with infrastructure as a Service (IaaS), with cloud service providers, such as Microsoft Azure, managing the infrastructure – and for a good reason. They are seeing the benefits of migrating their apps and workloads to the cloud.

Microsoft Azure (‘Azure’) is one of the fastest growing and most secure cloud infrastructure platforms available today. It is renowned for its speed, flexibility, and resilience. It boasts the highest amount of security and privacy certifications of any cloud provider. Azure empowers workers to be more productive, enables cognitive learning and AI, and can ultimately transform businesses.

Here our cloud specialist, Dev G, digs a bit deeper into the benefits your business could experience shifting to Microsoft Azure.

Ability to scale on demand.

Cloud infrastructure is hugely beneficial to organisations looking to shift workloads to an expandable pool of resources that can contract and enlarge as demand requires; Azure is no exceptionAzure scales alongside an enterprise’s current needs, Enterprises can monitor and tailor their cloud usage as per their workload requirements in a secure environment with no limitation on server capacity. Thus, giving them the flexibility to augment their infrastructure at a pace that suits their business needs.

Azure can also be set up to auto scale as workloads change. With greater scalability, enterprises can gain the experience and confidence in operating their business in the cloud as they continue to grow, while only paying for what they use.

Tip – To make the most of Azure’s hyper-scale environment and avoid unnecessary costs, enterprises should avoid making the common mistake of ‘just’ migrating from on-premises to the cloud. Enterprises need to continue to monitor Azure once they have migrated to the platform. There are helpful tools, such as Azure Advisor and Azure’s auto-scaling engine, to help set triggers to analyse the environment, including workload behaviour, and create sanctions for availability, performance, security, and cost. 

Greater Flexibility 

In the dynamic technology sector, enterprises need to partner with a host that can evolve as quickly as their needs do. Azure can easily adapt to an enterprise’s unique business needs and provides the capability to manage, deploy and control infrastructure from almost anywhere, at any time, enabling enterprises to modify the cloud as required.

Tip – When adopting Azure, enterprises need to scrap the ‘lift and shift approach. They need to see Azure as a highly scalable and adaptable solution that can be right-sized to their specific and current needs – such an approach will lead to many cost savings. 

More Availability 

Azure features an industry-leading SLA and more than 10,000 Availability Zones enabling businesses to migrate their workloads seamlessly from one locality to another.

Tip – Enterprises need to be mindful that the availability is not built-in to Azure by default. Just because it is in the cloud does not mean a resource is always available. It is important workloads enterprises can access their workloads from more than one virtual machine within the same availability zone (to achieve a high SLA).

Improved Accessibility

Azure offers enterprises the freedom to access services from any device and any location in a secure environment. Azure enables enterprises to easily integrate Microsoft apps and services into their existing solutions. Enterprises can also use the Microsoft Azure App service to write apps that use all the platform’s capabilities, including app storage, networking, servers, storage, database, analytics, and machine learning.

Robust Security 

Azure offers several secure cloud solutions which use sophisticated encryption algorithms and techniques. When users access Microsoft cloud services, they can retain complete control of their data while remaining fully protected. Azure’s also gives enterprises the flexibility to choose which apps they want to use, the level of encryption to employ and other settings.

Tip – Enterprises need to ensure they have the right security and backup levels in place when they move to Azure – ultimately, it is their responsibility regardless of if the workloads are on-premises or in the cloud. Enterprises also need to extend their continuity strategy, processes and tools to include Azure – there are various storage and backup tools available. 

Ability to optimise costs 

Many customers have no idea what discounts or entitlements are available with Microsoft Azure and therefore miss out on huge cost savings. With Microsoft’s huge customer base, it has been able to offer discounted prices to its customers. As the market gets more competitive with AWS and Google, costs will likely go down even further. Also, Azure provides a ‘pay what you use’ model, which significantly reduces the upfront costs for small businesses.

Tips – Azure subscriptions should align with an enterprise’s business goals. Governance tools such as Azure Scaffold can be a powerful cost-management tool, helping enterprises protect businesses from human errors, tag resources, set up policies, quickly run reports on various resources and reduce susceptibility to vulnerabilities which could lead to costly mistakes in the future. 

A great way to optimise your costs with Azure is to shut down machines that are not mission-critical when they are not in use (e.g., after-hours). If you are using a subscription model and not paying upfront for virtual machines, you don’t need to have your infrastructure operating 24 x7.  

Platform as a Service (PaaS) 

Another core strength of Azure is its Platform as a Service (PaaS) capability. Completely serverless, enterprises do not have to worry about infrastructure, including monitoring patching or remediating the server. Enterprises do not have to waste time on deploying, configuring, managing, and monitoring IaaS infrastructure Their IT team can spend more time on the business’s strategic aspects; helping it grow and succeed and save on time and money.

Tip – Enterprises must select which workloads they want to move to PaaS as not all workloads are suitable for this environment.

Hybrid Capability 

Azure allows enterprises to build hybrid environments, enabling them to take advantage of on-premises resources and the benefits of operating on a cloud platform without any hidden unnecessary costs.

Azure continues to grow rapidly, regularly adding support for various features, applications and different technology platforms. If you are considering migrating to the cloud, Azure should be on the list of options.

Oreta has gold partner status with Microsoft because of its distinctive competencies in Azure, including system integration and managed services. We partner with customers throughout their journey to the cloud – from advisory and delivery to operations and continued optimisation.

Contact Us
Firewalls as a Service (FWaaS); the future of network security

Firewalls as a Service (FWaaS); the future of network security

by | Apr 1, 2021 | Security

Does your organisation still have a physical (or virtual!) appliance for a firewall? Its days may be numbered. Developments in cloud solutions are creating an upward trend toward cloud-based security services. Cloud firewall deployments are becoming the norm in many enterprises. Firewall as a Service (FWaaS), otherwise known as ‘Cloud Firewalls’, has surfaced as a standalone product and a key element of the overarching Secure Access Service Edge (SASE) architecture. FWaaS is helping meet enterprise security requirements and improve network connectivity and end-user response times.

Here we help build your understanding of what FWaaS is, why companies are considering it as part of their security strategy, and why it is an integral part of the SASE architecture.

What is FWaaS?

Much like a fire-proof wall prevents flames from travelling through a building, network firewalls prevent unauthorised access to, or through, an organisation’s network. They act as an inspection gateway, stopping malicious data from entering or exiting the secured network.

Firewalls have been an essential element of network security since their invention in late 1980, just before the launch of the web browser in August 1991. The rest, they say, is history. As companies move their applications and data to the cloud and people work remotely, firewalls continue to evolve.

FWaaS is the latest version of the Next Generation Firewall (NGFW). It operates the same way as an ordinary hardware-based firewall; however, instead of installing a firewall appliance on a physical server, it puts the same capability to the cloud. FWaaS provides a centrally managed exit point for all staff’s internet access (e.g., corporate headquarters, remote and branch offices, mobile users) without backhauling the traffic through the corporate data centre. It leads to end-user performance improvement, reduced network and link costs, and removal of the DC bottleneck. As a result, FWaaS permits the data centre firewall to focus on its primary role – protecting the corporate servers and data.

As a corporation no longer manages the infrastructure or software patching, security staff can focus more on performing a role that creates real business value – protecting the corporate data. By centralising administration, a consistent security policy can apply across all staff traffic.

How Does FWaaS Work?

Firewalls enforce rules developed by the organisation’s IT administrators that ‘gate’ what staff can access (e.g., Web sites/categories, IP addresses). When prohibited behaviour is detected, users are blocked and alerted accordingly. As mentioned above, this is very similar to a legacy on-premises firewall; however, it is conducted “in the cloud” using an FWaaS provider.

Installing the firewall is comparatively easy, often only involving changing a company’s router settings. As soon as the network links to the FWaaS provider, network traffic travels through the provider instead of the company’s firewall.

Why do companies need FWaaS? 

With more companies adopting the cloud, and an increase in remote workers, network complexity is intensifying. As a result, the network permitter has changed. Where corporate data was previously on-premise, data is now in “the cloud”. A centralised firewall introduces latency due to backhauling data to the central corporate firewall, which may require high network bandwidth to improve performance, which in turn flows on to needing a larger firewall to accommodate the extra traffic flowing.

FWaaS addresses these inhibitors by providing dedicated, corporate-controlled security services located close to the end-users and the data they seek to access. Shorter paths mean lower latency and better response times. Corporate security is enhanced with a firewall to user access and lets the data centre firewall focus on its original function of protecting the corporate data centre.

T teams can now build customised cloud-friendly security models protected by enterprise-grade firewalls as a vital part of a cloud strategy.

The Benefits

FWaaS is the answer for companies looking for enterprise-level network security solutions but is still in the early stages of deployment. In September 2019, Gartner estimated that less than 5% of distributed companies deploying cloud-firewalls took advantage of FWaaS. However, as the benefits become more widely known, the number will likely quadruple to 20% by 2024(1).

Here are some of the reasons an increasing number of companies are leaning towards FWaaS:

Simpler architecture – FWaaS manages corporate user traffic by leaving the current data centre based physical firewall to handle only data centre related traffic, thus simplifying the firewalls’ configurations by dedicating them to specific tasks.

Scalability – FWaaS scales “on-demand” compared to the physical firewall, requiring life cycle management and capacity planning. When additional throughput is needed, it can be enabled within hours or days at incremental pricing with no disruption to service.

Unified Security Policy – FWaaS provides a single egress point for all staff, whereby enforcing a standard policy without addressing the potential multiple egress points that may exist today.

Easy to install and manage – Companies can easily integrate FWaaS into their existing IT infrastructure – no complex implementation.

Easier maintenance – FWaaS firewalls are always current, so there are no risks of late or missed software updates. IT staff have more time to plan the infrastructure’s future needs rather than on routine maintenance.

Complete network visibility – Together, FWaaS and SD-WAN can implement a single logical managed platform. Companies have full visibility and control over their user internet and WAN traffic from one centralised location. In turn, companies can get consistent delivery of critical security information (e.g., data breach).

Cost-effective: Business units can configure and manage FWaaS remotely. Thus, eliminating the need to purchase, license, install, maintain, and update hardware and software. Simply put, FWaaS is ideal for businesses of all sizes as it can reduce costs significantly while maintaining the safety of all their data.

Challenges of FWaaS

The following are challenges (not disadvantages!) companies may face when they adopt FWaaS :

  • Resistance to Adoption: Enterprise businesses may be hesitant to move a critical function like security into the cloud. They may be willing to forego all the cost savings and operational conveniences of FWaaS and continue to stay with legacy firewall appliances.
  • Concerns about Network Latency: As mentioned above, integrating SD-WAN and other cloud services with FWaaS makes it a more attractive solution for enterprises. While doing this, FWaaS providers need to guarantee a network latency comparable to or better than that of legacy firewalls.
  • Data Centre Traffic: Corporate servers in data centres have different access requirements linking inbound connections. FWaaS are maturing in this space, but it’s not there yet. Currently, the data centre still needs its own firewall/internet service. We expect this limitation to reduce over time. Telstra has released their Secure Edge product, which addresses these constraints.

FWaaS & SD-WAN

FWaaS provides several benefits as a standalone solution; however, when it converges with other technologies such as Software-Defined Wide Area Networking (SD-WAN), companies can restructure their network and route it directly to its destination without sacrificing security and visibility. FWaaS and SD-WAN can significantly enhance performance and serviceability and reduce the dependency on the corporate WAN. Together, FWaaS and SD-WAN are essential components of the emerging cloud-based networking architecture known as Secure Access Service Edge (SASE).

FWaaS & SASE 

When aligning to the SASE framework, FWaaS connects with other cloud-based security components to develop an architecture that provides inline protection and access control at the network edge. SASE is becoming the framework for securing organisations. SD-WAN’s capabilities address connectivity constraints, restricting heavy end-user access by creating a reliable firewall connection for office, branch, remote and mobile locations.

Together with FWaaS and SD-WAN, the SASE framework incorporates Cloud Access Security Brokers (CASE), Secure Web Gateways (SWG), and Zero Trust Network Access (ZTNA) to defend the network from potential threats.

Making the Switch to Firewall as a Service (FWaaS)

Is your organisation ready to adopt FWaaS? The answer is ultimately dependant on where your company’s network strategy is going. An SD-WAN strategy aligns with cloud-based FWaaS. SD-WAN with FWaaS will reduce the load and complexity on the centralised corporate firewall whilst providing a better end-user experience to corporate users due to better egress pathing.

Companies with a complex firewall deployment will still need to maintain an on-premises firewall; however, Telstra’s Secure Edge FWaaS is a new option that places the firewall on the edge of your existing MPLS network. This solution provides a Next-Gen Firewall which protects both corporate users and the systems in the data centre.

FWaaS, either cloud-based or Telstra’s network-based solution, should be considered when you review your network or firewall strategy.

Oreta partners with vendors to offer customers cloud-based FWaaS solutions that have Next-Gen functionality. Our strategic partners include Palo Alto Networks, Checkpoint and Cisco. With our advisory, delivery and managed service capabilities, we can ensure that our customers benefit from a SASE or FWaaS solutions. Contact us today for a non-obligatory conversation about your company’s security requirements.

Resources

  1. Top 4 firewall-as-a-service security features and benefits (techtarget.com)
Contact Us
Roundtable – Secure SD-WAN; foundation for your digital strategy

Roundtable – Secure SD-WAN; foundation for your digital strategy

by | Mar 30, 2021 | News

Secure Access Service Edge (SASE), pronounced “sassy” supports secure branch office and remote worker access. SASE’s cloud-delivered set of services, including Zero Trust Network Access (ZTNA) and Software-Defined WAN (SD-WAN) is driving rapid adoption. Gartner predicts that by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at the end of 2018. More and more companies are evaluating their network connectivity in the new world, post-pandemic, and the importance of encompassing secure network technologies as part of their digital strategy. Recently Oreta, together with VMware, hosted a dynamic technology roundtable discussion that mainly focused on the future of SD-WAN and Secure Access Service Edge (SASE). Moderated by Oreta ’s MD, Sachin Verma, several insights and tips were shared during the conversation, including; Key Insights
  • SD-WAN is not a question of if, but when. SD-WAN is hardwired; driven more by a cloud strategy than a network strategy.
  • SD-WAN overcomes the challenge faced with less than agile Telcos assisting with speed to market.
  • SASE (Secure Access Service Edge) is not a bolt-on. It has to be part of your network strategy when deploying SD-WAN.  It provides greater convenience, however, with convenience comes a price.
  • A company’s security posture depends on what network platform a business uses. More companies are moving towards a user-based security architecture.
Key Takeaway
  • COVID was an eye-opener to many companies regarding the influence technology has on business outcomes. IT needs to take decision-makers (e.g. IT procurement and finance) on the journey from awareness, education, and adoption, and bridge the knowledge gap that exists within some organisations.
Moving Forward – Customer and Partner Expectations The conversation extended its focus to the importance of developing a healthy working relationship between a customer and their technology partner when resolving connectivity issues and upgrading from a legacy WAN to secure SD-WAN. There are three fundamental components customers look for when appointing a technology partner. They include;
  • Technology partners must have a proactive outcome-based approach to advising/guiding customers on emerging technologies and trends. Don’t just promote the next ‘shiny’ offer,
  • Technology partners should have a genuine willingness to solve a problem – no matter what the issues may be,
  • Customers want to purchase an outcome and not be tied down with issues, so that they can concentrate on more strategic aspects of the business.
There are three fundamental components a technology partner looks for when working with a customer, including;
  • Customers want to have trust in the value of the advice and service provided,
  • Customers want to adopt a collaborative approach with their chosen technology partner, and work together to develop a successful outcome,
  • Customers want their technology partner to be readily available to work with them to resolve issues as and when they arise.
Contact Us