Ensuring a Consistent Security Perimeter with CloudGenix AppFabric

Similar documents
Deliver Office 365 Without Compromise

Deliver Office 365 Without Compromise Ensure successful deployment and ongoing manageability of Office 365 and other SaaS apps

Introducing CloudGenix Clarity

Why SD-WAN Alone is Not Enough

Benefits of a SD-WAN Development Ecosystem

90 % of WAN decision makers cite their

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

Deploying Cisco SD-WAN on AWS

Transform your network and your customer experience. Introducing SD-WAN Concierge

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Secure Extensible Network. Solution and Technology Introduction

Live Demo: Top Deployed SD-WAN Use Cases

Transform your network and your customer experience. Introducing SD-WAN Concierge

Dynamic WAN Selection

Integrating Riverbed SD-WAN with Palo Alto Networks GlobalProtect Cloud Service

WHITE PAPER. Applying Software-Defined Security to the Branch Office

SD-WAN 101. November 3 rd 2016 Rob McBride Marketing

C O M P E T E A T Y O U R P E A K

Simplifying WAN Architecture

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

The Need In today s fast-paced world, the growing demand to support a variety of applications across the data center and help ensure the compliance an

Introducing Avaya SDN Fx with FatPipe Networks Next Generation SD-WAN

MASERGY S MANAGED SD-WAN

Simple and Secure Micro-Segmentation for Internet of Things (IoT)

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

EdgeConnectSP The Premier SD-WAN Solution

PROTECT WORKLOADS IN THE HYBRID CLOUD

Benefits of SD-WAN to the Distributed Enterprise

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Cisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

Simplifying the Branch Network

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Cisco Wide Area Application Services and Cisco Nexus Family Switches: Enable the Intelligent Data Center

SYMANTEC DATA CENTER SECURITY

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

The Top 10 Reasons to Replace Your Branch Router with SD-WAN. An ebook presented by Silver Peak Systems

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Simple and secure PCI DSS compliance

SD-WAN. Bringing Scale, Agility and Robustness to Enterprise Networks

Pulse Secure Application Delivery

Making Enterprise Branches Agile and Efficient with Software-defined WAN (SD-WAN)

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

SD-WAN Solution How to Make the Best Choice for Your Business

Mitigating Branch Office Risks with SD-WAN

Delivering the Wireless Software-Defined Branch

Cato Networks. Network Security as a Service

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

Not all SD-WANs are Created Equal

Enterprise WAN Agility.

Automating the Top 20 CIS Critical Security Controls

SD-WAN. Enabling the Enterprise to Overcome Barriers to Digital Transformation. An IDC InfoBrief Sponsored by Comcast

SD-WAN. The CIO s guide to. Why it s time for a new kind of network

Unity EdgeConnect SD-WAN Solution

Seamless Cloud Connectivity. for your business

Next-Generation HCI: Fine- Tuned for New Ways of Working

Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics

MICRO-SEGMENTATION FOR CLOUD-SCALE SECURITY TECHNICAL WHITE PAPER

Simplify PCI Compliance

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Evolution of connectivity in the era of cloud

Overcoming Business Challenges in WAN infrastructure

Next generation branch with SD-WAN and NFV

Corente Cloud Services Exchange

Enterprise Guest Access

Intelligent WAN: Leveraging the Internet Secure WAN Transport and Internet Access

Why the Cloud is the Network

SD-WAN Transform Your Agency

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.

SoftLayer Security and Compliance:

Watson Developer Cloud Security Overview

Complying with PCI DSS 3.0

Optimizing your network for the cloud-first world

Our Virtual Intelligent Network Overlay (VINO) solutions bring next-generation performance and efficiency to business networks throughout North

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

CipherCloud CASB+ Connector for ServiceNow

Service Automation Made Easy

VMware vcloud Networking and Security Overview

Policy-Based Security, Compliance, and Risk Management

Not all SD-WANs are Created Equal: Performance Matters

AKAMAI CLOUD SECURITY SOLUTIONS

The Business Case for Network Segmentation

VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Business Strategy Theatre

Unity EdgeConnect SP SD-WAN Solution

CASE STUDY INSIGHTS: MICRO-SEGMENTATION TRANSFORMS SECURITY. How Organizations Around the World Are Protecting Critical Data

SILVER PEAK EDGECONNECT SD-WAN SOLUTION OVERVIEW FOR SERVICE PROVIDERS

IPsec VPN. Quick Guide 3/19/ EarthLink. Trademarks are property of their respective owners. All rights reserved.

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

Reaping the Full Benefits of a Hybrid Network

Trends and challenges Managing the performance of a large-scale network was challenging enough when the infrastructure was fairly static. Now, with Ci

NETWORK AND SD-VPN. Meshing legacy and Cloud Service Providers

Accelerate Your Enterprise Private Cloud Initiative

MODERNIZE YOUR DATA CENTER. With Cisco Nexus Switches

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN

Nuage Networks Product Architecture. White Paper

Versa Software-Defined Solutions for Service Providers

Transcription:

USE CASE BRIEF Ensuring a Consistent Security Perimeter with CloudGenix AppFabric CloudGenix AppFabric ensures a consistent security perimeter for every site in the enterprise in the midst of constantly changing WAN boundaries and evolving threats Business Challenges Today s businesses face intense ongoing scrutiny in the form of continuallyincreasing compliance requirements, an ever-changing enterprise WAN perimeter, and the continual need to innovate and be agile without compromising security posture. Compliance regulations including the Payment Card Industry Data Security Standard (PCI-DSS) and Healthcare Information Portability and Accountability Act (HIPAA) place tremendous burden on businesses in terms of how data is processed, managed, transmitted, accessed, and stored. Traditional security architectures are rigid and do not provide businesses with the agility and flexibility needed to adapt to modern demands for improved customer experience. These legacy architectures typically either demand that all enterprise traffic be backhauled from remote sites to a common pool of security resources in the data center, or, devices be deployed in each location, which becomes costly and unruly to manage. This presents significant challenges for business that want to embrace the cloud or take advantage of the increased capacity and reduced cost provided by broadband Internet. FIGURE 1: BUSINESSES FACE INCREASING REGULATORY COMPLIANCE INCLUDING PCI-DSS, HIPAA, SOX, AND OTHERS.

CLOUDGENIX USE CASE BRIEF SECURITY 2 Introducing CloudGenix AppFabric CloudGenix AppFabric is a Software-defined WAN (SD-WAN) solution that allows businesses to overlay a secure application-centric fabric of connectivity amongst all of their sites and the cloud. AppFabric allows business policies to be defined for performance, security, and compliance, specifying in business language which applications are important for each site, how they should be prioritized, and which WAN links can be used for each application. This provides you with explicit control over how your WAN is utilized and specific links, enables confident integration of the cloud, and allows for deployment of broadband Internet seamlessly at each remote office for increased capacity and lower costs. Branch Office CloudGenix Controller Software LTE INTERNET MPLS PCI/HIPAA/SOX Public Cloud/SaaS Recreational Internet Data Center FIGURE 2: CLOUDGENIX APPFABRIC ENABLES SECURE APP-CENTRIC CONNECTIVITY AMONGST SITES AND THE CLOUD, ENABLING CONTROLS FOR PERFORMANCE, SECURITY, AND COMPLIANCE. Designed for Stringent Security Requirements The security of a system is only as good as the security of its components. CloudGenix AppFabric and ION devices were designed from the ground up to meet the stringent security requirements of today s largest enterprise businesses to provide a comprehensively secure WAN. CloudGenix AppFabric and ION devices have the following security features: Automatic VPN tunnel creation VPN tunnels are automatically created amongst sites where ION devices are deployed, encrypting traffic amongst AppFabric sites Secure VPN tunnels AES-256 encrypted tunnels are established using unique pertunnel keys, which are automatically rotated hourly Secure management communications ION devices communicate with the Cloud- Genix Controller using secure TLS 1.2 connections Hardened Internet connectivity inbound traffic automatically blocked unless explicitly allowed via the built-in application-aware zone-based firewall Secure device access no administrative read/write access is provided to the device shell, and default passwords are never used Compliant logging no application data is logged on the device or controller; only metadata, health, and performance metrics, along with firewall and audit logs Isolated network segments create separate logical networks fully separated from others using network contexts to isolate sensitive traffic

CLOUDGENIX USE CASE BRIEF SECURITY 3 Protecting the Branch Internet Boundary The first layer of defense for today s evolving WAN architecture, involving a combination of private MPLS links and broadband Internet, is to ensure that direct Internet connections in the remote office are protected. CloudGenix ION hardware and virtual appliances include an application-aware, stateful, zonebased firewall to provide protection for the Internet connection in the remote office. With ION, application-aware policies are defined that specify what is allowed into and out of the remote location, giving you explicitly control. Additionally, AppFabric is centrally managed through the cloud-delivered Cloud- Genix Portal, meaning not only are policies managed and distributed from a central service, but businesses are not required to deploy additional hardware, software, and storage to support the management and monitoring infrastructure for their AppFabric. Private Public INTERNET CloudGenix ION MPLS FIGURE 3: APPLICATION-AWARE ZONE BASED FIREWALL PROTECTS THE INTERNET BOUNDARY FOR REMOTE OFFICES. Ensuring a Consistent Security Perimeter In additional to protecting the Internet connection in the branch, businesses today must ensure a consistent set of security technologies are applied for each location, especially in the face of ever-evolving WAN boundaries and increasing regulatory burdens. Traditionally, application traffic was backhauled from remote offices to a data center where a comprehensive set of perimeter technologies was deployed, however, this approach no longer works in a cloud-first world where bandwidth and performance requirements are intolerant of latency or constrained capacity. To solve this issue, businesses can take advantage of cloud access security broker (CASB) solutions, which are security and threat prevention technologies deployed in the cloud. By forwarding traffic through a CASB solution, traffic from each location can be inspected and protected, which helps protect the organization and better ensure compliance. With AppFabric,

CLOUDGENIX USE CASE BRIEF SECURITY 4 policies can be defined per application to use CASB solutions as an intermediary transit network. With application-defined policies for performance, security, and compliance, businesses can specify which applications are forwarded through CASB, which WAN links are allowed for use by the given application, and the performance characteristics that are required. FIGURE 4: APPFABRIC INTEGRATES WITH CASB TO ENSURE A CONSISTENT SECURITY AND THREAT PREVENTION PERIMETER FOR EACH LOCATION. Features CloudGenix AppFabric provides the following security features: APPLICATION- AWARE POLICIES Top-down policy definition for apps, sites, and WAN links, allowing you to define controls for performance, security, and compliance APPLICATION- AWARE ZONE-BASED FIREWALL Protect the branch Internet connection using the stateful app-aware ZBFW by specifying what is allowed into or out of the site INTEGRATION WITH CLOUD ACCESS SECURITY BROKERS (CASB) Simple integration with Zscaler, Palo Alto Networks Global Protect, Symantec Web Security Services, and others NETWORK CONTEXTS Force specific applications to use specific isolated networks to reduce compliance burden MASSIVE SCALABILITY AppFabric scales easily to tens of thousands of VPN tunnels, leading to overall better stability of the secure network

CLOUDGENIX USE CASE BRIEF SECURITY 5 Benefits CloudGenix AppFabric provides the following security benefits: POLICIES ALIGNED WITH BUSINESS INTENT Top-down policies for performance, security, and compliance help simplify management END-TO-END SECURE APPLICATION FABRIC Comprehensive, secure connectivity amongst sites to protect sensitive data CONSISTENT SECURITY PERIMETER Coupled with CASB, ensures each site has a consistent set of security and threat prevention techniques applied to protect your business IMPROVED COMPLIANCE POSTURE Protect data in motion and control network access to meet the detailed requirements of regulation including PCI and HIPAA REDUCE COMPLIANCE SCOPE Define network contexts and isolate applications that are relevant to compliance to reduce audit and verification burden SEE FOR YOURSELF SEE CLOUDGENIX IN ACTION FOR YOURSELF! VISIT WWW.CLOUDGENIX.COM/TRIAL TO REGISTER FOR A NO-RISK FREE TRIAL TODAY. ABOUT CLOUDGENIX CloudGenix provides a software-defined WAN solution with AppFabric technology that enables you to build a global WAN based on business policies for application performance, compliance, and security, across all sites and users. Unlike router-based solutions, CloudGenix AppFabric allows you to define top-down global policies based on business intent rather than fragmented bottoms-up configuration changes based on technical implementation. With CloudGenix, you can easily integrate heterogeneous WAN connections for any site, take advantage of cloud and SaaS applications, improve visibility for app performance and SLAs, and dramatically simplify network operations. 2665 North First St., #110 San Jose, CA 95134 1.844.800.CGNX info@cloudgenix.com 2018 Cloudgenix inc. All rights reserved.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback