RFQ
Sign In

Network Security

Maximizing Security in SD-WAN Deployments: A Deep Dive into Riverbed's SteelConnect EX

By Riverbed / 2023-12-14 / Topics : SD-WAN , Network Security , Riverbed SteelConnect EX

Exploring Advanced Security Features for a Seamless SD-WAN Experience

When architects and IT professionals embark on the journey of SD-WAN deployment, thoughts often revolve around connectivity, protocols, and traffic steering. However, one crucial aspect that sometimes gets overlooked is the security of the SD-WAN infrastructure. In this blog, we delve into the security considerations of SD-WAN, focusing on the robust features offered by Riverbed's SteelConnect EX solution.

Does SD-WAN Deployment Require Backhaul?
Traditionally, in network deployments with MPLS branches, all traffic is backhauled to the data center and routed through high-end firewalls. However, with the advent of SD-WAN, the landscape is changing. The plan to replace WAN-edge routers with Riverbed's SteelConnect EX SDWAN solution introduces the potential for multiple lower-cost Internet circuits, application identification, and path-quality-path selection. But are all security bases covered?

Direct-to-Net and Latency Considerations
With Internet circuits deployed at each branch, SD-WAN provides the flexibility to send select traffic directly to the Internet, reducing latency. Notably, traffic bound for services like Microsoft Office 365, Salesforce, or Workday can benefit from this approach.

SteelConnect EX SD-WAN Security Capabilities
Riverbed's SteelConnect EX goes beyond traditional SD-WAN solutions, offering a licensed-based security feature set with three levels: Secure SD-WAN Essentials, Secure SD-WAN Standard, and Secure SD-WAN Advanced.

1. Stateful Firewall:

  • Provides full visibility of traffic.
  • Enforces fine-grained access control.
  • Tracks the state of traffic, granting or rejecting access based on port, protocol, and state table history.
2. Next-generation Firewall (NGFW):

  • Distinguishes different types of traffic beyond traditional methods.
  • Includes application firewall, intrusion prevention system (IPS), TLS/SSL encrypted traffic inspection, website filtering, and QoS/bandwidth management.
3. Unified Threat Management (UTM):

  • Requires NGFW and includes features such as antivirus and vulnerability (IDS/IPS) protection.
  • Features a built-in antivirus engine with configurable threat profiles.
Implementing Advanced Security Features
Implementing these features involves thoughtful configuration, especially when considering performance impacts. Each feature, from the stateful firewall to the UTM capabilities, can be selectively enabled based on the specific needs of the network.

Final Thoughts on SD-WAN Security
Understanding the three levels of security capabilities in Riverbed's SteelConnect EX empowers decision-makers to tailor their SD-WAN strategy. While backhauling all Internet-bound traffic may not necessitate advanced security features, enhancing the user experience by sending specific traffic "direct-to-net" demands a discussion on the degree of implementation.

Beyond Security: Considering Performance
While SteelConnect EX offers a commendable level of protection for branch traffic, optimizing performance is equally crucial. Regional disparities in services, especially for Microsoft and other SaaS offerings, might impact user experience. Here, the integration of Riverbed's SaaS Accelerator service with SteelConnect EX becomes paramount, ensuring the highest level of WAN connectivity, branch security, and end-user performance.

In conclusion, a well-thought-out approach to SD-WAN security, coupled with performance optimization measures, sets the stage for a seamless and secure networking experience. Riverbed's SteelConnect EX emerges as a comprehensive solution, providing the necessary tools to tailor security measures according to specific organizational needs.

Releted Industry

Financial Corporate Public Sector

Releted Categories

Software & Licenses

Releted Brand

riverbed

Releted Solution

Monitoring Solutions Machine Monitoring solution

TAGS

#SD-WAN #Network Security #Riverbed SteelConnect EX

Privacy Preference Center

Your privacy

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. You can get more information by going to our Privacy Policy or Statement in the footer of the website.

Strictly necessary cookies
Always active

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Cookies details
Performance cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. Most of these cookies collect and process aggregated (anonymized) information without identifying individuals. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Cookies details
Functional cookies

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

Cookies details
Targeting cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Cookies details
Cookie List
  • Name
    trwv.vc
  • Host
    ngenit.com
  • Duration
    A few seconds
  • Type
    First Party
  • Category
    Targeting cookies
  • Name
    trwv.vc
  • Host
    ngenit.com
  • Duration
    A few seconds
  • Type
    First Party
  • Category
    Targeting cookies
  • Description
    Marketo - These cookies store the total number of visits each visitor has to the Site, track email recipient behavior to measure campaign effectiveness and personalize Site content based on information known about the visitor.
  • Name
    trwv.vc
  • Host
    ngenit.com
  • Duration
    A few seconds
  • Type
    First Party
  • Category
    Targeting cookies
  • Name
    trwv.vc
  • Host
    ngenit.com
  • Duration
    A few seconds
  • Type
    First Party
  • Category
    Targeting cookies
  • Description
    Marketo - These cookies store the total number of visits each visitor has to the Site, track email recipient behavior to measure campaign effectiveness and personalize Site content based on information known about the visitor.

  • Name
    trwv.vc
  • Host
    ngenit.com
  • Duration
    A few seconds
  • Type
    First Party
  • Category
    Targeting cookies
  • Name
    trwv.vc
  • Host
    ngenit.com
  • Duration
    A few seconds
  • Type
    First Party
  • Category
    Targeting cookies
  • Description
    Marketo - These cookies store the total number of visits each visitor has to the Site, track email recipient behavior to measure campaign effectiveness and personalize Site content based on information known about the visitor.
  • Name
    trwv.vc
  • Host
    ngenit.com
  • Duration
    A few seconds
  • Type
    First Party
  • Category
    Targeting cookies
  • Name
    trwv.vc
  • Host
    ngenit.com
  • Duration
    A few seconds
  • Type
    First Party
  • Category
    Targeting cookies
  • Description
    Marketo - These cookies store the total number of visits each visitor has to the Site, track email recipient behavior to measure campaign effectiveness and personalize Site content based on information known about the visitor.

Powered byOneTrust