For the
improvement of the WAN security
architecture, AR3200 IT professionals
who have sustained pressure. They need to support and enhance the efficiency of the staff, at the same time,against the increasingly complex threats, but also did not significantly increase the cost.
Why do you need
to change the WAN security
architecture?
There are
some trends forcing enterprises to timely adjust fully to the
WAN securityarchitecture. The
first is to change the staff position and behavior. Branch office employeesless, and with
the advent of new collaboration
tools and mobile applications, employees can more easily remote office. In addition, there are about 70% enterprises use BYODprocurement model
in different extent, forcing the security personnel to the protection andmanagement of enterprise
data point of view to consider security issues, and not from the point of equipment.
Secondly, more and more enterprises use cloud computing solutions, there are about 1/4 to1/3 of the enterprise service is in
the use of infrastructure (IaaS) or platform
as a service(PaaS) cloud
solutions. This enables network traffic from internal circulation (from the user to the enterprise data center) into the
external transmission (from the
user to the cloud).Therefore, many enterprises are using a direct network branch network to replace its return branch network architecture.
The result? IT professionals need to consider other ways to provide WAN based
on commonsecurity policy.
A potential alternative method is combined with WAN optimization and branches
of the security. This requires
enterprises to re-examine the
traditional method of Internet connectedto the branch site. The conventional method to combine MPLS services or return
branch(make sure the site to site connected security) and WAN
optimization controller for each
branch. At the same time, safe to
handle in the data center by the enterprise gateway, the gateway has a firewall, network intrusion prevention, anti-virus and anti
spam (AV/AS), VPN,content filtering and data leak prevention (DLP) and other functions.
The
advantage of this method is that, it
to all site provides security agreement, and IT still firmly in control of policy change. However, the shortcoming is: cost. Safety equipment ITneed to pay for all the equipment and data center of branches (plus annual software maintenance costs), as well as the management and maintenance of these equipmentinternal operating costs (labor). Finally, enterprises also need to pay two times the Internet and cloud computing flow transmission and service cost: one is
through the WAN return, andthrough the Internet transmission flow.
The
solution method using direct networking start?. In this framework, the enterprise willfunction integration to a branch device -- combining
WAN optimization function and the
traditional security functions (above) and Unified
Threat Management (UTM). They through
the most direct way to route traffic to its final destination: Internet traffic to cloud computing,data center traffic through private WAN return. Blue Coat, Cisco, juniper, Riverbed vendorsprovide such equipment.
Choose two: optimization of WAN security service
But these methods still need to internal IT professional management of enterpriseequipment, and all the related headache. More long-term solutions will be WAN optimization
and security as a cloud service. Although many operators have a separate WAN optimizationas a service and security services, but they
have failed to provide a comprehensive solution.And, the operator still reluctant to allow customers to modify the configuration in the network,this means that when transferred to these services, IT professionals lost the
response speed and control a
certain degree of.
However, the integration of WAN secure cloud services are booming. Nemertes research forecasts, this cloud
services will be widely used in
the 36 months to 24
months. At the same time, IT professionals should consider WAN optimization
and Huawei NE40E security services usebranches to ensure its architecture can stand the test of time.
More information about switch and router, please view :http://jkemma990.wordpress.com/
没有评论:
发表评论