How Coeo’s SD-WAN security add-ons can help secure your network
October 12th, 2022 | 4 min. read
By Jordan Pioth
If you don’t know about the SD-WAN add-ons that Coeo offers, your SD-WAN may not be as secure as you want it to be. Coeo has several SD-WAN add-ons that can improve the security and quality of the basic SD-WAN solution.
The SD-WAN standard package as it is has basic security functions. On its own, the SD-WAN product is secure but the add-on features provide far more tools that customers use to improve their security posture.
Coeo has sold thousands of different SD-WAN solutions to customers and knows how important it is to have a strong and secure solution.
We know how frustrating it can be to be a victim of a cyber-attack and want to give you all of the information possible so you can make the best decision possible to secure your network.
By the end of this article, you will know a little bit about what SD-WAN is, the SD-WAN platform that Coeo offers, and the add-ons that can be purchased to enhance the SD-WAN solution.
What is SD-WAN?
SD-WAN or Software Defined Wide-Area-Network, is an overlay network that is built on top of underlying network connections whether it be over fiber, LTE, or broadband.
The solution is carrier agnostic meaning it doesn’t matter who you get internet from and can be leveraged using any number of underlying internet providers.
SD-WAN is applied as a software network of SD-WAN appliances, connected by encrypted tunnels. Because these tunnels are encrypted, it ensures that data being sent across these tunnels is always secure.
SD-WAN appliances continuously monitor the availability and performance of each network service. This allows for data to be sent over the most reliable and fastest network service.
If you would like to learn more about SD-WAN you can check out the SD-WAN Buyer's Guide:
Coeo’s SD-WAN platform
Coeo uses Versa Networks’ SD-WAN platform to sell to customers. Versa has been recognized by Gartner as a leader in the magic quadrant, a report that Gartner puts out each year on the best WAN infrastructure.
Versa’s basic industry-leading standard SD-WAN offers multiple different features through its service. These features include:
Versa’s SD-WAN offers data packet steering allowing customers to prioritize data. Data that is more important than other data can be sent out first
Reduction of lost data
Versa uses Forward Error Correction or FEC services in its SD-WAN product as a way to reduce data loss. FEC is a data loss recovery technique that controls data transmission errors over unreliable communication routes.
Other than the features of the basic SD-WAN solution, some add-ons can be tacked on in addition to the basic solution. The add-ons that can be tacked onto the SD-WAN solution are Next-gen Firewall and Universal Threat Management (UTM).
This is a security service that may be purchased on top of the regular SD-WAN product. A next-gen firewall is a web filtering security service ensuring that employees aren’t going on websites they should not be.
The next-gen firewall is like a regular firewall but with extra features that are included for better security purposes. These features include IP reputation and filtering and URL reputation and filtering.
IP reputation and filtering
One of the major features that the next-gen firewall add-on provides to customers is the ability to use IP reputation and filtering. With the IP reputation and filtering feature, the firewall can restrict access to certain IP addresses based on their reputation.
If an IP address has been classified as a malicious source, it will be blocked and will not be able to contact your network. An IP address points to a device connected to the internet.
Your computer, phone, tablet, or anything else you have connected to the internet has an IP address attached to it. If any of these addresses have been marked as malicious, the next-gen firewall add-on will block any activity from the addresses.
URL reputation and filtering
Another major advantage of having the next-gen firewall add-on is having the URL reputation and filtering. This feature is very similar to the IP filtering feature, only instead of filtering IP addresses, it filters URLs.
A URL is an address to a website. Anything starting with the letters HTTP: is a URL.
You can filter a URL based on the reputation it has or you can filter any URLs that may affect the efficiency of work in the office. For example, if a URL is marked as spam it will be blocked.
In addition, if you want to block entertainment websites such as Youtube or Netflix to improve efficiency within the workplace, you can do that as well.
Nobody wants their employees to slack off in the office or download malicious software accidentally and using this URL filtering feature will help avoid these issues.
Universal Threat Management (UTM)
UTM is an add-on to the next-gen firewall. This extra add-on provides even more features that can be used to secure your network connection.
UTM includes all of the features that the next-gen firewall has and some additional features as well. Some of these additional features include Antivirus software and SSL decryption and proxy.
Antivirus software detects and helps remove threats such as software viruses and malware from your computer systems.
Antivirus is designed as a proactive approach to malicious sources and is used to remove malicious software from your device when they are detected on your computer.
UTM takes this traditional anti-virus software and puts it on the edge of the network locking down the network. This will allow the network to look at the data traffic in real-time and determine whether or not it is harmful to the network.
SSL decryption and proxy
SSL decryption and proxy is an advanced feature and a feature that most SD-WAN solutions do not include. With SSL decryption, you can filter encrypted traffic and check it for cyber-attacks.
Since most traffic is sent through encrypted tunnels, the data is concealed and converted the data into code to prevent unauthorized access. The firewall however cannot detect a virus, it will only see encrypted traffic.
SSL decryption decrypts the traffic to detect a virus and then re-encrypts the traffic. The traffic is then sent back to the server through the re-encrypted tunnel.
Next steps to buying SD-WAN
Now you know about SD-WAN, the SD-WAN platform that Coeo uses, as well as the add-ons Coeo offers to secure your SD-WAN more.
Nobody wants to be a victim of a cyber-attack and the more add-ons you have, the more secure your SD-WAN network will be.
Coeo has sold thousands of SD-WAN services and knows how important it is to secure your network. Giving you all of the information you need on the add-ons that we offer for our SD-WAN, will allow you to secure your network.
If you would like to speak with our team to learn more about SD-WAN or ask any questions you may have you can schedule an appointment.
Read these articles below to learn more about SD-WAN:
When he's not creating content for Coeo, Jordan loves to watch sports, hang out with friends and family, and anything sneaker-related.