SD-WAN startup Versa software defines security

Adds DNS, secure Web gateway to VNF roster, boost performance of existing offerings

data security
Credit: Thinkstock

NFV and SD-WAN start-up Versa Networks unveiled new FlexVNF virtualized network functions (VNFs) for branch office security, and enhanced the performance of its other security VNFs.

The new FlexVNFs include software for DNS security and a secure Web gateway, both designed for secure direct Internet access from the branch. The enhanced FlexVNFs include a 40G per rack unit stateful firewall, a 20G per RU next-gen firewall, and 10G Unified Threat Management (UTM) per RU, all designed to exceed – even double – the performance of hardware-based products.

+MORE ON NETWORK WORLD: SDN tools increase WAN efficiency+

Versa’s new FlexVNF software-defined security products are targeted at large enterprises looking for easier and faster ways to secure branch offices requiring direct Internet access, and service providers looking to decrease time-to-revenue for new managed security services. They are based on an extensible software-driven architecture that offers service chaining, multitenancy and management from a single pane of glass.

This is in contrast to other software-based virtual security appliances that are loosely integrated in function and management, or siloed. Versa says information security will evolve to become software-defined, like SDNs, where management of security services is abstracted from individual appliances to a policy-based, network-wide scope.

The new security FlexVNFs, DNS security and a secure web gateway, are both key for enabling direct, secure Internet access from the branch, Versa says. DNS security protects against phishing, botnet access, and advanced persistent threats, and augments reputation systems with zero-day validation of domains.

Secure Web gateway performs SSL encryption/decryption and granular URL filtering, and integrates with other Versa security functions for layered user group policies, file filtering, IP filtering and DNS mapping.

Citing industry research, Versa says branch offices are increasingly becoming a targeted point of entry into corporate networks for hackers, with attack volume growing more than 500% over the last three years.

Deployment options for the Versa products include managed service offerings from service providers, including vCPE, managed SD-WAN and security; and enterprises can use them as the basis for private SD-WANs with security. Versa proposes not only virtualizing security for the branch but software-defining it through NFV, so that many security functions can be layered on elastically and managed centrally.

In SD-WAN, Versa competes with a number of software-defined WAN start-ups and established players: Glue Networks, Viptela, Cloudgenix, Cradlepoint, Talari, Nuage Networks, Silver Peak, VeloCloud, and even Cisco with its Intelligent WAN (IWAN) product line comprised of ISR branch routers and ASR edge routers. In branch security, Versa competes with pure security vendors like Palo Alto Networks, Fortinet and Check Point, as well as established vendors with broader product lines, like Cisco and Juniper Networks.

Versa is co-founded by Kumar and Apurva Mehta, brothers and ex-Juniper Networks engineers who helped build one of that company’s most successful products, the MX edge router. Versa has over $40 million in funding since 2012 from Sequoia, Mayfield and Verizon Ventures, and is addressing a total available market worth over $40 billion.

This story, "SD-WAN startup Versa software defines security" was originally published by Network World.

Download the CIO October 2016 Digital Magazine
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies