Gone are the days of backhauling traffic to a few enforcement points and relying on costly MPLS WANs, needing to maintain costly and capacity-limited physical appliances, or relying on the unpredictable performance of public clouds for security. With Netskope’s approach, customers avoid getting locked into one vendor’s architecture, but have the choice to make best-of-breed, independent security and networking decisions without trade-offs.
Netskope works with any SD-WAN using standard GRE or IPSec tunnels to steer traffic to the nearest Netskope data center. With data centers strategically positioned globally, the Netskope security private cloud called NewEdge is where the Netskope Security Cloud services reside. This approach supports SD-WAN devices at the branch, as well as gateways or concentrators deployed in the cloud or enterprise data center.
To address remote workers, Netskope Client leverages the same policies when users are on-premise to extend security beyond the WAN. When remote workers return to the office, Netskope Client detects SD-WAN tunnels to Netskope and automatically disables. If Netskope Client is deployed, but no tunnels are established, traffic steering to Netskope will continue as normal with no impact on the network.
Critical for large-scale SD-WAN deployments, automation accelerates the deployment of Netskope services across hundreds or even thousands of different locations to address HQ, branch and remote users. Scaling is achieved simply by adding more tunnels to handle more users and greater traffic volumes, plus intelligence built into NewEdge ensures services always remain responsive and available.
Regardless of whether users are working remote or their traffic is managed by the SD-WAN, NewEdge optimizes the user on-ramps plus its extensive peering with CDN, cloud and SaaS providers delivers the best roundtrip times for web, cloud and application access. Typically measured as low, single-digit millisecond latency, this results in a vastly improved application experience.
The Netskope approach allows best-of-breed security to be implemented without performance trade-offs or having to re-architect the network. Many customers realize opportunities for infrastructure savings and simplification, for example by eliminating expensive private connections and leveraging the direct peering – for example with Microsoft for Office 365 – available in every NewEdge data center in the world.
By Netskope partnering closely with SD-WAN leaders, enterprises are better positioned to embrace digital transformation to make their networks more efficient and agile, while providing the safest and best application experience for users.
As the network perimeter dissolves, the shift to a SASE (Secure Access Service Edge) architecture accelerates. What does the convergence of network and security services mean for your security strategy — and how does it impact your existing security infrastructure as well as your vendor selection process? Read our Adoption Guide for insights and advice about protecting your organization and becoming SASE-ready.詳しく見る