Versa Networks SD-WAN Test
I initiated the Versa demo process by activating Versa appliances through the Titan Portal, completed using Bluetooth, WiFi, and GZTP. The Versa portal is a cloud-based management interface, which is used to deploy and monitor SD-WAN network devices.
Below: Versa management interface with easy to configure topology and routing.
The capability is designed to offer enterprise-grade WiFi setup and comprehensive internet and SD-WAN VPN connectivity application support with SASE security. The Titan Portal's centralised dashboard is where configurations are deployed and stats are retireved, including real-time and historical analysis of network and security policies for bandwidth allocation and threat management.
I tested advanced dynamic congestion management capabilities by using the adaptive shaping feature to dynamically adjust traffic flow during network congestion scenarios. Once configured, Versa signalled to the demo downstream SD-WAN endpoints to optimally throttle traffic flow.
In our Versa SD-WAN demo deployment, the hub device polled WAN link utilisation and automatically notified participating branches to shape the egress traffic, which prevented congestion across the hub's WAN links.
In addition to network management capabilities, I enabled and verified the IPS/IDS operations using the Versa recommended profile on VOS™ CPEs. The process was a little complicated in as much as I needed to understand Versa key terminologies, these included True Positives, True Negatives, False Positives, and False Negatives for interpreting IPS/IDS alerts.
The configuration steps included defining rules in the Next Gen Firewall section and selecting the Versa Recommended Profile for vulnerability management. Verification of IPS/IDS logs was conducted in the Analytics Logs section, providing insights into the effectiveness of the deployed security measures.
Below: VMware make it easy to create SD-WAN templates and configure services, including NGFW as shown within the image.
Versa is very strong across SASE security features which is demonstrated by their implementation of sophisticated user-based URL filtering with Captive Portal Authentication in VOS. I applied different URL Filtering rules based on user/group assignments within our demo network, this included granting access to specific categories from Governmental and Medical to Financial sites without authentication and logging, while applying more restrictive measures. I also blocked Gambling URLs for all users and allowed SD-WAN traffic to the corporate DC untouched location. The configuration involved setting up Security Packages for auto-update, configuring Cloud URL Lookup Profiles, SSL Decryption policies, and Authentication policies using a Local Database.
The URL Filtering profile creation was a critical step to setup different URL categories and reputations, including blocking specific domains, and allowing or denying URLs based on their classification. The Firewall policy configuration was adjusted to align with these URL filtering rules.
The Netify test demonstrated Versa's advanced capabilities in managing SD-WAN, network security, threat prevention and user-based access management with granular control over web traffic.