Announcing general availability of GRE tunneling
In a previous blog post we discussed the variety of deployment options available for customers to secure their environment using Forcepoint Web Security Cloud. Just this month Forcepoint released another option: GRE connectivity to worldwide general availability.
Now, Forcepoint offers two different tunneling mechanisms (GRE and IPSec) to provide customers with a choice on how to transparently redirect web traffic to the Forcepoint Cloud.
Tunneling protects the office infrastructure without requiring endpoint software installation or any new hardware or virtual appliances. Instead, existing networking equipment at the customer’s edge, such as a router or a firewall, is configured to wrap outbound traffic in either a GRE protocol or an IPSec tunnel to the Forcepoint Cloud where web-based threats are stopped.
Both GRE and IPSec have their pros and cons. The following table is a good comparison of the two options:
While tunneling can be used for sending any type of web traffic to the Forcepoint cloud, we see customers choosing GRE and IPSec for the following use cases in particular:
- Remote office connectivity, where ease of setup is important
- Guest WiFi and unmanaged devices, where endpoint installation is not an option
- Policy and reporting based on internal IP addresses, as the tunneling permits the customer’s private IP address space to be seen by the Forcepoint Cloud proxy
Ultimately each security professional must make the choice that best fits their organization’s unique needs. The good news is that Forcepoint has added to its large list of available options to support those needs.
For more information on Forcepoint Web Security product, we invite you to view our brochure.