Imagine if you could use the Internet as your private network, connecting offices and remote users around the world with nothing more than a few clicks, and still provide a network layer secured by the latest encryption standards with seamless routing between branches, people and cloud workloads.
Now imagine you could do all this by simply using your existing firewall appliances and a network service with no upfront costs and no termination fees, paying only for what you use. That’s the idea behind Forcepoint NGFW integration with Azure Virtual WAN.
Forcepoint NGFW and Azure Virtual WAN Integration Guide
Azure Virtual WAN
Azure Virtual WAN is a networking service that brings many networking, security, and routing functionalities together to provide a single operational interface. The Virtual WAN architecture is a hub and spoke architecture with scale and performance built in for branches (VPN/SD-WAN devices), users (Azure VPN/OpenVPN/IKEv2 clients), ExpressRoute circuits, and virtual networks. Azure regions serve as hubs that you can choose to connect to. All hubs are connected in full mesh in a Standard Virtual WAN making it easy for the user to use the Microsoft backbone for any-to-any (any spoke) connectivity.
Forcepoint NGFW connects and protects people and the data they use throughout the enterprise network – all with efficiency, availability, and security. It’s a product that combines the latest in software-defined wide area networking (SD-WAN) with the industry’s top-rated next generation firewall security, all managed at enterprise scale from a single policy-based console.Trusted by thousands of customers around the world, Forcepoint network security solutions enable businesses, government agencies and other organizations to address critical issues efficiently and economically.
What this integration enables for customers
Forcepoint developed a lightweight component that enables Forcepoint NGFW customers to deploy an SD-WAN layer by connecting their entire fleet of NGFW engines to Azure Virtual WAN locations, creating IPSEC tunnels from each appliance to specific Azure Virtual WAN locations automatically! Customers have full control of which engines will be included in the automation scope (e.g. excluding appliances used for network tests) and also full control on the set of security policies and encryption standards used in the IPSEC tunnels that will connect sites to Azure.
Here’s an overview of how the integration works:
Watch the video to see more about how the technical implementation works. It includes a live demo of how to configure and run the deployment tool, essentially creating the SD-WAN layer on-the-fly. On a related note, click the Read Now button on the right to download the Integration Guide.