Cisco SD-WAN software adds encrypted site-to-cloud connectivity; expands its ability to support multi-region fabric deployment, and improves security. Cisco has broadened the scope of Cisco SD-WAN software by growing its reach and security, and expanding its support for deploying multi-region WAN fabric. The idea behind the new features is to help manage the complexity and security of connecting to cloud resources from the edge of the network, said JP Shukla, director, product management, in Cisco’s Enterprise Cloud & SD-WAN group. “They want to connect these users as reliably and securely as these users would be in an office environment,” he said. To aid that design, Cisco has added the ability to encrypt SD-WAN traffic whether it’s going across a private backbone or public networks. Cisco has partnered with so-called middle-mile providers such as Megaport to support encrypted traffic as it crosses their networks as part of the SD-WAN overlay network. Until this point customers could encrypt traffic from the branch to the middle-mile providers, but not end-to-end, Shukla said. “We have added end-to-end encryption so that now customers going from their branch to cloud using these middle-mile solutions, all traffic will be encrypted,” he said. The SD-WAN software can now create multiple regions within the overlay networks, with inter-regional traffic managed by Cisco SD-WAN’s vManage service for controlling, configuring, and monitoring Cisco devices in the overlays. The idea is to easily expand network resources and to upgrade software and policies across a scaled environment from a central location, Shukla said. Cisco has also integrated vManage and its Identity Services Engine (ICE) that applies policies based on identity of users and devices, and enables configuring Zero Trust Network Access (ZTNA) policies based on usernames and user-group names, Shukla said. This feature supports fine-grained control of security policies, simplifies policy management, and improves operational efficiency by keeping policies consistent even when a device’s IP address changes, Shukula said. Until now ISE could be used with vManage, but it was a manual operation; now it is automatically enabled, Shukla said. Cisco has in recent years made it a priority to tie its SD-WAN software closer to key cloud players such as AWS, Google, and Microsoft. In this release the company added the ability to monitor and control application traffic generated from attached Microsoft 365 clouds. Now vAnalytics can monitor the performance of these cloud-attached resources. “What we do is we get information from our SD-WAN routers in terms of circuit capacity, bandwidth, latency, jitter and other information from Microsoft 365,” Shukla said. “And we take this information, and we correlate it with our vAnalytics dashboard, so customers can see their application experience and automatically forward traffic over one link or another based on performance needs.” New SD-WAN gateway hardware The company also added a new Cisco Catalyst Wireless Gateway aimed at remote branch or home/hybrid workers. The gateway features Wi-Fi 6 support and LTE failover and can be managed via the Cisco SD-WAN dashboard. “The idea for this platform is that the end user could have it in their home office or use it wherever they are traveling. They can plug in, and get connected to the SD-WAN fabric, and be subject to the same policies and security of the enterprise SD-WAN,” Shukla said. Related content how-to Compressing files using the zip command on Linux The zip command lets you compress files to preserve them or back them up, and you can require a password to extract the contents of a zip file. By Sandra Henry-Stocker May 13, 2024 4 mins Linux news High-bandwidth memory nearly sold out until 2026 While it might be tempting to blame Nvidia for the shortage of HBM, it’s not alone in driving high-performance computing and demand for the memory HPC requires. By Andy Patrizio May 13, 2024 3 mins CPUs and Processors High-Performance Computing Data Center opinion NSA, FBI warn of email spoofing threat Email spoofing is acknowledged by experts as a very credible threat. By Sandra Henry-Stocker May 13, 2024 3 mins Linux how-to Download our SASE and SSE enterprise buyer’s guide From the editors of Network World, this enterprise buyer’s guide helps network and security IT staff understand what Secure Access Service Edge (SASE) and Secure Service Edge) SSE can do for their organizations and how to choose the right solut By Neal Weinberg May 13, 2024 1 min SASE Remote Access Security Network Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe