{"id":1565,"date":"2022-07-14T16:19:41","date_gmt":"2022-07-14T09:19:41","guid":{"rendered":"https:\/\/dt-corp.com.vn\/?p=1565"},"modified":"2022-07-14T16:19:41","modified_gmt":"2022-07-14T09:19:41","slug":"inside-vmware-sase-pops-the-engine-behind-vmware-sd-wan","status":"publish","type":"post","link":"https:\/\/dt-corp.com.vn\/?p=1565","title":{"rendered":"Inside VMware SASE PoPs: The Engine Behind VMware SD-WAN"},"content":{"rendered":"

Our blog series showcasing\u00a0VMware SA<\/a>SE<\/a>\u00a0rolls on, providing a deep dive look at how SASE\u2019s next-gen cloud networking and sophisticated cloud security capabilities help power enterprise-wide digital transformation.<\/p>\n

In a recent\u00a0blo<\/a>g<\/a>, we spotlighted the three tenets of SASE \u2014 one of which was prioritizing\u00a0VMware SD<\/a>-WAN<\/a>\u2122<\/sup>\u00a0as your building block.<\/p>\n

What\u2019s the engine that powers VMware SD-WAN?<\/p>\n

It\u2019s all about a cloud-native architecture, consisting of 150 VMware SASE points of presence (PoPs) from VMware and its partners around the world. PoPs serve as on-ramps to SaaS and cloud services, delivering optimal network performance, regardless of location (e.g., branch, mobile, etc.) or endpoint type (e.g., IoT device).<\/p>\n

SASE PoPs also serve as the first line of defense and processing for end-user traffic, safeguarding the network from destructive attacks and users from dangerous public Internet threats.<\/p>\n

The PoPs\u2019 global footprint provides VMware SASE with a springboard to launch new networking and security services and drive integrations with industry-leading third-party security partners.<\/p>\n

And as you read this blog, there\u2019s a good chance that a VMware SASE PoP is nearby as they serve 85% of the world\u2019s major metropolitan areas.<\/p>\n

This optimal placement ensures individual users will connect to the closest regional PoP to reduce latency, increase performance, and securely access enterprise resources (e.g., data center, campus, branches, users) and cloud services (e.g., SaaS applications, platform providers).<\/p>\n

\"\"<\/figure>\n

Exploring VMware SASE PoPs: Five key benefits<\/strong><\/h2>\n

SASE<\/a>\u00a0PoPs combine software-defined networking and intrinsic security, enabling IT teams to seamlessly support user mobility in a zero trust environment.<\/p>\n

1.\u00a0 Application quality assurance:\u00a0<\/strong>SASE PoPs deliver assured, reliable application delivery to mobile, branch, and campus connections \u2014 even under unfavorable network conditions.<\/p>\n

2. Global PoPs:\u00a0<\/strong>PoPs are strategically positioned around the world to create direct peering connections with popular SaaS\/IaaS providers, with a goal of sub-5 ms latency between the SASE PoP and cloud apps.<\/p>\n

This proximity speeds the on-ramp to cloud between user request, packet steering, security inspection, and application access.<\/p>\n

3. Operational simplicity:\u00a0<\/strong>Configuration and policy management are performed from a single, centralized cloud-based orchestrator for all services within the PoP.<\/p>\n

4. Cloud-native solution:\u00a0<\/strong>The PoPs\u2019 cloud-based management model eliminates the burden of infrastructure management, empowering the platform to harness advanced scalability and resiliency capabilities.<\/p>\n

5. Intrinsic security:\u00a0<\/strong>From\u00a0zero trust network acc<\/a>ess (ZTNA)<\/a>\u00a0and secure web gateways to cloud access security broker (CASB) functionality and firewall as-a-service (FWaaS), the PoPs\u2019 integrated capabilities guard distributed workers and apps against internal and external threats at all levels.<\/p>\n

SASE PoP use case #1: Connecting a branch user to a SaaS application<\/strong><\/h2>\n

How can branch\u00a0SD-WAN<\/a>\u00a0users leverage a PoP to effectively and securely connect to their SaaS application, such as Microsoft Office 365?<\/p>\n

First, their traffic is directed locally to an SD-WAN Edge device, which connects to the PoP\u2019s VMware SD-WAN Gateway \u2014 delivering a high-quality, assured, reliable network on-ramp to the app.<\/p>\n

Next, the Edge device sends traffic to a nearby PoP via an SD-WAN overlay tunnel.<\/p>\n

Upon exiting the tunnel,\u00a0V<\/a>Mware Cloud We<\/a>b Security<\/a>\u2122<\/sup>\u00a0processes the traffic, based on the security policy.<\/p>\n

If no security issues are detected, the traffic exits the PoP and is sent to the SaaS provider.<\/p>\n

SASE PoP use case #2: Connecting a remote user to a SaaS application<\/strong><\/h2>\n

Let\u2019s look at a work from anywhere user who is working from home and off corporate premises. How do they connect to their SaaS app?<\/p>\n

First, an agent on endpoint establishes a secure tunnel to the nearest PoP.<\/p>\n

Next, the user and their device posture are authenticated and authorized by VMware Secure Access within the PoP.<\/p>\n

After that occurs, their secured traffic is sent to an SD-WAN Gateway component, which then sends it to a cloud web gateway, based on security policy and user context.<\/p>\n

Finally, Cloud Web Security applies the security rules before forwarding the traffic to the SaaS provider.<\/p>\n

By: Scott Nyberg<\/a><\/p>\n

Source: blogs.vmware.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Our blog series showcasing\u00a0VMware SASE\u00a0rolls on, providing a deep dive look at how SASE\u2019s next-gen cloud networking and sophisticated cloud security capabilities help power enterprise-wide digital transformation. In a recent\u00a0blog, we spotlighted the","protected":false},"author":3,"featured_media":1566,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[13],"tags":[],"class_list":["post-1565","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog"],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/dt-corp.com.vn\/wp-content\/uploads\/2022\/07\/Picture1-1.png","_links":{"self":[{"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=\/wp\/v2\/posts\/1565","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1565"}],"version-history":[{"count":1,"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=\/wp\/v2\/posts\/1565\/revisions"}],"predecessor-version":[{"id":1567,"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=\/wp\/v2\/posts\/1565\/revisions\/1567"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=\/wp\/v2\/media\/1566"}],"wp:attachment":[{"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dt-corp.com.vn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}