Corporate WAN

The enterprise WAN edge, along with the enterprise branch, provides users at geographically disperse remote sites with access to the same rich network services as users at the main site. The availability and overall security of the WAN edge, and WAN transit, is thus critical to global business operations.

The challenge, from a security perspective, is enabling the enterprise to confidently embrace and extend these rich global services and remote collaboration capabilities to all locations. This is achieved through a defense-in-depth approach to security that extends and integrates consistent end-to-end security policy enforcement and system-wide intelligence and collaboration across the entire enterprise network.

This security segment discusses the role of the enterprise WAN edge in the end-to-end security policy enforcement. The main focus of the enterprise WAN edge is to provide secure and reliable VPN access for remote sites. The threads that we want to stress on the Corporate WAN can be categorized into the following areas:

  • WAN transit threats
  • Infrastructure attacks

Example WAN transit vulnerabilities are MITM (Man in the Middle) and sniffing attacks that aim to provide unauthorized access or data interception and theft.

Infrastructure attacks target corporate WAN edge devices. Examples of such attacks are control plane attacks, unauthorized management access, DoS and routing protocol manipulation attacks. This section includes basic redundancy measures to ensure service availability and resiliency. Network visibility and ease of troubleshooting is also critical at the Corporate WAN to ensure end user satisfaction.