Starting May 2, 2024, find new blogs on HPE Community. Questions? Contact us

Go to new blog site

HPE Aruba Networking Blogs

SD-WAN is the “Easy Button” for Securing Multi-Cloud Connectivity: Part 2

By Nav Chander, Senior Product Marketing Manager, SASE & SD-WAN

In the first part of this two-part blog series, we discussed five challenges that enterprise IT managers face when it comes to supporting multi-cloud connectivity of applications across the enterprise WAN. We highlighted the first two of the five key capabilities of an advanced SD-WAN platform that enable easier multi-cloud connectivity, which are SaaS optimization and Intelligent Internet Breakout.

In this installment, we’ll discuss the three remaining capabilities of an advanced SD-WAN required to simplify and automate the connectivity to public clouds, SaaS and cloud security services.

3. Deploying SD-WAN Virtual Instances in Public Clouds

Enterprises can deploy a virtual Aruba EdgeConnect appliance instance to extend their SD-WAN to IaaS providers with seamless orchestration and ongoing lifecycle management. Aruba EdgeConnect virtual appliances may be deployed in public cloud infrastructures, such as a Microsoft Azure Virtual Network (VNET), Amazon Web Services virtual private cloud (AWS VPC), Google Cloud Platform (GCP) and Oracle Cloud Infrastructure. These appliances are available in the partner’s respective public cloud marketplaces, enabling seamless and secure connectivity via public internet or private Direct Connects for all branch and data center locations connecting to public clouds.

The management of the EdgeConnect virtual instances are managed by Aruba Orchestrator that completely automates VNET and VPC discovery, subnet management, virtual instance onboarding, high-availability configuration and status monitoring.

4. SD-WAN Integration and Automation with Public Cloud

EdgeConnect SD-WAN provides orchestrated, secure branch connectivity directly to public cloud providers’ global backbone networks. This greatly simplifies the SD-WAN overlay by connecting branch locations directly to regional points of presence (POPs) that provide access to cloud resources within a region and across regions. The overlay also supports branch-to-branch communication without virtual gateways at each VPC. Figure 1 highlights the flexibility of public cloud connectivity with an Aruba EdgeConnect SD-WAN.

Figure 1. SD-WAN Multi-Cloud Connect Flexibility

Figure 1: SD-WAN Multi-Cloud Connect Flexibility

Aruba Orchestrator provides a single centralized dashboard to streamline the management and operation of SD-WAN integrations with AWS Transit Gateway Network Manager (TGNM) and Microsoft Azure Virtual WAN (vWAN).

The main benefits are focused on simplification of a large global network with many AWS VPCs or MSFT VNETs by reducing the number of point-to-point connections. Aruba Orchestrator gives complete visibility from within the cloud connect dashboard.

5. Automation and Integration of SD-WAN with Best-of-Breed Cloud-delivered Security Vendors

Aruba has extended its orchestration capabilities to integrate third-party cloud security services from best-of-breed cloud security solutions from Zscaler, NetSkope, Check Point, and Palo Alto Networks Prisma Access. This advanced API integration within the EdgeConnect SD-WAN platform enables network managers to fully realize a cloud-first vision that leverages UTM and advanced security capabilities to enable the enterprise to automate consistent, network-wide security policies that combine the advantages of an advanced Zero Trust WAN edge on-prem, with cloud-delivered security services from their security vendor of their choice.

Aruba automatically orchestrates primary and secondary IPsec tunnels to nearest POP for these cloud security partners. In this model the Aruba Orchestrator become the point of business and security policy enforcement, giving the organization the flexibility to route specific traffic to cloud security or onboard using gateway firewall policy.

With the emergence of SASE, SD-WAN is becoming a cloud-programmable networking platform for orchestrating network, security and SASE components providing enterprises with a better way to adopt, orchestrate, and manage these discrete security components, plugging them into the network and centrally managing them with software. This flexibility offers enterprises the freedom of choice to adopt leading cloud-delivered security solutions, which can be fully unified with their Aruba SD-WAN deployments.

In a multi-cloud environment, IT teams require automation and orchestration to ease the burden of deployment and ongoing management to ensure the highest level of performance and security for the users they serve. Lifecycle management and orchestration are essential to achieve the full transformational promise of the cloud.

Managing multi-cloud connectivity across your WAN must be made simpler - so that it doesn’t become unruly or unmanageable. Selecting the right SD-WAN platform provides an “Easy Button” to simplify the integration of private cloud, SaaS and IaaS hosted applications and deliver consistent and secure application performance over any WAN infrastructure to all users anywhere and from any device.

Learn more at:

Aruba SD-WAN solutions

Aruba SD-Branch and Network Security solutions

Aruba EdgeConnect SD-WAN solution