Teldat’s SASE & New Next Generation Firewall FAQ’s

Q: What is Secure Access Service Edge (SASE) and why is it necessary?

SASE is a modern approach that addresses evolving network security requirements, particularly as the security perimeter expands. SASE seamlessly complements SD-WAN technology by integrating SD-WAN, Secure Web Gateways (SWG), and Next-Generation Firewalls (NGFW) in the cloud. It provides reliable, dynamic, and secure communications, allowing organizations to adopt security features at their own pace.

Q: How does the SASE architecture relate to Security Service Edge (SSE)?

The SSE architecture specifically focuses on enhancing communication security by featuring Secure Web Gateway (SWG) and Next-Generation Firewall (NGFW) services. Teldat’s be.Safe Pro SSE is described as a cloud security service that is part of a SASE platform.

Q: What role does the Next-Generation Firewall (NGFW) play within the SASE framework?

The NGFW provides a robust layer of security that enhances traffic control beyond just applications and browsing. When deployed as a service (Firewall as a Service), it is capable of blocking attacks within the network, safeguarding communication between remote sites, headquarters, and data centers.

Q: What is the key difference between using SD-WAN alone and incorporating SASE?

SD-WAN networks offer clear advantages in management, speed, agility, and flexibility while reducing costs. However, SD-WAN technology alone does not inherently provide the necessary security protection. SASE addresses this by integrating cloud-based security features like SWG and NGFW to ensure reliable, dynamic, and secure communications.

Q: What is the function of a Secure Web Gateway (SWG) in this architecture?

SWGs act as intermediaries between users and web content, analyzing and securing traffic. They safeguard networks by allowing or blocking access to websites, applications, and file downloads based on security policies, managing access from a centralized point.

Q: What types of security threats do these cloud services prevent?

Cloud security services, often including features like URL filtering, anti-malware detection and blocking, and application control, are essential for preventing malware attacks. These systems utilize machine learning and AI analytics to assess visited sites and downloaded files for potential risks.

Q: How does the solution handle intrusion prevention?

NGFWs include Intrusion Prevention Systems (IPSs, TP) that defend against browser exploits and other threats. These systems actively assess visited sites and downloaded files using machine learning and AI analytics.

Q: How do remote and mobile users connect securely to services like be.Safe Pro SSE?

Remote users achieve secure direct internet connectivity by connecting through an IPSEC tunnel to send and receive internet traffic. Mobile users can access the service via an SSL VPN agent.

1. What is Secure Access Service Edge (SASE) and why is it necessary?

2. How does the SASE architecture relate to Security Service Edge (SSE)?

3. What role does the Next-Generation Firewall (NGFW) play within the SASE framework?

4. What is the key difference between using SD-WAN alone and incorporating SASE?

5. What is the function of a Secure Web Gateway (SWG) in this architecture?

6. What types of security threats do these cloud services prevent?

7. How does the solution handle intrusion prevention?

8. What are the major operational benefits of choosing a cloud-based security solution?

9. Which industries typically benefit from modern, decentralized SASE solutions?

10. How do remote and mobile users connect securely to services like be.Safe Pro SSE?

11. Is be.Safe Pro SSE dependent on specific hardware or network configurations?

12. How is the security across the entire network managed using this solution?

13. What deployment model is offered for scalability?

14. How does the solution specifically address the needs of large corporations, such as major banks?

15. Can SASE/NGFW capabilities be deployed in unique environments, such as on rolling stock (trains)?

1. What is Secure Access Service Edge (SASE) and why is it necessary?

SASE is a modern approach that addresses evolving network security requirements, particularly as the security perimeter expands. SASE seamlessly complements SD-WAN technology by integrating SD-WAN, Secure Web Gateways (SWG), and Next-Generation Firewalls (NGFW) in the cloud. It provides reliable, dynamic, and secure communications, allowing organizations to adopt security features at their own pace.

2. How does the SASE architecture relate to Security Service Edge (SSE)?

The SSE architecture specifically focuses on enhancing communication security by featuring Secure Web Gateway (SWG) and Next-Generation Firewall (NGFW) services. Teldat’s be.Safe Pro SSE is described as a cloud security service that is part of a SASE platform.

3. What role does the Next-Generation Firewall (NGFW) play within the SASE framework?

The NGFW provides a robust layer of security that enhances traffic control beyond just applications and browsing. When deployed as a service (Firewall as a Service), it is capable of blocking attacks within the network, safeguarding communication between remote sites, headquarters, and data centers.

4. What is the key difference between using SD-WAN alone and incorporating SASE?

SD-WAN networks offer clear advantages in management, speed, agility, and flexibility while reducing costs. However, SD-WAN technology alone does not inherently provide the necessary security protection. SASE addresses this by integrating cloud-based security features like SWG and NGFW to ensure reliable, dynamic, and secure communications.

5. What is the function of a Secure Web Gateway (SWG) in this architecture?

SWGs act as intermediaries between users and web content, analyzing and securing traffic. They safeguard networks by allowing or blocking access to websites, applications, and file downloads based on security policies, managing access from a centralized point.

6. What types of security threats do these cloud services prevent?

Cloud security services, often including features like URL filtering, anti-malware detection and blocking, and application control, are essential for preventing malware attacks. These systems utilize machine learning and AI analytics to assess visited sites and downloaded files for potential risks.

7. How does the solution handle intrusion prevention?

NGFWs include Intrusion Prevention Systems (IPSs, TP) that defend against browser exploits and other threats. These systems actively assess visited sites and downloaded files using machine learning and AI analytics.

8. What are the major operational benefits of choosing a cloud-based security solution?

Cloud-based solutions offer significant benefits, including continuous updates, instant deployment, unlimited scalability, and centralized management. Furthermore, operating in service mode (Security as a Service) can result in a low or even zero cost of ownership.

9. Which industries typically benefit from modern, decentralized SASE solutions?

A modern security approach is needed by any industry that relies on a network of geographically dispersed offices to serve local customers. Sectors mentioned include financial services, insurance, travel, distribution, healthcare, and administration.

10. How do remote and mobile users connect securely to services like be.Safe Pro SSE?

Remote users achieve secure direct internet connectivity by connecting through an IPSEC tunnel to send and receive internet traffic. Mobile users can access the service via an SSL VPN agent.

11. Is be.Safe Pro SSE dependent on specific hardware or network configurations?

No. be.Safe Pro SSE is designed to be hardware agnostic and is easy to configure. It can integrate seamlessly with Teldat’s SD-WAN solution or operate fully interoperably with non-SD-WAN technologies due to its vendor-agnostic design.

12. How is the security across the entire network managed using this solution?

Security across the entire network, regardless of size, can be managed effortlessly from a single security management console. This console is accessed via a web browser and an internet connection and is integrated with the SD-WAN solution for unified network management, though it also supports non-SD-WAN scenarios.

13. What deployment model is offered for scalability?

The architecture is scalable with a simple, “pay as you grow” deployment model. This tiered approach allows customers to expand their infrastructure at their own pace.

14. How does the solution specifically address the needs of large corporations, such as major banks?

For corporations requiring advanced security and managing external traffic with many branches, the cloud-based solution supports access from anywhere. It filters traffic through a gateway that controls access to the corporation’s private network. Furthermore, it ensures the safe sharing of information with external parties and providers while maintaining secure corporate network access.

15. Can SASE/NGFW capabilities be deployed in unique environments, such as on rolling stock (trains)?

Yes, the be.Safe Pro SSE NGFW solution can be adapted for rolling stock environments. It can be installed in the data center or directly in each rail carriage to provide security before traffic leaves the train. This deployment secures both the passenger network (preventing malware infection) and staff communication traffic (protecting corporate activities like maintenance or ticketing).