A10 Networks has announced a new Cloud Access Proxy (CAP) solution that provides secure access to software-as-a-service (SaaS) applications, such as Microsoft Office 365, optimising branch offices with better performance, stronger security and enhanced user experience.
Additionally, the solution provides visibility into SaaS applications for improved security.
The CAP solution is comprised of three components: the new A10 Networks Thunder 840 CAP appliance for the branch office, higher-performance Thunder Convergent Firewall (CFW) platforms for the headquarters, and the new centralised CAP Visibility and Analytics solution, which provides centralised insights into outbound application traffic and SaaS application usage.
Together, the CAP solution ensures that access to SaaS applications and data is secured while maintaining centralised visibility across sanctioned and unsanctioned applications.
SaaS and multi-cloud environments increase security challenges
Traditionally, enterprise networks were designed to provide users with access to applications and services hosted locally within their data centers.
To secure user access to the internet and to protect them from cyber threats, a large central security stack was typically hosted to inspect traffic going in and out of the network.
As organisations grew and expanded into multiple branch offices, they were forced into a hub-and-spoke deployment model where all branch office traffic was routed back to the central security stack for policy enforcement and inspection.
With the increased adoption of SaaS applications, as well as the rapid move towards multi-cloud deployments, enterprise networks are changing with the consolidation of WAN edge infrastructure and migration from MPLS.
Maintaining security and user experience is increasingly challenging in this environment.
A10 Networks CAP solves these problems by consolidating different features of multiple point products, like software-defined-WAN, cloud access security brokers and secure web gateways, providing a unified solution for SaaS optimisation, security and visibility.
These features include:
- Local breakout – For branch office traffic optimisation using intelligent classification and bypassing of SaaS traffic from other application traffic.
- Next hop load distribution (NHLD) – For dynamic traffic distribution across multiple WAN connections.
- Tenant access control – For data theft prevention between sanctioned and unsanctioned SaaS tenant accounts.
- URL filtering – For traffic categorisation and protection from web threats.
- Application visibility and control – For dynamic recognition and categorisation, as well as filtering of application traffic.
- IPsec VPN – For securing internet traffic, backhauled from branches to the central security stack.
- AppCentric templates (ACT) – For simplified, one-step deployments at new branch offices.
- CAP visibility and analytics solution – For visibility across sanctioned and unsanctioned application traffic at the branch office and in the cloud.
“Traditional enterprise networks are not optimised for SaaS application traffic and the security provided by the SaaS vendor is not adequate in addressing today's cyber threats and the increasing use of shadow IT,” says A10 Networks product management vice president Yasir Liaqatullah.
“A10 Networks' Cloud Access Proxy is designed to help organisations optimise the performance and security of their SaaS application traffic.
The complete Cloud Access Proxy solution, including Thunder 840 Cloud Access Proxy, Thunder CFW, and the Centralised Cloud Access Proxy Visibility and Analytics solution, is available now.
The Centralised Cloud Access Proxy Visibility and Analytics solution will also be available as an add-on app on the A10 Harmony Controller in early 2020.