SD-WAN and Comprehensive Network Security that is Within Reach

By Jagdish Girimaji   January 11, 2023

SD-WAN and comprehensive network security solutions used to be limited to large companies with a big budget and large IT staff. Not anymore. Now, small- and medium-sized enterprises facing new business and technical realities can provide these services. With ~30% of employees now working remotely, more IoT devices in their network increasing the threat surface, and a mandate to do all this with leaner IT staff, these enterprises still need to meet service-level agreements (SLA).

Managed service providers (MSP) and medium-sized lean IT companies also contend with:

  • Scarce security-skilled IT professionals
  • Fragmented and heterogeneous tools
  • Integration of multiple functions (networking and security, LAN and WAN, wired and wireless)
  • Inefficient network management

With the introduction of Network Service Edge (NSE), Cambium Networks addresses these challenges with a cloud-managed, converged WAN Edge solution at the right price point for MSPs and medium-sized companies. NSE is an ideal fit for all small and medium enterprises including:

  • Assisted living
  • Bank branches/credit unions
  • Coffee shops/cafes
  • Healthcare clinics
  • K-12 education schools
  • Restaurants
  • Retail (excluding big box)
  • RV parks

The three pillars of the cloud-managed, converged WAN Edge solution include:

  • SD-WAN – Two WAN links provide for failover, application load balancing and prioritizing business-critical applications.
  • Network Security
    • Includes built-in firewall with advanced Layer 3 and application-based rules along with industry-leading IDS/IPS engine to protect network against current and emerging threats.
    • VPN with multi-factor authentication for enhanced password-based authentication for remote workers to log in from any device. NSE supports the industry standard and widely supported L2TP-IPsec VPN.
    • Geo-IP filters to deny/allow traffic to/from specific countries and blocking traffic to known malware sites while keeping the malware offender database continuously updated.
    • Periodic vulnerability scan of wired and wireless devices to provide an additional layer of security on LAN allowing audit of security vulnerabilities and notification when critical vulnerabilities are discovered.
    • OT/IoT devices have expanded the attack surface and created a blind spot for IT administrators and NSE with AI-based monitoring and identification provides visibility of all IoT devices in the network.
  • Network Services
    • DHCP, DNS and RADIUS services are available natively. Built-in RADIUS server allows creating user accounts and setup of secure network authentication for all the users and devices.
    • NSE is managed by cnMaestro, which also manages Cambium Networks’ enterprise Wi-Fi, switching and FWBB portfolio.
    • NSE keeps all databases current and always updated – intrusion rules, vulnerability reports, device signatures, Geo-IP databases and malware sites database.

Experience the Difference

Make the most of digital transformation from an informed point of view and do things right the first time. For more information, download the IDC How Integration and Cloud Management Help Optimize Networks for the Midmarket report.