My WFH Story with Versa Secure SD-WAN (Part 1)

Part 1 of a 3 part series (read part 2 and part 3)

Throughout my entire career of 20+ years I predominately have been a work-from-home employee through various roles I have held. As part of #WFH the need for secure and either on-demand or constant connectivity to corporate resources is a hard requirement in order to do my job effectively.

Over the last 20+ years how, where and what I need access to have changed quite dramatically. In summary a lot of these resources are now off-net [ e.g. email, SharePoint, Skype, CRM, PRM, collaboration and communication applications [conferencing and softphone], but many are still on-net [internal wiki resources, Bugzilla, QA build servers, dedicated lab equipment to name a few]. In years past, my method of accessing resources was to launch my VPN-client on-demand when I needed to get access to any on-net resources [way back even email needed VPN to get access].

When accessing and using a VPN-client [whether IPsec or SSL] most typically all my direct-to-Internet traffic was also going across this logical connection. I was constantly enabling/disabling my client as time moved on to make my experience of accessing off-net resources [cloud] better. Yes, going through a VPN-client at times can be frustrating 😊 [slow is the key word here, though to be fair, it improved as timed moved on]

Now with a need for hybrid access to my necessary resources, I ideally needed a better way to do my work at home without constantly having to flip connections to manage my experience. 18+ months ago I decided to get fancy and deploy Versa Secure SD-WAN at my home using the Versa Titan service.

 

Quick high-level diagrams of my setup

 

 

 

 

So, what did I do once I decided to leverage a Versa Secure SD-WAN Appliance and Versa Secure SD-WAN using the Versa Titan service?

 

Well for starters, I wanted to ensure I had the following:

  • Multi-Link access from my home (Broadband and LTE) for increased resiliency and application availability
  • Secure segmentation of my work assets from family assets
  • Wi-Fi capability with corporate access and DIA for non-corporate devices
  • Site-to-site VPN services to corporate and test locations
  • Local Internet Breakout for my non-work-related traffic
  • Advanced security to identify and protect against any inbound threats as well as detect if any device on my home network was compromised
  • Resilient architecture to ensure my Zoom and RingCentral services were always on and had great call and video quality
  • Destination NAT for some local personal hosted services
  • One touch change control to adjust my network, add new test sites with appropriate access and rapidly test new features
  • Easy and simple interface so I could let my non-techie wife also be able to do some checks and changes if needed when I was away
  • Application based QOS to ensure Netflix or my guests didn’t clog my network while I was working
  • Analytics and traffic monitoring to analyze quality of my applications, network and security assessment
  • Quickly demonstrate Secure SD-WAN to any customer and partner with a live network

It’s worth mentioning that around this time Versa launched our Versa Titan Secure SD-WAN service and I was also tasked to test, market, engineer and improve feature applicability. So, what better way to help the company as well as my own needs than to be one of THE initial test deployments in a real-world scenario. Not only did I need to ensure my work needs were never impacted but I also needed to ensure I was not impacting quality of “Internet” life for the family.

I share my journey in part 2 of this 3-part series.