As companies migrate to cloud-based services, solutions previously used to secure traffic across the corporate LAN or across private lines from branch to HQ are most likely no longer viable because traffic is now routed across WANs to connect users to applications and data that are now hosted in remote Data Centers.
This means security of the WAN and of the cloud-based applications becomes more visible and more important. One approach is to rely on the application itself to provide security. When security is an integral part of an application’s design and implementation, this works well, however in many cases, the application does not provide sufficient security and is therefore reliant on network solutions security.
In a Cloud environment, Sonus expects to participate in multi-layered security solution, where VellOS®, Sonus’ cloud exchange networking product, will play a key role to augment network layer security through association with security policy management
It is expected that a security policy management system will determine appropriate security policies and will dynamically instruct VellOS to applied network layer controls to ensure network layer security. For example, if an Intrusion Detection and Prevention solution determines that certain packet should be sent to a quarantine bucket, it would instruct VellOS to set up the appropriate match and action rules for this to happen. In this case application security is enhanced by the integration of multi-layer security enforcement.
In addition, VellOS has the following features for network layer security: