Detail Product SASE

www.hypernet.co.
id
Hypernet SASE Local POP

Powered by
12/09/2022
INTERNAL
What is SASE
INTERNAL
SD-WAN
Current
Solutions SWG FIREWALL/IPS
Vendor X= IT TEAM
Management
Sprawl
VPN CLIENT LAN/WAN
3
INTERNAL
SASE Solution Suite
Concerto
3rd Party
Router/SD-WAN
Single Pane of Management,
Monitoring and Visibility
HQ / DC
Security as a
Service
Local
SASE Fabric
Indonesia
POP
3rd Party VSA

Networking as a VSA
Router/SD-WAN
Service
Branch Office Home Home Anywhere

At Office – Secure SD-WAN VSA – Cloud based SASE
INTERNAL
Versa Techonology
Based on Gartner and NSS
INTERNAL
Multiple International Acknowledgment
WAN Edge Infrastructure Security Service Edge Network Firewalls
Gartner Critical Capabilities rating for SD-WAN

▪ Gartner recognize Versa as Leaders in WAN EDGE and Niche Players in SSE. Additionally, Versa is
• #1 in Large Global Enterprise WAN
recognized by Gartner in Networks Firewalls as Visionaries
• #2 in SD-WAN + Security Use Case
• #2 For Cloud First SD-WAN ▪ Gartner put Versa as new player in cloud security vendor but already recognize as SSE vendor. For the
• #2 Small Branch WAN information, only 10 vendors is recognized by Gartner in SSE category although there are lots of vendors
• #2 Remote Worker claim that they have SSE features
6
INTERNAL
CyberRatings.org
SD-WAN RATING ENTERPRISE FIREWALL
7
INTERNAL
SSE – Security Service Edge
Why ?
Versa Concerto or Titan
• Leverage Existing Network/Security Device
• Focusing more on Branch Availability and WFA User
• No need for advance SD-WAN Feature

HQ
Cloud DOS, Routing &
CGNAT
Next Gen
Firewall
SSL Proxy • Cost Efficient
File Filtering, DNS Security, Device CASB
Internet AV, IPS Identification DLP, RBI
ZTNA Malware Detection and Prevention

Network Services
SAML/AD
• Basic Site to Site Connectivity via IPSec
Network Obfuscation
Authentication
Versa Cloud • Active-Passive Link Failover based on Routing
Branch-1 Gateway Branch-2
• Support static routes and dynamic (BGP) towards VCG
IPSec Security Services

• Zero Trust Network Access
SASE Client App on • Full UTM Suite + CASB + DLP

End-User device
• Delivered via Versa Cloud Gateway
INTERNAL
Zero Trust
Zero Trust is a security framework requiring all users, whether in or outside the organization’s network, to be
authenticated, authorized, and continuously validated for security configuration and posture before being
granted or keeping access to applications and data. Zero Trust assumes that there is no traditional network
edge; networks can be local, in the cloud, or a combination or hybrid with resources anywhere as well as
workers in any location.
Zero trust is a strategic mindset based on core guiding
principles:
● “Never trust, always verify”
● Access based on identity and context (not location
on/off the network)
● Least privilege access by default
Key assumption: Your users and network are likely

already compromised. Therefore, they should not be
granted privileged access by default.
INTERNAL
Traditional VPN VS SASE
HQ
Enterprise Cloud Enterprise
Public Cloud
Network Data
Center
Perimeter firewall,
VPN Concentrator
Employee Versa
visiting
Malicious
Internet office Cloud
content
downloade Gateway
d from
Internet
SASE Client
Access
App on End-
from Home User device
Category ZTNA Traditional VPN Note
Endpoint Router , Laptop, Mobile Laptop
Network Performance Throughput, Delay, &
Monitor Yes No Packet Loss
Per Application and Per
Access Control Granular Limited Group
User Grouping Yes Yes
Client Failover and Load 1
Balance Automatic between DC-DR Manual INTERNAL
Features
INTERNAL
ZTNA
INTERNAL
SWG
INTERNAL
Presales
INTERNAL
Sizing Method
oHow Many Branch/HQ will be connected to SASE?

oHow Many ZTNA Users?
oHow Many Internet Bandwidth for each sites?
oHow much estimation bandwidth consumption for each ZTNA
Users?
INTERNAL
Deployment Option A:
Single Site with Remote Worker
Private
Data
Center
IPSEC
Versa SASE
Remote Workers Remote Workers Remote Workers Remote Workers Remote Workers
INTERNAL
Deployment Option B:
Multi Sites – Remote User
Private Data
Center
Branch Branch
IPSEC
IPSEC IPSEC
Versa SASE
INTERNAL
Deployment Option C:
Secure Access to Cloud SAAS
IPSEC IPSEC IPSEC
Versa SASE
INTERNAL
Scope Of Work
INTERNAL
Scope Of Work
• Design Solution PostSales • Maintenance

• BoQ • Change Configuration
• Detail Scope Of Work • Monthly Report
• Tenant Creation req to

Principal
• Configure User Admin Access
• Configure Real Time
Protection (Security Policy
Rule)
• Configure Secure Client
Access (ZTNA) Profiles and
Policy Rule
• Configure IPSEC Site-to-Site
(Concerto’s Site and Client’s
Side)
• Configure User Database
PreSales
AfterSales
INTERNAL
MACD
INTERNAL
Modify Add Change Delete
oSecurity Policy
oUser Profile
oZTNA User
oIP SEC/VPN Tunnel Profile
oReport
INTERNAL
SLA
INTERNAL
Service Level Agreement
Criticality Level : HIGH
Deliverable : 4 minggu after kick off dan finalization implementation Design

(LLD)
Availability : 99,8%
Support Response Time : 15 min
INTERNAL
Dependency Services
INTERNAL
Dependency Services
• IDC DC Availability (Rack & Power)

• Internet Connection at IDC
• OPEN IX , IIX , and other local peering, to ensure user from other ISP can
connect to our SASE Gateway
• BACKUP PLAN – SINGAPORE (explained more)
INTERNAL
List SKU
INTERNAL
Business Scheme
Client : HYPERNET Client : Non INTERNET Client : PARTNER/SI Client :
INTERNET CLIENT CLIENT ITEM : PARTNER/SI/DISTRIBUTOR
ITEM : ITEM : SASE LICENSE ITEM :
SASE LICENSE SASE LICENSE non HYP BW SASE @ IDC BW SASE @ IDC
BW SASE @ IDC BW SASE @ IDC
Starting BW :100 Mbps

INTERNAL
List SKU
SASE LICENSE + BW IDC (FOR HYPERNET Internet Client)
HYP-SASE-100M-1MNTH-BNDL (100 Mbps SASE:Include 50 ZTNA Client)
HYP-SASE-1G-1MNTH-BNDL (1 Gbps SASE:Include 500 ZTNA Client)
SASE LICENSE + BW IDC (FOR NON-HYPERNET Internet Client)

HYP-SASE-100M-1MNTH (100 Mbps SASE:Include 50 ZTNA Client)
HYP-SASE-1G-1MNTH (1 Gbps SASE:Include 500 ZTNA Client)
INTERNAL
List SKU
BANDWIDTH ADD ON FOR SASE GATEWAY
HYP-SASE-BW-100M-1MNTH
HYP-SASE-BW-1G-1MNTH
VSA (ZTNA CLIENT) ADD ON

HYP-VSA-10ADDON
INTERNAL
INTERNAL
Skema Demo
INTERNAL
Single Main DC – Remote User
Private Data
Center
Yang Di demokan :
Branch 192.168.89.100 • Dashboard
• Analytics
192.168.88.0/24 192.168.89.0/24 • Test Access
Mikrotik • Web Filtering Test (VSA)
Mikrotik
IPSEC • Malware Protection (Tentative)
IPSEC • Reporting sample
• Audit Log
Versa SASE
INTERNAL
www.hypernet.co.id
FOKUS PADA BISNIS,

Fokus pada bisnis,
BUKAN MASALAH IT ANDA.
bukan masalah IT Anda
INTERNAL

Detail Product SASE

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Detail Product SASE

Uploaded by

Copyright:

Available Formats

www.hypernet.co.

Hypernet SASE Local POP

3rd Party VSA

Branch Office Home Home Anywhere

WAN Edge Infrastructure Security Service Edge Network Firewalls

Gartner Critical Capabilities rating for SD-WAN

• Focusing more on Branch Availability and WFA User

• No need for advance SD-WAN Feature

ZTNA Malware Detection and Prevention

IPSec Security Services

SASE Client App on • Full UTM Suite + CASB + DLP

Key assumption: Your users and network are likely

oHow Many Branch/HQ will be connected to SASE?

IPSEC IPSEC IPSEC

• Design Solution PostSales • Maintenance

• Tenant Creation req to

Criticality Level : HIGH

Deliverable : 4 minggu after kick off dan finalization implementation Design

Support Response Time : 15 min

• IDC DC Availability (Rack & Power)

• BACKUP PLAN – SINGAPORE (explained more)

Starting BW :100 Mbps

SASE LICENSE + BW IDC (FOR NON-HYPERNET Internet Client)

VSA (ZTNA CLIENT) ADD ON

FOKUS PADA BISNIS,

You might also like