Large Insurance Company Solves Long-standing Security Problem with SD-WAN

A large insurance company deploys a strong security solution, and at the same time gains scalability and ease of deployment. With a private, on-premise cloud, they host their own devices, and also derive significant benefits in reduced new-site activation time, centralized business policy management, PKI infrastructure management, VPN simplicity and cloud-readiness for future off-premise applications.

A large insurance company deploys a strong security solution, and at the same time gains scalability and ease of deployment. With a private, on-premise cloud, they host their own devices, and also derive significant benefits in reduced new-site activation time, centralized business policy management, PKI infrastructure management, VPN simplicity and cloud-readiness for future offpremise applications.

WAN Challenges

This large insurance company has tens of thousands of sites, deploys new sites on an ongoing basis, and maintains many thousands of agents working across these sites. The company faced ongoing challenges with deploying new sites and managing their security infrastructure. Operating in the insurance arena, security is fundamental to their business objectives.

The company desired to have a Public Key Infrastructure (PKI) infrastructure— prized for its security strength—but this presented such staggering complexity in tying their VPNs into their Microsoft-based CA (certificate authority) servers that they abandoned the goal after a year’s worth of failed attempts to get it working and settled instead for a less-secure pre-shared key solution. In choosing this route, they would not be the first or only Fortune-500 company to compromise security to gain the benefits of a simplified network architecture, smoother site deployment, and gains in application performance.

While the pre-shared key infrastructure proved easier to roll-out and manage, it did not to scale to the size of their network, and it did not offer the level of security required.

SD-WAN Solution Choices

Being a large, established business, the company opted to build a private, on-premise SD-WAN cloud, hosting their own edge, hub, controller and orchestrator devices. They used the VMware SD-WAN™ by VeloCloud® zero-touch site activation capability to dramatically simplify the roll-out of new sites, built a framework to codify their business policies, and used the orchestrator to manage, coordinate updates, and distribute these to all sites.

VMware SD-WAN security infrastructure enabled them to deploy a PKI solution that was both scalable and easy to manage. The solution encompasses a workflow ensuring automatic key rotations, and device certificates (used for VPN tunnels) are anchored into the VMware SD-WAN Orchestrator CA. Everything is built-in and there is no need to tie into any external devices.

Benefits and Results

This company realized the following benefits from choosing the VMware SD-WAN solution:

  • Strong PKI security infrastructure that provides a better security solution than pre-shared keys
  • Scalable security infrastructure
  • Dramatic simplification in defining and managing VPNs, keys and digital certificates
  • Significant reduction in time, and ease of managing, in the roll-out of new sites— with security immediately enabled
  • Consolidating business policies into a comprehensive central repository
  • Easily managing the distribution of business policies across the thousands of sites
  • Being cloud-ready with their SD-WAN infrastructure such that they can add future off-premise cloud applications to their network with a click on the orchestrator
  • Dramatically reducing the time to get a new site up and running
See Also
Large Insurance Company Solves Long-standing Security Problem with SD-WAN
Customer Case Study (PDF)
Free hands-on evaluation

Slash bandwidth costs and deploy 10x faster.

Sign up for a free hands-on evaluation of VMware SD-WAN by VeloCloud™ and learn how to deploy branch offices in minutes, provide high quality UC experience, and lower bandwidth and hardware costs.

Ready to learn more?

Software-Defined WAN For Dummies

eBook

Your crash course in SD-WAN. This easy-to-read book gives you jargon-free best practices for Software-Defined Wide Area Networking.


3 Steps to Deliver WAN to Remote Sites

Customer Webinar

Rockford Construction share a new architectural approach to end the unacceptable trade-offs between private links and public broadband Internet for remote sites and branch offices.


VMware SD-WAN by VeloCloud™ for Architecture, Engineering, and Construction

Solution Brief

This solution brief for architecture, engineering, and construction companies details how VMware SD-WAN dramatically simplifies WAN for remote sites by moving the network to the Cloud.