In the dynamic landscape of modern business, a secure and reliable network infrastructure is paramount. Exium's Secure Access Service Edge (SASE) solution incorporates a powerful built-in Software-Defined Wide Area Networking (SD-WAN) feature to elevate your network performance, ensuring robust connectivity and heightened security.
¶ Key Features
|
No |
Key Capabilities of Multi-WAN Feature of the cyber Gateway |
|---|---|
| 1 |
Failover Support
|
| 2 |
Load Balancing
|
| 3 |
Application-Aware Routing
|
| 4 |
Enhanced Security
|
¶ Benefits of Multi-WAN
|
No |
Key Benefits of Multi-WAN |
|---|---|
| 1 |
Optimized Performance
|
| 2 |
Continuous Connectivity
|
| 3 |
Application-Centric Prioritization
|
| 4 |
Security Resilience
|
¶ Multi-WAN Deployment Configurations
Exium support both Single-interface and Multi-interface versions for the Cyber Gateways deployment. However, the Multi-WAN support (as obvious) is only provided in the Multi-interface version. You can deploy the Cyber Gateways on Hardware, in a VM or on Public Cloud of your choice.
A Multi-WAN scenario where the hardware or VM supports multiple network interfaces is shown below. An example of recommended hardware for the Cyber Gateway that supports 4 physical network interfaces is HUNSN Micro Firewall Appliance.
A Multi-WAN deployment scenario with high-availability (HA) is provided below. In the HA deployment, we recommend using a switch on the WAN side as it simplifies the cabling and also accommodate cases where the ISP modem/ router provides only one or limited network interfaces for connectivity.
In case where the Cyber Gateway does not have enough physical network interfaces, Exium can also create virtual network interfaces on the same physical interface to accommodate the Multi-WAN. At a minimum you need a box that supports two physical interfaces, one for the LAN and the other for the WAN to keep the LAN and WAN traffic physically separate.
¶ Activating and Configuring Multi-WAN
To configure Multi-WAN support, follow the steps below.
- Navigate to the MSP admin console -> Client Workspace
- Click on Sites → Cyber Gateways in the left menu bar → Add Gateway (Skip if CGW already exists)
- Toggle Multi WAN to switch to Yes in SD-WAN configuration section
- Toggle WAN Static IP to switch to Yes in SD-WAN configuration section, if you want to use static IP addresses on both WAN interfaces, Skip and refer below section for Dynamic IPs on WAN interfaces in case you don't have static IPs for WAN interfaces.
- Add WAN1 IP (Primary) and WAN1 Gateway (Primary) details as shown in picture
- Add WAN2 IP (Secondary) and WAN2 Gateway (Secondary) details as shown in picture
- Save the configuration.
- If it is a fresh deployment, follow installation steps in Multi Interface CGW deployment.
¶ Modification on existing CGW where Multi WAN is already enabled?
If Multi WAN configuration is enabled on existing CGW, redeployment/reinstallation of CGW will be required. Dynamic Update will not work.
During reinstallation or fresh installation, you must choose LAN, WAN1 and WAN2 when input is prompted to select interfaces. Refer section Steps to Install the Cyber gateway in document Multi Interface CGW deployment.
- In case CGW is already deployed with Multi WAN option and both WAN IPs were already configured statically, modification of WAN interface and Gateway IPs does not require reinstallation. They will be updated automatically within ~5 mins on CGW machine.
- In case, CGW is already deployed with Multi WAN option and both WANs were not configured with static IPs, then you can add WAN IPs statically with their Gateway IPs. They will be updated automatically within ~5 mins on CGW machine.
¶ Dynamic IPs on the WAN interface
To use Dynamic IPs on WAN Interfaces in case Multi Interface option is enabled:
- Select WAN Static IP as No in section SD-WAN
- Select Multi WAN as Yes in section SD-WAN
- Save the configuration.
If Multi WAN configuration is enabled on existing CGW, redeployment/reinstallation of CGW will be required. Dynamic Update will not work.
During reinstallation or fresh installation, you must choose LAN, WAN1 and WAN2 when input is prompted to select interfaces. Refer section Steps to Install the Cyber gateway in document Multi Interface CGW deployment.
¶ Configuring Multi-WAN Load Balance traffic distribution
To configure Multi-WAN Load-balance traffic distribution
- Continuation to above step to configure CGW with Multi-WAN configuration, for WAN load balancing
- In Load Balance section, select Weightage
- Update Traffic Distribution weightage between 2 WAN links (in percentages)
- Save the configuration. CGW will be updated automatically in few mins.
¶ Preferred WAN for Realtime Traffic
This option allows traffic like YouTube, Teams and other real time traffic routed via preferred WAN Interface
To configure Multi-WAN Load-balance Preferred WAN
- Continuation to above step to configure CGW with Multi-WAN configuration, for load balancing
- In Load Balance section, select Preferred WAN (RT) option
- Select the WAN interface (WAN1 or WAN2) in Preferred WAN section
- Save the configuration. CGW will be updated automatically in few mins.
¶ WAN selection for Traffic Flows
This option allows route selected traffic flows via preferred WAN Interface
To configure Multi-WAN Load-balance with respect to traffic flows:
- Continuation to above step to configure CGW with Multi-WAN configuration, for WAN load balancing
- In Load Balance section, select Traffic Flows
- Add Source Subnet, protocol and other details as needed. Select preferred WAN from drop down list
- Save the configuration. CGW will be updated automatically in few mins.
¶ Conclusion
Exium's SASE solution, fortified with built-in SD-WAN capabilities, empowers organizations to navigate the complexities of modern networking. By combining reliability, performance optimization, and advanced security features, businesses can foster a resilient and secure network infrastructure to meet the demands of the digital era.
To learn more about implementing SASE for your organization and explore tailored solutions that meet your unique requirements, contact Exium at partners@exium.net for a consultation or demonstration. If you are ready to get started, check out our testing and onboarding process.