WedgeCND was architected specifically to operate in a cloud compute environment, running on OpenStack™ for elastic scale, as well as VMware™ and other cloud software systems. WedgeCND was architected using the concepts of virtualized network functions (VNFs) and software-defined networks (SDN) which are orchestrated in conjunction with cloud compute resources to provide security with industry leading flexibility, performance, and scale.
Wedge refers to this software framework as an orchestrated threat management (OTM) architecture. This solution approach is in some ways functionally similar to a cloud-based unified threat management (UTM) system, however it is implemented very differently, to support unlimited scale and the ability to integrate and orchestrate third party VNFs or applications for a more open, scalable and flexible security solution.
The concept of OTM is rather simple and starts with software that operates at the security mediation layer. Software operating at this layer operates on COTS hardware in the form of an appliance, VM, or a cloud. The virtualized mediation engine is a subset of the Wedge Security Orchestrator used in WedgeARP systems. It inspects traffic in real-time, reconstructs MIME objects in real-time, and subjects the fully reconstructed content to one or more security applications which are represented as security VNFs.
The security VNFs are comprised of security application technologies that Wedge has sourced through partnerships with other industry leaders, or developed ourselves, packaged as virtualized functions. Next, the security VNFs are service chained using WedgeCND’s orchestrator, which also orchestrates the allocation of compute and memory resources in concert with the cloud operational control software (i.e., OpenStack).
Collectively, this OTM architectural approach in concert with multiple Wedge patented technologies yields industry leading performance, with unrivaled scale, and unlimited flexibility.
WedgeCND is easily integrated into existing cloud environments. If isolation is preferred, or if you do not currently have a cloud operation in place, Wedge can assist you to provide cloud-in-a-box solutions which provide a quick start solution to get WedgeCND up and running in no time.