As organizations seek to accelerate their cloud operations, ensuring secure and fast network performance to Azure Virtual WAN has become critically important. Check Point CloudGuard Network Security has now made available enhanced site-to-site VPN that simplifies Azure Virtual WAN network architectures, improving performance and lowering costs.
Typical Architecture with Azure VPN Gateway
Until now, VPN site-to-site connections required termination at an Azure VPN gateway before routing to a 3rd party security gateway like Check Point CloudGuard Network Security (Fig 1).
Fig 1 – Typical Architecture: All VPN access to Azure Virtual WAN is required to pass through an Azure VPN Gateway.
New Direct Connect VPN Architecture
Now CloudGuard Network Security Site-to-Site VPN provides Azure customers direct on-premises connectivity to Check Point CloudGuard virtual gateways inside of their Azure Virtual WAN without the need for an Azure VPN gateway (Fig 2).
Fig 2 – New Architecture: CloudGuard Site-to-Site VPN increases network performance by directly connecting any on-premises gateways to CloudGuard gateways within Azure Virtual WAN with no need for an Azure VPN gateway.
Fig 2. New Architecture: CloudGuard Site-to-Site VPN increases network performance by directly connecting any on-premises gateways to CloudGuard gateways within Azure Virtual WAN with no need for an Azure VPN gateway.
This new integration delivers two key benefits:
- Faster performance from streamlined network architecture.
- Lower operational costs through dynamic routing.
Key Benefits
Faster Performance
CloudGuard Network Security, natively integrated with Azure Virtual WAN, now allows organizations to deploy secure route-based VPN within an Azure Virtual WAN hub in minutes without the need for an Azure VPN gateway. This simplifies network architectures by reducing traffic hops, increasing traffic flow efficiency.
Reduce Operational Costs with Dynamic Routing
Managing distributed networks and setting up the routing interconnections can be complex and resource intensive. Check Point CloudGuard’s dynamic route-based VPN is a flexible and scalable approach for connecting any network to Azure Virtual WAN through IPsec tunnels.
Unlike domain-based VPNs, route-based VPNs rely on dynamic routing protocols like BGP to manage dynamic routing and minimize the manual tasks required to maintain security and connectivity. This makes Check Point CloudGuard Network Security’s route-based VPN ideal for complex and evolving network topologies like Azure Virtual WAN.
Why Choose Check Point CloudGuard Network Security for Azure Virtual WAN?
Best-in-Class Network Security
IPS, anti-virus, anti-bot, granular application control, URL Filtering and zero-day threat prevention secures all network traffic with the industry’s highest block rate – 99.9% for hybrid networks.
Lower Operational Costs
Check Point CloudGuard Network Security is integrated with Azure Virtual WAN for quick setup and simplified security operations like site-to-site VPN with dynamic routing. This enhanced capability minimizes security management tasks by adapting to elastic cloud networks. Azure Virtual WAN utilizes a hub-and-spoke design, so the CloudGuard gateway connects to the central hub, providing secure and efficient network traffic between all connected Azure spokes and on-premises or branch locations.
Centralized Network Management
CloudGuard hybrid mesh firewalls enable centralized policy, firewall, and logging for efficient operations and forensics for any to any network flows between on-premises, private and public cloud including Azure Virtual WAN. CloudGuard Network Security provides secure network connectivity with threat prevention and granular access control between on-premises networks and all spokes connected to the Azure Virtual WAN hub. All network security is centrally managed and controlled through the single Check Point management console.
Getting Started
For organizations looking to secure, streamline, and accelerate their Azure Virtual WAN connectivity, Check Point CloudGuard is the best choice. See for yourself how CloudGuard can enhance your Azure network security, book a one-on-one demo today.
Learn more
Check Point Under The Hood Webinar – Site to Site VPN for Azure Virtual WAN
For further technical information see this Check Point Secure Knowledge article: https://support.checkpoint.com/results/sk/sk183099