SASE Appliance And Deployment-ready CPE For Cloud-based Web Monitoring And Filtering

Background

Educators around the world have been rushing to implement contingency plans for remote learning in order to maintain educational continuity since late 2019. While it does appear that school closures could be extended for many through the end of the 2021 and even into the 2022 school years, providing safe, filtered devices and a safe, secure remote learning environment for students are more important than ever.

Web monitoring and filtering for education typically include the following elements:

  • Content filtering to prevent access to inappropriate and harmful content
  • Monitoring of online activities of minors
  • Ensuring appropriate online behaviors and raising cyberbullying awareness

Requirements

A system integrator came to Lanner looking for hardware appliances intended for setting up a scalable, next-generation web filtering/monitoring solution that could easily be integrated into a school district’s existing systems. And the requirements are:

  • The ability to either filter or allow content within websites
  • The ability for IT staff to either block or unblock certain websites
  • Preventing spam and other email-based threats
  • Easy deployment and easy management

Solution

Lanner’s NCA-5710 and NCA-1515 were respectively selected as the SASE appliance and the CPE appliance for the said web filtering/monitoring solution.

The NCA-5710, powered by the 2nd gen Intel® Xeon® Processor Scalable Family and Intel® C627 or C621 chipset, features optimized computing power and virtualization capability in a compact 1U form factor. It comes with dual LGA3647 CPU sockets, 4x NIC module slots and up to 384GB DDR4 system memory, delivering a multitude of advanced networking features for maximizing packet processing efficiency and cryptography acceleration.

The NCA-1515, on the other hand, is a 231mm x 200mm x 44mm desktop network appliance powered by Intel Atom® C3000 series CPU; its robust performance and support for Intel® QAT together deliver bottleneck-free cryptographic acceleration and commercial-grade LAN functions. The NCA-1515‘s support for Intel® Movidius™ Myriad™ X Vision Processing Unit (VPU), via a mPCIe expansion slot, makes it a truly robust Edge AI solution for intelligent surveillance, traffic management, access control and many retail applications.

Benefits

As a SASE appliance placed in the Cloud, the NCA-5710 consolidates most network functions into a cloud-based, all-inclusive, agile and versatile single point of service for end users, significantly reducing the time and effort needed for planning, designing, implementing and managing a cloud-based filtering & monitoring system.

The benefits include

  • Enabling secure access to distributed resources
  • Delivering flexibility and cost-efficiency
  • Providing management simplicity
  • Enhancing network visibility and threat prevention

As a CPE, the NCA-1515 is perfect for network applications because it not only enables software-defined, virtualized services for the school district’s network but also optimizes cost-saving. The NCA-1515‘s open architecture also makes it deployable almost anywhere with almost any mainstream operating systems.

Upon open source or proprietary software installation, the NCA-1515 is capable of comprehending multiple service scenarios such as VPN, WAN Optimization, DHCP, NAT, QoS, Firewall and ID/IPS. All in all, the NCA-1515 is a deployment-ready CPE that optimizes Cloud-to-user connectivity.

Results

With the NCA-5710 and the NCA-1515, the said system integrator was able to deliver an always-on network security appliance for the school district. The end result is a Cloud-based filtering and monitoring setup that not only combines web filtering, anti-malware, in-depth analytics and integrated reporting but also one that streamlines policy provision.

Remote-learning students are provided with uniform protection and safe access to appropriate web content and designated cloud apps across premises, Cloud and remote access without the risk of exposing data assets or user information.

For the said school district’s IT department, the NCA-5710 and the NCA-1515 together deliver the following results:

  • All-seeing network visibility and control from a SASE appliance and framework with 24/7 cyber defense and built-in threat detection/isolation, SSL decryption, protocol control and behavioral Analysis.
  • All-encompassing Edge device intelligence across every school-issued or BYOD device, browser and platform, therefore ensuring the authenticity/identity of each user, the integrity of all resource and the appropriateness of content being accessed, regardless of location.
  • In-depth analytics derived from real-time monitoring, alerts and forensic-level reporting, ensuring no content, access, activity or behavior is left unmon