Your web browser doesn't support some required capabilities.
This interactive demo works best with the latest version of Chrome, Firefox, or Safari.
An error occurred. Please reload the page or download again from the VMware Demo Library:
For VMware partners:
www.vmware.com/go/partnerdemos
For VMware employees:
www.vmware.com/go/demos
Visit the VMware Demo Library
to get more demos!
For VMware partners:
www.vmware.com/go/partnerdemos
For VMware employees:
www.vmware.com/go/demos
Unable to initialize the simulation player:
This demo file may be incomplete or damaged. Please reload the page or download again from the VMware Demo Library:
For VMware partners:
www.vmware.com/go/partnerdemos
For VMware employees:
www.vmware.com/go/demos
Drive it with your mouse, your finger, or just use the arrow keys.
Use Learn mode to learn the demo. The orange boxes show where to click.
Use Present mode to hide the orange boxes and notes.
Click a Shortcut to jump to a specific part of the demo.
Network Service Insertion using Zscaler:
The VeloCloud Solution supports a
platform to host multiple virtualized network functions to eliminate single-function appliances and reduce branch IT complexity.
VeloCloud service-chains traffic from the branch to both cloud-based and enterprise regional hub services, with assured performance, security, and
manageability. Branches leverage consolidated security and network services, including those from partners like Zscaler.
Summary Steps:
Step 1: From SD-WAN Orchestrator,
Configure Non VeloCloud Site and assign to profile
Step 2: From Zscaler management GUI,
Configure Zscaler Gateway with VPN configuration.
Step 3: From SD-WAN Orchestrator,
Configure Business policy rules for Internet Connection.
Step 4: Verification Step: Verify from a Client machine for internet traffic getting redirected to Zscaler site and rules are working as expected.
Detailed Steps:
Scenario: For this demo/lab exercise, Enterprise administrator from the Zscaler management portal has defined the rule for redirecting all Internet traffic on port 80/443 from branch sites to Zscaler for inspection. Also, Zscaler is configured with a rule denying any Sports website traffic.
Step 1: Configuring NVS Site
From SD-WAN orchestrator, Configure the NVS and attach to the profile
Step 2: From the Zscaler management portal, Configure the VPN, location and rule with URL.
For this demo, VPN, location and URL rule is preconfigured by Zscaler admin. End user will login to confirm the URL.
URL blocked is a sports web site. Also, other configurations like the URL,Location,VPN settings are pre-populated. Zscaler UI showing the URL configation.
Create and Configure Business Policy for Internet traffic redirection.
Step 3: From the SD-WAN orchestrator, Create and Configure Business policy for Internet traffic. all the internet traffic from 80 and 443 port is forwarded to Zscaler site.
For this demo, End user will configure this rule for a single branch (Chicago Branch). If this rules needs to be pushed for multiple sites, then use the profile to create Business policy.
Step 4: Verification Step. Verification will be performed from the client machine connected to Chicago Branch Site. Browser from the Client machine is already opened. End user will type in cnn.com and espn.com to verify that the internet traffic is redirected to Zscaler site and sports website is getting blocked.