Versa Introduces Inbound SSE™ to Protect Internet-Facing Applications with Cloud-Delivered Security

SANTA CLARA, Calif.--(BUSINESS WIRE)--Versa, the global leader in unified security and networking, today announced Versa Inbound SSE™, a new cloud-delivered security capability that protects internet-facing applications, APIs, and services by inspecting inbound traffic within the Versa Security Service Edge platform before it reaches the application environment. Security Service Edge platforms have traditionally focused on protecting outbound traffic from users and devices to the internet. Versa Inbound SSE extends this architecture to also secure traffic coming from the internet to applications, enabling enterprises and service providers to protect internet-facing workloads without deploying traditional firewall infrastructure alongside each application environment.

With Versa Inbound SSE, connections from internet users, devices, or systems are first directed to the Versa cloud security platform, where they are inspected and evaluated against security policies before being allowed to reach the application.

“Security Service Edge was designed for a world where users initiate connections outward,” said Rahul Vaidya, senior director of product management, Versa. “But enterprise applications are now distributed everywhere, and traffic flows in every direction. Versa Inbound SSE extends our unified SASE architecture to protect the inbound path, giving organizations consistent security enforcement regardless of where applications are hosted or where traffic originates.”

The Challenge of Protecting Internet-Facing Applications

Organizations increasingly operate applications, APIs, and services that must be accessible from the public internet. These include partner portals, externally accessible APIs, remote management systems, and IoT-connected services.

Exposing these services to the internet creates significant risk, including denial-of-service attacks, automated scanning and reconnaissance, malicious bot traffic, unauthorized access attempts, and malware-based attacks.

Traditionally, organizations protect these services by deploying firewalls and load balancers in front of each application environment. However, managing and refreshing large fleets of security appliances across multiple locations can be complex and expensive. As the number of applications and environments grows, the infrastructure required to protect them grows as well, requiring ongoing hardware upgrades and operational overhead.

Extending SSE to Protect Inbound Traffic

Versa Inbound SSE introduces a new architecture for protecting internet-facing applications by redirecting inbound connections through the Versa SSE platform.

When a user or system connects to an application, the connection is automatically routed to the nearest Versa cloud gateway, where security inspection and policy enforcement are applied. Only authorized and verified traffic is forwarded to the application.

Security protections include IP- and location-based access control, denial-of-service detection and mitigation, bot detection and filtering, intrusion detection and prevention, and detection and blocking of malware and malicious payloads.

By performing inspection within the cloud security layer, Versa enables organizations to detect and block threats earlier, while users continue accessing applications through the same hostnames and standard internet connections.

Eliminating the Need for Traditional Firewall Infrastructure

Because inbound traffic is inspected within the SSE platform rather than directly at the application environment, organizations can significantly simplify their security architecture. Key benefits include no dedicated firewall and load balancer stacks in front of each application, centralized policy management defined once and enforced across Versa's global cloud gateways, and elastic security inspection that scales automatically with application traffic demand.

For service providers, Versa Inbound SSE also enables new managed security services that protect customer applications while strengthening long-term service relationships.

Built on the VersaONE Universal SASE Platform

Unlike many SSE platforms originally designed primarily for outbound traffic, Versa’s architecture supports both inbound and outbound traffic inspection through the same integrated platform. This unified cloud-delivered architecture allows organizations to secure users accessing the internet, users accessing private applications, and internet traffic reaching applications.

Service providers can leverage Versa Inbound SSE to deliver inbound application protection as part of their managed security offerings. By operating Versa SSE Points of Presence, providers can secure customer applications hosted in enterprise data centers, branch locations, or cloud environments while maintaining tenant isolation and centralized policy control, expanding their managed security portfolios and embedding application protection directly into their connectivity services.

“With beem, Swisscom is redefining how security is delivered, embedding it directly into the network rather than bolting it onto the edge of the application,” said Egon Steinkasserer, Chief Technology Officer, B2B, Swisscom. “Versa’s Inbound SSE capability enables beem to inspect and control internet traffic before it ever reaches customer applications. As a result, beem customers can remove redundant on-premises firewalls without giving up the ability to host applications locally. The result is a uniquely simple and sovereign security architecture that strengthens our competitive differentiation and allows us to deliver new high-value managed security services to Swisscom customers.”

Availability

Versa Inbound SSE is available immediately as part of the VersaONE Universal SASE Platform, enabling enterprises and service providers to extend their SSE architecture to protect inbound internet traffic.

For more information, visit https://versa-networks.com/products/inbound-sse/ and https://www.versa-networks.com/blog/breaking-down-versa-inbound-sse-securing-internet-traffic-accessing-your-applications/.

About Versa

Versa, the global leader in unified networking and security, enables organizations to create self-protecting networks that radically simplify and automate their network and security infrastructure. Powered by AI, the VersaONE Universal SASE Platform delivers converged SSE, SD-WAN, and SD-LAN solutions that protect data and defend against cyberthreats while providing a superior digital experience. Thousands of customers globally, with hundreds of thousands of sites and millions of users, trust Versa with their mission-critical networks and security. Versa is privately held and funded by investors such as Sequoia Capital, Mayfield, and BlackRock. For more information, visit https://www.versa-networks.com and follow Versa on LinkedIn and X (Twitter) @versanetworks.