Aryaka SmartSecure Hosted VM Firewall Service

Aryaka’s Network Access Point (ANAP) integrates a Next Generation Firewall (NGFW) that runs as a virtual network function (VNF) on its ANAP 2600 and ANAP 3000 network appliances. Technology partner Check Point Software provides NGFW functionality with CloudGuard Edge.

The combined solution delivers on a converged branch solution with best of breed capabilities in both networking and advanced security, optimally configured via intent-based policies. Enterprises can choose between deployment models that optimally fit their needs: self-managed if they have the resources and expertise to optimally configure and maintain their NGFW, or as a managed service if they would rather outsource basic configuration and day-to-day management to Aryaka experts and merely want to supervise operations.

The Challenge

With more than half of all enterprise WAN traffic moving to and from the cloud, global businesses are moving away from legacy architectures like MPLS. In a legacy WAN architecture, internet traffic was backhauled across the WAN to centralized firewalls to maintain security. However, in today’s cloud centric context, ensuring application performance over such a backhauled setup becomes a challenge. In addition, security is not scalable when the organization has globally distributed users, locations and ever-increasing cloud presence.

Furthermore, optimally configuring, maintaining and extracting maximum benefits from specialized, best of breed security tools has become complex and time intensive.

Enterprises require a cloud-first SD-WAN platform that integrates private connectivity, application acceleration and security without adding network complexity and cost. Furthermore, enterprises must simplify optimal configuration and ongoing maintenance of advanced network and security tools.

Aryaka: The Cloud-First WAN

Aryaka’s SmartServices solution enables enterprises with fast global connectivity along with accelerated access to mission and business critical applications. Aryaka uses a global private network with built-in optimization and security capabilities that include a multi-layer security approach with a global private core network, fortified security on the POPs , end-to-end encrypted tunnels and stateful firewalls.

Aryaka implements an open, flexible and best of breed security model that empowers enterprises. Instead of being locked into a singular SD-WAN vendor’s security solution, enterprises can choose between best of-breed security models, express the desired security posture with intent and delegate the implementation to Aryaka experts.

Aryaka SmartSecure: The Power of Choice

Several surveys prove that a majority of global enterprises trust a multi-layer, multi-vendor security strategy to address their individual needs based on global coverage, compliance requirements and their application mix.

The Aryaka SmartSecure solution provides an advanced set of software-based security functions, including stateful firewalls, micro-segmentation and partnerships with industry-leading security providers, allowing enterprises to optimally tailor a multi-layered, multi-vendor security solution to their very own needs.

Aryaka SmartSecure: The Power of Intent

Moreover, network security is complex to plan, configure and manage. Network and security professionals are faced with a myriad of functions and vendor solutions to simultaneously manage. Extracting the best possible performance and maintain the optimal, up-to-date configuration of every component represents a huge challenge. With the optional managed model in Aryaka SmartSecure, enterprise IT can simply define their desired security posture with high level business intent and delegate the implementation to Aryaka’s orchestration and certified product experts on a customer approved configuration.

Note that the MyAryaka customer portal always provides full visibility and control over the VM life cycle management.

VNF Performance Visibility with MyAryaka

Delivering on additional functions with NFV deployment allows enterprises to simplify network operations and lower overall cost of ownership. But with NFV deployments it is important to get thorough, consolidated insight into a variety of performance aspects: enterprises now need to pay attention to CPU, memory utilization and its allocation to different VNFs. Visibility into VNF performance through packet data analysis of the traffic flowing across your entire network is critical to successful NFV deployments. Simultaneously, CPU and memory resources need to be closely monitored.

Solution Components

The Aryaka managed NGFW solutions consists of the following solution components:

Aryaka’s Network Access Point (ANAP)

2600 (Medium Site License)
3000 (Large Site License)
Supported VNF
CloudGuard Edge

Check Point CloudGuard Edge Next Generation Firewall

CloudGuard Edge: engineered to consume minimal resources and support CPU oversubscription yet deliver up to 1 Gbps of Next-Gen Threat Prevention performance for customer scenarios from virtual branch office/customer-premises equipment to high-density, multi-tenant environments. Cloud Guard Edge delivers hybrid cloud, segmentation, and internet gateway access.

Aryaka ANAP Network Function Virtualization

Aryaka’s ANAP models 2600 and 3000 support the KVM Hypervisor, which is part of the Linux OS.

MyAryaka Customer Web Portal

With NFV deployment, it’s imperative to have full visibility into resource utilization for every deployed VNF: bandwidth, CPU, memory.

Check Point Visibility

Check Point security management will be leveraged to manage the security policies by the customer and/or Aryaka Operations team.

Aryaka Hosted VM Firewall with Check Point


Managed Secure SD-WAN

With WAN security top-of-mind, Aryaka’s SmartSecure offers enterprises a managed, secure SD-WAN service on an end-to-end secure infrastructure, first-mile, middle mile, and into the cloud.

Operational Simplicity

With a managed edge and cloud security service that leverages Tier-1 partners, Aryaka’s end-to-end managed SD-WAN effectively hides complexity from the enterprise.

Best of Breed Network Security

Check Point virtual firewalls allow enterprises to consistently manage network security for applications hosted on-premises, in private and public clouds and across branch locations.

Lower TCO

By consolidating SD-WAN network and security functions on a single device as well as simplifying operations, Aryaka SmartSecure helps enterprises generate the maximum return on their SD-WAN investment.

About Aryaka

Aryaka, the Cloud-First WAN and SASE company, and a Gartner “Voice of the Customer” leader, makes it easy for enterprises to consume network and network security solutions delivered as-a-service for a variety of modern deployments. Aryaka uniquely combines innovative SD-WAN and security technology with a global network and a managed service approach to offer the industry’s best customer and application experience. The company’s customers include hundreds of global enterprises including several in the Fortune 100.

Tips for IT Management

10 Tips for IT Management

How to Thrive During an Economic Downturn

Download Report >