Aryaka SmartSecure is designed to complement SmartConnect with managed SD-WAN security-as-a-service offerings. At the branch, an access firewall within the ANAP offers ‘north-south’ control, while an optional NFV-based Tier-1 firewall offers comprehensive L7 protection. Aryaka Zones extends this to the LAN with ‘east-west’ security, through site-segmentation with policy-based access. Together, the two capabilities segment WAN traffic, to Aryaka and to the internet, from LAN traffic, both internal and DMZ. A third capability extends security into the cloud though Aryaka’s security partners, including Zscaler and Palo Alto Networks. The ANAP also supports VRF-based micro-segmentation, enabling multi-tenancy.
Secure, local Internet breakout is enabled through Palo Alto’s Prisma Cloud Security Suite, Symantec’s Web Security Service, and Zscaler’s Cloud Security, protecting all ports and protocols without appliances.
Micro-segmentation adds to the ANAPs zones functionality. On-site, VLANs provide the local segmentation for internal and DMZ zones. Micro-segmentation extends this across the Aryaka core network via a BGP-driven VRF ‘lite’ functionality.
Aryaka’s ANAP supports NFV functionality for additional SDN-delivered services. We plan to partner with multiple Tier-1 security vendors, enabling choice.
Secure Remote Access
Aryaka’s Secure Remote Access is the first clientless SD-WAN to software-defined remote access. It significantly enhances both on-premises and cloud/SaaS application performance for the remote and mobile workforce without requiring additional hardware or software clients.
Aryaka Core Protection
In parallel, the Aryaka private core delivers partitioned connectivity to all enterprises, encrypting the data and protecting against DDoS attacks. Within the branch, enterprises have access to Syslog and Netflow logging, and at the network level, the MyAryaka cloud portal provides a single pane of glass for service configuration, monitoring and health.
The ANAP includes a virtual stateful ﬁrewall that delivers north-south access protection as well as a ‘zones’ capability offering site-segmentation to secure east-west traffic within the branch. The ANAP functions as a Secure Access Service Edge (SASE), an evolving category of secure managed edge devices.
Managed SD-WAN Security
With WAN security top-of-mind, Aryaka’s SmartSecure offers enterprises an end-to-end secure infrastructure, first-mile, middle-mile, and into the cloud.
Edge and cloud security leveraging Tier-1 partners is part of Aryaka’s end-to-end managed SD-WAN, hiding complexity from the enterprise.
SD-WAN security helps enterprises generate the maximum return on their SD-WAN investment, ensuring protection from external threats and the integrity of corporate data, anywhere in the world.
Aryaka and Zscaler Deliver a Best-of-Breed Global SD-WAN and Security Solution
Aryaka and Zscaler together deliver a solution that combines Aryaka’s managed services with Zscaler’s advanced cloud security platform.