The Challenge

With more than half of all enterprise WAN traffic moving to and from the cloud, global businesses are moving away from legacy architectures like MPLS to SD-WAN technologies. Typically, internet traffic was backhauled across the WAN to centralized firewalls to maintain security. However, in today’s cloud-centric context, ensuring application performance over such a backhauled setup becomes a challenge. In addition, security is not scalable when the organization has globally distributed users and locations.

Enterprises require a cloud-native SD-WAN platform that integrates private connectivity, application acceleration and security without adding network complexity and costs.

Aryaka’s Global SD-WAN

Aryaka’s Global SD-WAN enables enterprises with fast global connectivity along with accelerated access to mission and business critical applications. Aryaka uses a global private network with built-in optimization and security capabilities that include a multi-layer security approach with a global private core network, fortified security on the PoPs, end-to-end encrypted tunnels, and stateful firewalls.

Unlike legacy connectivity solutions that take months to deploy, Aryaka’s Global SD-WAN can be deployed within days. It is delivered as a service, so IT organizations can consume global networking services the way they would consume SaaS applications like Salesforce and Infrastructure-as-a-Service solutions like Amazon Web Services and Microsoft Azure.

Key Benefits:

Advanced Security

Accelerated Application Access:
Enable fast high-performance access to mission & business-critical applications hosted locally or in the cloud.

Advanced Security

Advanced Security:
Secure all enterprise and web traffic using comprehensive security, threat intelligence, visibility, and control.

Network Visibility

Network Visibility:
Deliver complete visibility into application usage and performance over both the Aryaka and Check Point services.

Check Point + Aryaka Deliver SASE as-a-Service

Check Point and Aryaka seamlessly integrate to deliver a joint SASE solution of enterprise-grade security
to protect from advanced threats with a cloud-first Global SD-WAN that offer superior connectivity, WAN Optimization, and application acceleration capabilities.

Aryaka’s SmartConnect delivers SLA-based reliable global connectivity and significantly faster application performance for enterprises, and Check Point Quantum Edge and Harmony Connect adds a layer of advanced security controls needed for web and cloud-bound traffic.

The Aryaka Edge device (ANAP) can seamlessly forward all internet- and cloud-bound traffic directly to the Check Point Harmony Connect cloud service or the Check Point Quantum Edge next-generation on-premises firewall.

Together, Aryaka and Check Point deliver a best-of-breed SD-WAN and security SASE platform for enterprise users accessing mission-critical internally hosted applications as well as those going directly to the internet for accessing cloud applications.

Aryaka and Check Point multi-layer security

Aryaka and Check Point Multiple Layers of Global Enterprise Security
  • Global Private Network
  • Multi-Path Encryption
  • Check Point Quantum Edge Next-Generation Virtual Firewall and Check Point physical FW appliances
  • Check Point Harmony Connect
  • Check Point Cloud Guard Network Security

Use case #1

Security for the distributed enterprise: Aryaka Global SD-WAN and Check Point Harmony Connect cloud service

Challenge: Enterprises are increasingly leveraging direct internet breakouts at remote locations to provide optimal and scalable connectivity for the purposes of guest Wi-Fi or SaaS applications. This approach provides the best overall user experience, but it also creates challenges when securing an increased number of internet access points and maintaining compliance with the organization’s security policies.

Solution:The Aryaka Edge device and its native Zones Firewall capability seamlessly forwards all internet and cloud bound traffic directly to the CheckPoint Harmony Connect cloud service. Check Point’s security platform has highly differentiated cyberthreat prevention capabilities.

Aryaka offers a global private network with built-in optimization and security capabilities that include a multi-layer security approach with a global private core network, fortified security on the PoPs, end-to-end encrypted tunnels, and stateful firewalls.

Together, this ensures that all enterprise, web and cloud traffic obtain enterprise-grade security, irrespective of whether they are going to the Aryaka global SD-WAN or to the public internet.

Benefits: The combined solution does not require additional on-premises hardware, appliances or software and is easy and cost-effective to deploy and manage.

Use case #2

NGFW as a Virtual Network Function: Aryaka Global SD-WAN and Check Point Quantum Edge

Challenge: Connecting branches directly to the cloud significantly increases security risks. Branches need to protect themselves against sophisticated Gen V cyber attacks.

Solution: With Aryaka SmartConnect, branch offices obtain secure and accelerated connectivity to any cloud service.

Check Point Quantum Edge protects branch offices on-premise with top-rated threat prevention, that can be deployed in minutes, and be managed by a unified threat prevention and access platform. Check Point Quantum Edge is a virtualized form factor of a next-generation firewall and Quantum Edge runs as a lightweight virtual machine (VM) on Aryaka’s ANAP CPE.

Benefits: The combination of Aryaka’s Cloud-First WAN and Check Point Quantum Edge offers top-rated threat prevention with a 100% cyber attack catch rate. It can be deployed within five minutes to protect SD-WAN deployments on the cloud or on-premises. Finally, its unified security architecture reduces OpEx costs up to 40% and CapEx by 20%.

Use case #3

Secure branch office: Aryaka Global SD-WAN and Check Point Quantum Next-Generation Firewall

Challenge: Enable direct and secure hand-off of internet traffic from the branch.

Solution: Using advanced routing policies, the Aryaka Edge Device (ANAP) automatically forwards all public internet traffic to a co-located Check Point Next-Generation Firewall appliance.

Benefits: By eliminating the backhaul of public internet traffic, direct hand-off conserves WAN bandwidth and reduces cost, and improves application performance to deliver a SLA-backed, superior edge-to-edge user experience. The Aryaka Edge Device includes built-in capabilities of a router, dynamic path control and WAN optimization in a single integrated solution. Co-location of the physical firewall at the branch enables secure hosting of services from the branch firewall.

Use case #4

Accelerated access to IaaS solutions: Aryaka Global SD-WAN and Check Point CloudGuard Network

Challenge: Organizations are moving data center workloads to IaaS providers like Amazon Web Services, Microsoft Azure, Google Cloud and more. To access these IaaS instances from branch offices, customers need to configure as many tunnels as IaaS instances for every branch office, which is operationally complex. Such a topology also leads to challenges of ensuring encompassing security and optimal performance.

Solution: With Aryaka SmartConnect and SmartCloud, branch offices obtain secure and accelerated connectivity to any IaaS provider. Aryaka provides direct connectivity to AWS, Azure, Google, IBM, Oracle and Alibaba Cloud instances, via either a private connection or an IPsec tunnel. This configuration ensures that only one tunnel needs to be created for any branch unlike the earlier case of one tunnel for every IaaS instance. Check Point CloudGuard Network is a virtualized form factor of a next-generation firewall that can be deployed in an IaaS environment. Connecting to an IaaS provider through Aryaka SmartConnect and SmartCloud guarantees high performance access. Once the connectivity to the IaaS instance is established, Check Point CloudGuard Network can be deployed by the customer on demand for inserting firewall services.

Benefits: Enterprises connecting to IaaS thus obtain accelerated and optimized connectivity along with the same level of security and performance as workloads in the customer data center, without the use of any additional equipment or resources.

About Aryaka Networks

Aryaka is the leader and first to deliver Unified SASE as a Service, the only SASE solution designed and built to deliver performance, agility, simplicity and security without tradeoffs. Aryaka meets customers where they are on their unique SASE journeys, enabling them to seamlessly modernize, optimize and transform their networking and security environments. Aryaka’s flexible delivery options empower enterprises to choose their preferred approach for implementation and management. Hundreds of global enterprises, including several in the Fortune 100, depend on Aryaka for cloud-based software-defined networking and security services. For more on Aryaka, please visit

About Check Point

Check Point Software Technologies Ltd. is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture that defends enterprises’ cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.

For more information, visit

Managed SASE by Aryaka and Check Point