Secure SD-WAN for the Corporate Office, Branch Office and Workers-From-Home

What is zWAN?
zWAN is an SD-WAN (Software Defined Wide Area Network) solution that uses software to establish, configure and manage network connections between the centralized data center(s) and the branch offices using available underlay networks comprising a mix of broadband, internet, MPLS and wireless (LTE/5G/Wi-Fi). zWAN provides enhanced security, optimized performance, lower costs, and ease of management. zWAN will enhance application performance, user productivity, reduce network expenses, unify network connectivity, and enable orchestration of application delivery across your network while increasing network security.

What are the benefits of deploying a SD-WAN Solution?

• Dynamic Path Selection & Multi-Transport
SD-WANs use dynamic path selection to steer or route network traffic to one or multiple WAN links based on priority, network conditions or traffic patterns. Data packets are automatically steered to specific WAN links based on link availability, to balance network traffic or to save costs. The data packets are identified by the SD-WAN and then categorized by application, source, user and destination. This packet identification is used to route the data packets down the most optimal path which results in enhanced performance of applications. The dynamic path selection and data routing is configured to utilize your existing underlay connectivity such as Broadband, LTE, MPLS or WAN. The SD-WAN uses the underlay connectivity’s characteristics such as cost (flat, usage based etc.), bandwidth, latency and jitter to make decisions on application steering to the appropriate path(s).

• Policy Based Management
The SD-WAN steers data based on policies (Quality of Service) configured specifically for your applications, devices, users, groups, locations and more. These polices are configured with a priority setting in which the SD-WAN utilizes to prioritize the data packets and how they are dynamically routed. The policies can be configured to meet the specific business and QoS requirements. The policies enable the SD-WAN the ability to steer traffic over specific networks, based on costs, as well as prioritization of traffic based on application, such as videoconferencing of business-critical SaaS applications.

• Centralized Management
A centralized management server is responsible for the control and management of the SD-WAN functionalities and devices. SD-WAN allows network administrators to centrally manage their entire network fabric by pushing out policies to all the branches with ease. This also allows for quicker integration of new branches. Administrators can also have a full view of the network, leading to the possibility of easily pinpointing any network issues and then take immediate action to resolve those issues. This insight can also be used to figure out where optimizations can be implemented to improve the overall usage of the network.

• Network Security
SD-WAN, at its core, supplies an organization’s network with a secure fabric to trusted devices while leveraging insecure connectivity, such as the Internet. SD-WAN has in-built security features as well, such as stateful firewalls, IPS/IDS (Intrusion Prevention System/Intrusion Detection System), DNS filtering, and much more. All these features are provided at the CPE level, without the need for traffic to be filtered through a corporate data center. More advanced security features like web filtering, anti-SPAM, anti-phishing, ATD, etc. are available through the use of third-party security appliances.

• Direct Connectivity
SD-WAN empowers organizations with the freedom to connect branches directly to a corporate data center and directly to cloud services such as SaaS applications. Connecting to cloud services has the added benefit of not requiring the traffic to route through the corporate data center.

The AmZetta zWAN Solution

AmZetta’s zWAN provides organizations with a comprehensive SD-WAN solution and has the following components:

What are the benefits of deploying a SD-WAN Solution?

• Enhanced Security
zWAN offers built-in security features to enhance an organization’s network security to help combat typical cybersecurity concerns. These features arm a network with the tools necessary to minimize the security attack surface across the network, applications, devices, and users to ensure all aspects of the fabric are secure. One of the integral ways an SD-WAN solution achieves higher levels of security involves encryption of all packets traversing the fabric utilizing industry standard SSL/TLS techniques. Another key feature prevents unneeded data from reaching the network. This means that all packets use the shortest path available to destinations, without compromising security – SaaS traffic to well-known and reputable sites can be sent directly to the destination without having to be sent through the data center, avoiding hair pinning of network traffic. At the same time, general internet traffic is inspected in real-time and automatically responded to if a threat is identified.

• Easy Cloud Adaption
The use of SaaS applications and other cloud services are on the rise. zWAN facilitates cloud access throughout the network fabric, including branch offices and remote workers, which in turn removes the need to route cloud and remote traffic back through the corporate data center, thus reducing latency.

• Improved Network Performance
zWAN brings awareness of traffic types that traverse through your network. An IT manager can prioritize traffic from business-critical applications as well as other services such as VoIP and web-conferencing and help steer the traffic via the most efficient route, automatically. This prioritization and steering work together to allow the IT Manager to get the best out of the available network, even minimize when network links experience packet loss and latency.

• Cost Reduction
zWAN reduces overall costs by allowing the use of low cost alternatives to expensive MPLS such as the public internet, broadband and LTE networks, allowing direct cloud access for the increasing use of SaaS applications, getting better results from available public networks by use of traffic shaping, prioritization of network traffic.

• Simple Zero Touch Provisioning
zWAN supports a true zero-touch provisioning of edge controllers. In order to onboard a device in a remote location the only required steps are to unbox the edge controller, plug it in and connect it to the internet. The edge controllers are automatically provisioned and configured to operational status. The network administrator can setup rules and policies that will be automatically applied when a matching edge controller is onboarded.