Secure, Global SD-WAN as a Service

SD-WAN or software-defined wide area network is a new way to manage and optimize a wide area network (WAN). SD-WAN was created to overcome the high bandwidth costs and the rigidity of MPLS services. It does that by incorporating Internet transports (such as Cable, DSL, Fiber and 4G) into the WAN and forming a virtual overlay across all transports.

The SD-WAN measures the real-time transport quality (latency and packet loss) and uses Policy-based Routing (PbR) to route application-specific traffic over the most appropriate transport

Secure, global SD-WAN, delivered as a service, provides the core benefits of SD-WAN while enabling secure direct internet access, SLA-backed connectivity, and seamless extension of the WAN to cloud datacenters and mobile users.


Traditional, Appliance-based SD-WAN Challenges

By introducing Internet transports into MPLS WAN, SD-WAN can expand WAN capacity and offload Internet-bound traffic at the branch. Yet, traditional SD-WAN fails to address network security requirements of accessing Internet and cloud resources and the need to continue and rely on MPLS for latency sensitive apps. Below are the main challenges left unaddressed by traditional SD-WAN.

The AtuanTI Solution: Secure, Global SD-WAN as a Service

AtuanTI is providing a fully converged global SD-WAN with built-in network security, delivered as a cloud service. SD-WAN edge device is the enabling network infrastructure. Core SD-WAN capabilities, such as policy based routing and transport agnostic overlay, are extended to address key problems with traditional SD-WAN.


Latency

No global latency controls persists MPLS dependency

One of the main benefits of SD-WAN is MPLS cost reduction. But since SD-WAN uses the public Internet where latency is unpredictable, enterprises need to maintain some MPLS capacity to support latency-sensitive applications.

Replace, not just augment, MPLS

AtuanTI provides its own global, affordable, SLA-backed backbone. With AtuanTI, customers can move to a combination of a high quality Internet last mile and the AtuanTI Cloud to augment and ultimately replace MPLS.The AtuanTI Cloud is strategically deployed to accelerate access to key cloud application like Amazon AWS, Microsoft Azure and Office 365.


Secure Internet Access

No integrated network security capabilities

SD-WAN directs WAN traffic across encrypted Internet tunnels. This provides the most basic security needed to send traffic over a public network. However, accessing web sites and cloud applications directly from a remote office and not backhauling to a datacenter, requires a network security stack to protect users against phishing, malware and other threats. This security stack often includes a next generation firewall (NGFW), URL filtering, anti-malware, IPS and more. SD-WAN solutions must partner with network security vendors for this functionality, complicating and fragmenting network and security policy management.

Cloud-based network security everywhere

AtuanTI provides a full enterprise-grade, network security stack built directly into its global SD-WAN backbone. There is no need to backhaul traffic to specific choke points or introduce 3rd party security products service chained together. All network and security policies are configured within AtuanTI’s cloud-based management application.


Cloud and Mobile Support

No support for cloud infrastructure and mobile users

SD-WAN solutions were designed to reduce spend on MPLS connectivity between physical locations. For legacy WAN architectures, cloud data center integration was an afterthought and mobile support was not a consideration. Yet, cloud and mobility represent a big part of how business gets done today.

Seamless support for cloud infrastructure and mobile users

AtuanTI was designed to easily connect all enterprise resources into the WAN, including physical locations, cloud resources, and fixed and mobile users. With AtuanTI, SD-WAN and security capabilities are available everywhere and to all resources without the need to introduce point solutions.


The AtuanTI Solution: Secure, Global SD-WAN as a Service

AtuanTI’s secure and global SD-WAN enables customers to eliminate multiple point products and the cost, complexity and risk associated with maintaining them. With AtuanTI, WAN transformation will not merely end in MPLS cost avoidance, but present a full roadmap for streamlining the networking and security infrastructure of the organization.



Next Generation Firewall

Cloud-based Next Generation Firewall eliminates the appliance lifecycle management

The Next Generation Firewall (NGFW) appliance has been the cornerstone of network security for the past two decades. It applies deep packet inspection (DPI) and multiple security engines to inspect both inbound and outbound traffic and enforce a company’s security policy. The main characteristic of a NGFW is application awareness: the ability to detect and enforce policies on applications usage based on packet content rather than packet headers (source and destination IP addresses, ports and protocols).

A cloud-based NGFW (also known as Firewall as a Service) delivers a powerful, application-aware, enterprise-grade, elastic and scalable solution without the challenges of legacy appliance-based solutions.


Application awareness adaptation

Appliance-based Next Generation Firewall Challenges

Slow application awareness adaptation

Next Generation Firewalls detect common network applications based on data flows using DPI. Application IDs that are discovered can then be used in firewall policies for more granular control. Customers must indicate to the firewall vendor when application traffic is not detected or classified and wait for an appropriate signature or patch.

Cloud-based Next Generation
Firewall

Adaptable application awareness

AtuanTI uses its cloud traffic visibility to quickly extend its detection of new applications without involving the customer. New application identification capabilities are immediately available to all customers.


Visibility

Fragmented location-bound visibility

Appliances are location-bound and can only inspect the traffic that flows through them. This is why appliance sprawl and backhauling are needed to get inspection and enforcement to where the traffic is.

Full visibility

As all WAN and Internet traffic goes through the AtuanTI Cloud, there are no blind spots or need to deploy multiple appliances to cover all traffic.


Scalabilty

Capacity constrained security

Next Generation Firewalls apply various security engines to the traffic including IPS, anti-malware, URL filtering and more. Running these engines in parallel depends on appliance capacity. Smaller devices, such as UTMs, are limited in their security enforcement due to capacity constraints.

Unrestricted cloud scalability

AtuanTI can inspect any encrypted and unencrypted traffic with all supported security services and no impact on performance. Customers avoid sizing exercises or forced upgrades. AtuanTI ensures there’s capacity so customers receive the full range of security services.


Sizing

SSL inspection degradation

Next Generation Firewalls need to inspect encrypted (SSL) and unencrypted traffic at line speed. Encrypted traffic places a significant load on the appliance and often creates scalability and performance issues. As the share of SSL traffic increases, forced appliance upgrades often become a necessity.

Full traffic inspection

Cloud-based inspection scale to support all traffic without the need for unplanned or forced upgrades.


Manageability

Resource intensive appliance management

Distributed Next Generation Firewalls require an appliance at each location, with its own set of rules. Deviations from a policy template tend to happen over time and increases the likelihood of rules conflict and security exposure. Furthermore, each appliance lifecycle has to be managed separately. Appliances must be bought, deployed, configured, patched, updated and ultimately replaced either due to an End of Life (EOL) or business growth.

Self-maintaining cloud service

Without the need to size, upgrade, patch or refresh appliances, customers are relieved of the ongoing grunt work of keeping network security current against emerging threats and evolving business needs.


With the AtuanTI Cloud, enterprise can evolve their network and security
infrastructure into a scalable, secure network with full visibility to all traffic,
streamlined policy management and complete elimination of the care and
feeding associated with on-premise infrastructure.


The AtuanTI Solution: Cloud-based Next Generation Firewall

AtuanTI is providing a new kind of a Next Generation Firewall, one that is available everywhere the business does business without the need for discrete appliances. The AtuanTI Cloud aggregates all enterprise traffic across data centers, branches, mobile users, and cloud infrastructure into a cloud network with built-in Next Generation Firewall . AtuanTI enforces application-aware corporate security policy for WAN- and Internet-bound traffic.


Learn more about AtuanTI's Network+Security as a Service

Download Whitepaper


Secure Web Gateway

Cloud-based Secure Web Gateway protects users against internet-borne threats

Secure Web Gateway (SWG) protects users against phishing, malware and other Internet-borne threats. Unlike traditional firewalls, Secure Web Gateways are focused on layer 7 web traffic inspection, both inbound and outbound. As web security solutions, they apply no protection to WAN traffic, which is left to the corporate Next Generation Firewalls. In recent years, Secure Web Gateways appeared as cloud services. The cloud instances enable secure web and cloud access from anywhere – including outside the office by mobile users. The traffic coverage and solution form factor remain the key distinctions between Secure Web Gateways and Next Generation Firewalls who often provide a very similar level of security capabilities.

A converged, cloud-based network security solution converges the capabilities of a Next Generation Firewall (WAN and Internet traffic inspection) and the extended coverage for mobile users of Secure Web Gateways.

A converged approach eliminates the need to maintain policies across multiple point solutions and the appliance life cycle.


Appliance-based Secure Web Gateway Challenges

The AtuanTI Solution: Converged Network Security in the Cloud


Visibility

Fragmented visibility

A Secure Web Gateway appliance needs to sit in the data path to be able to process enterprise traffic. An appliance is required at every location that accesses the Internet.

Full visibility

As all WAN and Internet traffic goes through the AtuanTI Cloud there are no blind spots and no need to deploy multiple appliances, of different providers, to cover all traffic.


Scalability

Capacity constrained security

A Secure Web Gateway applies various security engines to the traffic including IPS, anti-malware, URL filtering and more. The ability to run these engines in parallel is subject to the appliance capacity. Smaller appliances, such as UTMs, are especially limited in their scalability, extensibility and inspection capabilities.

Unrestricted scalability

AtuanTI can inspect any mix of encrypted and unencrypted traffic with all supported security services. Customers don’t have to go through sizing exercises or forced upgrades. AtuanTI ensures capacity is available to provide customers the subscribed service.


Inspection

SSL inspection degredation

A Secure Web Gateway needs to inspect both encrypted (SSL) and unencrypted traffic at line speed. As the share of SSL traffic increases, forced appliance upgrades may become a necessity.

Full traffic inspection with no degredation

AtuanTI can inspect all traffic, both encrypted and unencrypted with all supported security services and with no performance degradation. Inspection capacity is handled exclusively by AtuanTI to ensure support for licensed capacity.


Manageability

Complex appliance management

A distributed environment requires multiple appliances at each location, each with its own set of rules. Each appliance life cycle has to be managed separately. It has to be bought, deployed, configured, patched, updated and ultimately replaced either due to an End of Life (EOL) or business growth.

Self-maintaining cloud service

Without the need to size, upgrade, patch or refresh appliances, customers are relieved of the on going grunt work of keeping their network security up to date against emerging threats and evolving business needs.


AtuanTI is providing a new kind of a network security stack that converges a Next Generation Firewall, Secure Web Gateway and Advanced Threat Protection in the cloud. All these capabilities are available everywhere without deploying discrete appliances and cloud-based services.

The AtuanTI Cloud aggregates all enterprise traffic including data centers, branches, mobile users, cloud infrastructure into a cloud network with built-in network security stack. AtuanYI enforces comprehensive security policy on all traffic, both WAN- and Internet-bound and all users, both fixed location and mobile.


The AtuanTI Solution: Converged Network Security in the Cloud

AtuanTI is providing a new kind of a Secure Web Gateway, one that is available everywhere the business does business without the need for discrete appliances. The AtuanTI Cloud aggregates all enterprise traffic across data centers, branches, mobile users, and cloud infrastructure into a cloud network with built-in network security stack. AtuanTI enforces application-aware corporate security policy for WAN- and Internet-bound traffic.



Firewall As a Service

Next Generation Firewall delivered as a cloud service simplifies management

Firewall as a Service (FWaaS) is a new and revolutionary way of delivering firewall and other network security capabilities as a cloud service. Enterprises have always deployed next generation firewalls as appliances. While form factor varies between physical and virtual appliances, deployed on-premises or in the cloud, customers needed to support the full appliance life cycle. Distributed locations needed dedicated appliances that had to be sized and upgraded to accommodate business growth. Appliance software had to be patched and upgraded. Policy management had been done on an appliance basis. We refer as the “appliance straight jacket” and it had impacted both enterprises and service providers.

Firewall as a Service (FWaaS) is a new type of a next generation firewall. It does not merely hide physical firewall appliances behind a “cloud duct tape”, but truly eliminates the appliance form factor, making firewall services available everywhere. In essence, the entire organization is connected to a single, logical global firewall with a unified application-aware security policy. Gartner has highlighted FWaaS as an emerging infrastructure protection technology with a high impact benefit rating.


The AtuanTI Solution: Firewall as a Service Built into a Global Cloud Network

AtuanTI is providing Firewall as a Service (FWaaS) built into a global cloud network. The AtuanTI Cloud aggregates all enterprise traffic from data centers, branches, mobile users, and cloud infrastructure into the cloud. It then enforces comprehensive security policy on both WAN- and Internet-bound traffic, and all users, both fixed location and mobile.

AtuanTI’s Firewall as a Service represent the next evolution in firewall technology that leverages advances in software and cloud technologies, to deliver a wide range of network security capabilities on-demand wherever businesses need it.


AtuanTI’s Firewall as a Service (FWaaS) provides the following benefits:

FULL VISIBILITY

with all WAN and Internet traffic going through the AtuanTI Cloud there are no blind spots and no need to deploy multiple appliances.

UNRESTRICTED SCALABILITY

AtuanTI can inspect any traffic mix (encrypted and unencrypted). AtuanTI ensures capacity is available to provide the service the customer subscribed to.

UNIFIED SECURITY POLICY

AtuanTI enforces one granular policy and rule base that can extend from one user to the entire business. The rule base is common to all security functions and all traffic types. There is no need to associate policy with distinct appliances or point products.

SIMPLE LIFE CYCLE MANAGEMENT

Without the need to size, upgrade, patch or refresh firewalls, customers are relieved of the on going grunt work of keeping their network security up to date against emerging threats and evolving business needs.


GET A DEMO


Learn more about AtuanTI's Network+Security as a Service

Download Whitepaper


Advanced Threat Protection

Advanced threat protection delivered as a cloud service for adaptive and agile defense

Advanced Threat Protection is the collection of network security and related defenses deployed to address current and emerging threats. Often, it is not the advanced nature of the threat that is the real risk. IT organization are facing the daunting task of maintaining complex infrastructure as the basis of providing Advanced Threat Protection to their users. Following simple best practices like network segmentation, keeping software up to date, monitoring and detecting unauthorized cloud usage (“Shadow IT”), and deploying multi-factor authentication – to name a few – represent a real hurdle for IT leaders facing significant skill shortages.

Advanced Threat Protection is the collection of network security and related defenses deployed to address current and emerging threats. Often, it is not the advanced nature of the threat that is the real risk. IT organization are facing the daunting task of maintaining complex infrastructure as the basis of providing Advanced Threat Protection to their users. Following simple best practices like network segmentation, keeping software up to date, monitoring and detecting unauthorized cloud usage (“Shadow IT”), and deploying multi-factor authentication – to name a few – represent a real hurdle for IT leaders facing significant skill shortages.


The AtuanTI Solution: A cloud-based network with built-in Advanced Threat Protection

AtuanTI is providing a range of advanced security services built into a global cloud network. The AtuanTI Cloud aggregates all enterprise traffic across data centers, branches, mobile users and cloud infrastructure into the cloud. It then applies multiple security engines to enforce a comprehensive security policy on both WAN- and Internet-bound traffic, and all users, both fixed location and mobile.

The AtuanTI Research Labs is analyzing cloud network traffic patterns to looks for anomalies and possible attacks on our infrastructure and on customers networks, and adapt our defenses as needed.


AtuanTI’s Advanced Threat Protection provides the following benefits:

BUILT IN NETWORK SEGMENTATION

The cloud network is segmented by default preventing access between network resources (locations, users) unless specifically permitted.

ADVANCED MALWARE PROTECTION

AtuanTI inspects all web sites access for malicious domains (phishing and malware delivery sites). It also performs inspection on all WAN and internet traffic for malicious files.

INTRUSION PREVENTION SYSTEM

AtuanTI perform deep packet inspection on all traffic for indiAtuanTIrs of compromise or malicious patterns. Protocols validation, known CVEs, flagged domains and IPs, and advanced behavioral analysis is seamlessly performed in the AtuanTI Cloud.

NETWORK ANOMALY DETECTION

AtuanTI enforces application aware policies on both WAN and Internet traffic across all network resources. Deep Packet Inspection is used to look for attack patterns within internal and external network activity.

RAPID THREAT ADAPTATION

AtuanTI leverages the unprecedented visibility to the cloud network traffic to detect network anomalies and emerging threats. This enables quick adaptation of our Advanced Threat Protection to protect all customers.

CROSS-DOMAIN EVENT CORRELATION

AtuanTI looks at network activity across multiple domains to identify complex attack patterns in real time.

UNRESTRICTED SCALABILITY AND SELF-MAINTAINING SERVICE

AtuanTI can inspect any traffic mix (encrypted and unencrypted) and ensures capacity is available to provide subscribed services. Without the need to size, upgrade, patch or refresh appliances, customers are relieved of the on going grunt work of keeping their network security up to date against emerging threats and evolving business needs.


GET A DEMO



Learn more about AtuanTI's Network+Security as a Service

Download Whitepaper

Join Us Up There


Start a trial today

Try Now