Wide Area Network (WAN) is inter-connected Local Area Networks (LAN), which can be WiFi or Ethernet networks. If you have multiple sites connected to each other over the internet, or remote users accessing your company resources, then you have a WAN.
Software Defined Networking (SDN) is a modern way of controlling network hardware by software running in the cloud. SDN not only provides savings in hardware, but also allows integration to other systems to have many powerful features such as faster setup, improved handling of network failures, better cybersecurity, etc.
Software Defined Wide Area Network (SD-WAN) uses the SDN approach for controlling WAN hardware, usually called "WAN router", or simply “router”. Using cloud management, SD-WAN easily and securely inter-connects routers over the internet, provides multiple ISP connections for redundancy, allows remote users to connect securely, etc.
Secure Access Service Edge (SASE) is a new network and cybersecurity architecture combining SD-WAN, ZTNA, and threat prevention. It manages access to on-prem or cloud applications based on users’ roles, locations and schedules. It also provides multi-layer cybersecurity with IP filtering, DNS filtering, CountryBlock, AdBlock, and Intrusion Prevention System (IPS). In addition, it monitors networks and users, discovers new devices, and reports significant events as well as suspicious activities in real-time.
Today's SASE networks are not capable of making direct connections among sites. Instead, they carry all of the traffic to their overlay networks located in their datacenters or in a public cloud. Overlay networks are risky, because:
Thanks to the patented
OmniVPN® technology, Roqos' Distributed SASE directly connects multiple sites and remote users.
Roqos' Distributed SASE does not require any modifications on ISP or
upstream routers while inter-connecting every network type including the following:
Current SASE solutions are implemented in public clouds where all SASE customers' traffic are sent to.
However, due to governmental restrictions or security practices, some organizations may not send their data to public clouds.
Traditional SASE implementations may not be suitable for these organizations.
Roqos Distributed SASE can also be implemented in a private cloud or private datacenter, without sending
any end user or application data to a public network.
When implemented on-prem, Roqos' Private SASE provides the same features as the SASE in the Roqos cloud.
Only Roqos Private SASE is completely contained in a private cloud without any external communication.
SASE implemented on directly inter-connected Roqos Core appliances instead of being completely dependent on the cloud.
The only complete on-prem SASE for organizations who cannot use public clouds.
Patented OmniVPN® technology allowing easy remote connections without any port forwarding or firewall modifications.
Detecting, blocking and reporting threats locally on Roqos Core appliances instead of the cloud.
Network access control based on roles, locations and schedules of both remote and local users with BYOD.
Create agentless micro-segments in your network. Quickly isolate devices to stop lateral movement of malware.
Copyright © 2014- - Roqos, Inc.
All Rights Reserved.
