WHAT IS SD-WAN?

Software-defined Wide Area Network (SD-WAN) is the application of software-based network technologies that virtualize WAN connections to provide agility, performance and reliability for network traffic between remote and branch offices to data centers, cloud and cloud hosted apps (SaaS and IaaS).
TRADITIONAL ARCHITECTURE
SD-WAN ARCHITECTURE

WHY SD-WAN?

As your workloads move to the cloud and SaaS applications, it is critical to ensure reliable, fast, and secure connectivity for all your sites and remote users. There is a need of faster, more agile network architecture to handle increased traffic from cloud apps, distributed sites, and off-network users.
Need for Performance, Reliability & Great User Experience

With cloud and SaaS applications, there is a need for adaptive, self-learning platform that automatically adjusts for changing conditions assuring consistent application performance under any network conditions.

Optimization for Cloud Network & SaaS

With more applications moving to the cloud, enterprises expect its WAN to enable high speed consumption of applications, irrespective of where those applications are and from where those applications are accessed.

To provide Visibility, Automation and Orchestration

The hybrid network requires centralized monitoring, visibility and cloud control along with the need to apply uniformed policies & governance across private and public cloud assets.

As an MPLS Replacement

MPLS circuits are a norm for the Enterprise-wide connectivity, but are not built for cloud users & apps. Besides being expensive and hard to deploy, it provides no control on the network.

OVERVIEW

Your business is only as productive as your network. Part of Ray SASE (Secure Access Service Edge) Solution, Ray Secure SD-WAN takes SD-WAN to the next level by combining the best connectivity features of stand-alone SD-WAN products and security capabilities of next-generation firewall (NGFW) with the fundamentals of Zero Trust Network Access (ZTNA) in a single solution that enables a seamless SASE architecture.

HOW IT WORKS!

Secure SD-WAN is the modern-day successor of traditional site-2-site VPN. It goes beyond traditional VPN by adding the concept of link redundancy and active quality monitoring of the transports between sites. Ray Secure SD-WAN is a highly secure, cloud-scale architecture that is open, programmable, and scalable. You can quickly establish an SD-WAN overlay fabric. Use it to connect data centers, branches, campuses, and colocation facilities to improve network speed, security, and efficiency. SD-WAN leverages cloud-hosting to simplify deployment and management of network devices. It dynamically chooses the most suitable physical path to minimize latency, jitter or to maximize bandwidth based on current network conditions and application priority. SaaS and internet-bound traffic is no longer backhauled to a central office but is directly sent to the internet with the appropriate security inspection.

RAY SD-WAN ARCHITECTURE

It combines the bandwidth of broadband with existing WAN connections to more efficiently and cost-effectively connect users to data center and cloud-based applications from any location in the network. SD-WAN optimizes traffic over multiple available connections (MPLS, broadband, LTE) to deliver traffic across the network, delivering a better user experience to any location.

FEATURES AND BENEFITS

WAN optimization technologies like network traffic compression, advanced data caching, and network link pooling ensure the best quality of service (QoS). Going a step further, it identifies traffic flows to SaaS applications such as Salesforce, Office 365 etc., to apply optimal policies for Traffic Prioritization, best path selection, QoS, security and guarantees consistent security posture and low-latency application performance. Secure SD-WAN automatically makes dynamic, on-the-fly adjustments to QoS and application usage policies depending on real-time bandwidth and latency measurements. Ray Secure SD-WAN Edge devices include multiple multi-gigabit port options lines 4G and 5G cellular links to support high availability and throughput with Zero Touch Provisioning and powerful encryption. The traffic can securely use any transport available to it for the most direct access to the cloud.
Ray Secure SD-WAN enables direct internet access from every remote location without the need to backhaul traffic for central security inspection, which in turn increases performance of SaaS applications compared to backhauling. An SD-WAN can operate as an overlay to the existing network, providing you tools to turn up new branches rapidly without impacting the stability or configuration of your infrastructure. An SD-WAN is an ideal solution for branch-to-branch communication which can be steered over the SD-WAN overlay where VPN tunnels are built as and when needed. SD-WAN can off-load non-critical business apps to broadband as an alternative to MPLS. Automate operations using machine learning and artificial intelligence of IT operations (AIOps). Secure SD-WAN lets you optimize branch-to-branch, branch-to-cloud, and cloud-to-cloud connectivity. Ray Secure SD-WAN provides direct internet breakouts for remote users.
Ray Secure SD-WAN securely, and seamlessly, connects anyone or anything at edge locations to the cloud, and to applications using edge-to-cloud security based on the principles of Zero Trust Network Access (ZTNA). This on-premises or cloud-based security with secure SD-WAN helps accelerate the transition to a secure access service edge (SASE) architecture where and when it's needed. Ray Secure SD-WAN unifies SD-WAN, Routing, Firewall, Segmentation, WAN Optimization, and application visibility in a single platform. This delivers top-class networking, security, visibility, automation and performance capabilities with simplicity from a single cloud platform. The SD-WAN controller can be used to create virtual network segments to isolate data, including PCI data, to ensure data integrity and for PCI audit compliance. Segmentation also allows for overlapping IP addresses, which makes it easy to incorporate multiple networks into the system.
Ray Secure SD-WAN with zero-touch deployment and orchestration reduces setup to just minutes. Ray Secure SD-WAN supports all topologies including full mesh, partial mesh, hub-and-spoke and other arbitrary topologies. The control plane provides flexibility to define and establish the topology of choice on any tenant. Because SD-WAN is cloud-delivered and software-based, it allows for quick adaptation to changing needs, including adding access to cloud-based services, standing up new branches or remote offices, and dynamic steering of all traffic for optimized application and data delivery. Ray Secure SD-WAN provides visibility into traffic traversing the network between users, applications, and devices regardless of their location. Deep application visibility, with Layer 7 intelligence helps simplify network policy creation and traffic engineering. It offers visualized performance insights into the underlying SD-WAN network for actionable insights.
Increase agility and reduce costs for bandwidth by augmenting existing MPLS and leased lines infrastructure with broadband, LTE and other connection types. AIOps reduces problem identification and associated remediation costs; central management and control of network activity through Ray Platform eliminates the need to send out trained technicians to assess issues and repair them. Silo Network & Security infrastructure are replaced by a single software stack that reduces both CAPex and OPex costs. Allowing pay-as-you-go plans (subscription models) that defray high upfront investment costs and ongoing maintenance and upgrade fees. Flexible deployment model that can either inter-operate with the branch office router or replace it. Eliminating the need to deploy application-specific hardware or software at each branch location, as the SD-WAN edge devices can host virtual services and direct access to cloud-based services.
SD-WAN COMPONENTS
SD-WAN Edge

Ray Secure SD-WAN Edges are zero-touch enterprise-class appliances that provide secure, optimized connectivity to private, public and hybrid applications, compute and virtualized services. Edges perform deep application recognition, application and packet steering, performance metrics and end-to-end quality of service in addition to hosting virtual network function (VNF) services.

Deployment Choices
  • On-premises Edge Gateways
  • On-premises Virtual Machines
  • Ray Wireless (Wi-Fi)
Ray Platform

The Ray Platform provides centralized enterprise-wide installation, configuration, and real-time monitoring in addition to orchestrating the data flow through the cloud network. It enables one-click provisioning of virtual services in the branch, the cloud, or the enterprise data center.

Deployment Choices
  • On-premises Physical
  • Public Cloud
  • On-premises Virtual Machines
  • Blended Combination
  • Ray Hosted Cloud
Ray SASE Client

Ray SASE Client is a software application that extends Ray SASE to client devices by creating a secure and encrypted connection from remote devices to the distributed system Cloud Gateways with application segmentation and SD-WAN services. Upon user authentication and access authorization through Cloud Gateways, users with Ray client can securely, reliably, and with high performance connect to enterprise applications in public and private cloud.

Deployment Choices
  • Windows
  • MacOS
  • iOS
  • Linux
  • Android