Edge to Cloud Agile & Secure Connectivity for the Distributed Enterprise
The Covid-19 pandemic has accelerated the digital transformation, unexpectedly becoming the world’s largest work-from-home (WFH) experiment. And the results look promising. Not only are employees able to better balance work and life but companies are also proving productivity, flexibility and cost saving advantages. A recent survey conducted by Gartner revealed that 82% of company leaders plan to allow employees to work remotely some of the time when they return to the workplace*(Note1). This abrupt shift has given an extra push to already rising software-defined wide area network (SD-WAN) solutions that have experienced fast-paced growth in the last two years.
The next big leap in digital enterprise transformation affects not only traditional roles that used to telework in the past such as the sales force. A more diverse set of functions are now WFH with different security and connectivity requirements. In addition, growing Artificial Intelligence of Things (AIoT) technology adoption is rising ICT concerns when connecting and securing more complex endpoints at the edge that range from intelligent retail stores to mission-critical industrial sensors and autonomous machines.
Moving forward towards a ubiquitous enterprise, the focus shifts from the data center to the device identity that needs to be securely connected independently of its location. As first defined by Gartner in 2019, the future of network security lives in the cloud, taking a Secure Access Service Edge (SASE) approach based on zero trust network access (ZTNA). This paper describes a unified SASE solution based on NetFoundry and Advantech platforms. A cloud-native approach to the enterprise network that moves away from monolithic architectures to fit each asset connectivity needs from headquarters and regional branch offices to edge sites, WFH employees and smart devices helping organizations drive distributed innovation in the new 5G and AIoT economy.
In today’s hyperconnected world, cybersecurity threats are more diverse and sophisticated than at any other time. Technology innovations such as Software-as-a-Service, the Internet of Things as well as the cloud, enable applications, users, and devices to be even more diverse than ever before, making it far more difficult for companies to control internal and external traffic on their networks. The unwelcome advent of Covid-19 has accelerated the need for heightened security as employees work from anywhere. Gone are the days when everyone caught the train to a single, physical office block to work.
SASE offers a way to bring trustworthy security to modern enterprise networking – to connect and protect - by incorporating a number of technologies into an entire suite – including SD-WAN, Zero Trust Network Access (ZTNA), and Firewall-as-a-Service (FWaaS).
SASE capabilities extend way beyond legacy security architectures, incorporating identity and trust, irrespective of the connection, users location, device, or application. SASE also enables policies to be delivered, as well as meeting security, networking, application, user, and the needs of the business.
Finding a balance between security, as well as the need to allow greater agility, performance and automation, is fine art for any network manager – and this is where NetFoundry and Advantech can help.
How to Deliver Cloud-Based Security
Distributed enterprises with dynamic access requirements cannot rely anymore on data center-centric network security architectures. This is one of the key drivers for cloud-delivered SASE which shifts the focus to the user identity. This is achieved through a worldwide fabric of points of presence that reduce latency and improve agility based on network and security-as-a-service models.
Figure 1. Netfoundry Global Fabric
NetFoundry and Advantech have partnered to deliver a unified cloud-based network and security platform that drives distributed innovation. It provides the agility and economics of cloud-native, application specific networking, with network infrastructure managed as a service – Network-as-a-Service (NaaS). It is based on application specific networking to streamline policy enforcement with endpoints making local decisions on an app-by-app basis. Verified business traffic is directly routed to its destination, while an unknown web app can be routed to a secure web gateway (SWG). As NetFoundry is cloud-native, inspection services are done as close to the endpoints as possible in cloud-based or local enforcement points leveraging Advantech Universal Edge Appliances and following a thin branch/heavy cloud SASE architecture. Critical locations with tight requirements for high reliability and predictability can also be supported by Advantech white-box platforms to minimize latency and maximize performance – as well as being able to support IoT and business apps at the edge of the business.
Protecting Your Assets from Edge to Cloud
The future disaggregated enterprise has changed connectivity needs but a constant remains: security. NetFoundry Zero Trust Fabric provides a unified platform to enable and protect every connection from HQ datacenters to small offices, WFH employees or IoT edge sites and devices. The Global Fabric is based on a dynamic routing mesh across multiple ISPs, cloud-backbones, and customer premises. Endpoints only need outbound sessions to NetFoundry Edge Routers, only listening for authenticated authorized sessions. As a result, customer endpoints and clouds are darkly invisible to the Internet, while leveraging Internet connectivity.
Figure 2. Netfoundry Global PoP Location
The NetFoundry Edge Routers, as intermediaries to all application sessions, can be made available on demand, as a service, using application specific, real-time routing with self-healing algorithms. Customer hosted NetFoundry Edge Routers can also be deployed on-premise leveraging Advantech universal edgeS Solution Brief | SASE: Edge to Cloud Agile & Secure Connectivity for the Distributed Enterprise appliances which provide the lowest latency and highest performance to critical company locations from regional branches and remote facilities all the way up to private data centers and headquarters. Advantech scalable platforms have been designed for high reliability to minimize costly technical support visits and service interruptions which can result in the loss of valuable data and customers. This hybrid approach allows for unprecedented agility enabling admins to manage all networking cases – from IoT to remote worker to cloud – from a single pane of glass with unified control and visibility to spin up global zero trust networks on demand in minutes.
Last but not least, NetFoundry Network-as-a-Service model means organizations are only billed for usage. Their network can scale as they grow. There is no need to build for peak capacity. Customers can even leverage NetFoundry Zero Trust Global Fabric to spin up networks for short-term purposes, e.g. for an app migration, for a set of contractors during audit time or for an IoT experiment, and then spin them down when done consuming the network in a pure OpEx model.
Global enterprises require secure and agile connectivity for their assets independently of their location. The SASE solution from NetFoundry and Advantech provides a flexible approach to the network leveraging the ubiquity of NetFoundry Global Fabric plus the on-prem performance and reliability of Advantech Edge Appliances. Companies can securely connect remote WFH employees or devices over a ZTNA platform with application specific routing at the endpoint while guaranteeing the best latency response for business and mission critical applications and employees working in regional offices or corporate headquarters with on-site edge routing.
Advantech Universal Edge Appliances integrate the latest processing and networking technology in optimized compact systems that scale to meet enterprise network performance needs from a few Mbps to over hundreds of Gbps. The systems support LAN and WAN wireless connectivity including 5G, 4G/LTE, Wi-Fi 6 and Wi-Fi 5. Rugged and extended operating temperature range configurations can be deployed in industrial or edge environments. In addition, the platforms are supported by Advantech’s global service network with logistic and support centers in all main continents.
Increasingly smart shopping malls, hypermarkets, department stores and grocery stores are integrating Artificial Intelligence (AI) into their operations to optimize logistics, offer highly relevant personalized advertising or even predict customers’ purchasing behavior. This AI-enabled retail locations require high on-site computing performance to deliver in-store intelligent operations and marketing services in addition to seamless integration with public and private clouds or secure remote access to the ISV app providers.
Figure 4. Advantech FWA-5000 Series
The combination of NetFoundry’s cloud-based secure and agile connectivity and Advantech edge computing platforms provides a powerful framework to accelerate intelligent retail applications. On-premise highly reliable devices featuring latest AI processing technology and integrating NetFoundry Fabric Edge Routing can be deployed for real-time application response to improve shopping experience and sales.
Private 5G & AIoT
The Artificial Intelligence of Things (AIoT) is pushing the network to its limits. The growing number of intelligent mission critical connected devices in smart factories, warehouses, grids, hospitals, cities, and stadiums require secure, high bandwidth, low latency and high availability communication services. The realization of AIoT relies on the underlying network becoming one of the main drivers for private 5G.
Figure 5. Advantech SKY-8000 Series
Advantech has partnered with leading industry players such as NetFoundry to develop private 5G network solutions that provide an integrated connectivity framework tailored for AIoT. This communications platform creates a secure 5G NR mobile network delivering on-site low latency, reliable and high-performance communication services to smart sensors, devices and machines while providing ZTN to the corporate private and public cloud as well as remote users without the need for private APNs, MPLS or VPNs. The open platform can integrate AI acceleration to run edge intelligence applications. Advantech 5G Edge Servers have been designed for sustained performance in mission critical, outdoor harsh environments making it ideal for 5G edge computing use cases such as heavy industry manufacturing, remote-control machinery, autonomous vehicles, construction sites, oil rigs, ports, airports, smart cities, or stadiums.
The Covid-19 pandemic has heavily impacted people and businesses across the world accelerating enterprise digital transformation. This period of unprecedented events has shown how more tech-savvy organizations can outperform their less tech-savvy peers when facing change putting operational agility and security as CEOs top priority* (Note 2). By combining cloud-based agile and secure connectivity from NetFoundry with high performance and high availability edge platforms from Advantech, company CIOs and IT departments can lead their companies through the next big leap in digital transformation, adopt performance differentiating cloud, IoT and AI technologies, and be ready to thrive in a world of constant change.
*Note 2: IBM Institute for Business Value: The 2021 CEO Study https://www.ibm.com/downloads/cas/WVPWGPYE
NetFoundry is the leader in Cloud-Native Networking, enabling businesses to simply, securely and cost effectively connect distributed applications across edges, clouds and service meshes.
The NetFoundry platform, delivered as NaaS, enables businesses to connect applications without the costs and complexity of VPNs, custom hardware, and private circuits. NetFoundry’s platform is accessed via APIs, SDKs, and DevOps tools integrations, enabling practitioners, application developers, and network administrators to get the levels of automation and agility which are only possible with connectivity-as-code. https://netfoundry.io/
Advantech Contact Information
Hotline Europe: 00-800-248-080 | Hotline USA: 1-800-866-6008
Regional phone numbers can be found on our website at http://www.advantech.com/contact/
More information please visit: https://www.advantech.com/nc/spotlight/ucpe
© 1983-2021 Advantech Co., Ltd