Upgrade and adapt your network to acommodate mobile workspaces, cloud-based applications and cloud services in the most efficient and secure way possible.
+ State of the art firewall shields you from any malicious intent.
+ Firewall protected access to web, email and applications.
+ Custom access for multiple users.
+ Publish websites and applications with zero-touch deployment.
+ Management portal centralises applications, assignements and policy configurations.
+ Make the most of your existing networks, maximise your bandwidth use based on your detailed tailored policies.
+ Prioritize application access to the network based on real-time conditions and metrics – loss, latency, jitter.
+ Integrated network and application reporting dashboard.
+ Availability, agregated link speed. throughput real-time analysis.
+ Create custom reports.
+ Cloud based interface enforcement of policies and centralised configurations.
+ Improved network and security management over multiple sites.
+ Create a software defined overlay through virtual logical paths created from diverse links.
+ Every packet in every path in both directions is measured for latency, loss and congestion.
+ Identify each application and direct it to the best path with priority given to critical applications.
+ Multiple rated links can be supported, with business logic applied to when each type of link is used and in which order.
+ Choose Standby WAN links and determine when Standby WAN links become active based on Business rules: state of active links, capacity thresholds, prioritization of standby links.
+ Ease of Management of L3 network at scale: changes in the routing environment information captured in real-time.
+ Branch: simplified integration with branch LAN environment.
+ Data Centre: allows for larger clustered deployments to support DC scale.
WAN EDGE MODE
+ DHCP Support: Ccient, server and relay.
+ Routing: eBGP, iBGP, OSPF.
+ Third Party IPSec Interoperability.
+ GRE Tunnels (WAN & LAN): third party service chaining.
+ Routing Domains: micro-segmentation.
+ Traffic Engineering: End to End traffic engineering with routed environments, Route Summarization, Increased Route Tables.
+ Multicast: Static Multicast Trees, IGMP Proxy, Full PIM implementation by Q2’18.
+ VRRP: Branch redundancy with traditional routers, Leverage existing investment with path to full replacement.
Integrated Stateful Firewall
+ Comprehensive Firewall security: IP to Application layer; Secure hosts, ports and infrastructure; Support for Dynamic and Static NAT; Enable firewall rules even for encrypted traffic with Application intelligence.
+ ICSA certified.
+ Define zones to enforce different policies for different users.
+ Single Point of Management across Network: Provision, troubleshoot and analyze Routing and Security.
+ Wanop Edition: best for locations with only one link, helps overcome impact of loss and latency, reduces congestion.
+ Premium Edition: best for locations with multiple links, optimization is applied to the virtual path, reduces congestion and improves TCP protocol.
Compression and Deduplication
Reduce the amount of data on the WAN – Multiple compression engines optimize app traffic at full WAN speeds for both compressible and noncompressible data.
De-duplication removes redundant data:
+ Proprietary cross-stream pattern matching with byte caching, even for non-compressible data such as images.
+ Removes redundant data even across different sessions, files and applications.
+ Larger data streams, greater than 1M, are stored on disk.
+ Smaller data streams that are seen frequently are stored in memory for low-latency access.
Compression decreases the size of the data:
+ Single-ended, object-level compression.
+ Compression history shared across connections.
+ Zlib – Complex algorithm similar to WinZip that provides a 2 to 5x reduction (RFC1950).
+ LZS – Used during high CPU/high memory conditions to provide up to 2x reduction (RFC2395).
Advanced TCP Flow Control
Improve performance of TCP protocol:
+ Prevent the automatic protocol adaptation to loss.
Use the full link:
+ Fill the link to that sending rate almost equals link speed.
Citrix SD-WAN Employs:
+ Window scaling of up to 16Kx of standard TCP.
+ SACK to minimize data that is resent.
+ Fast re-transmits to reduce delay before resend.
+ BIC TCP for faster recovery from packet loss.
Speed up application experience by removing protocol inefficiencies
+ Several application protocols were designed for LAN environments and do not work well over the WAN, like MAPI, CIFS, NFS and FTP.
+ PConnect SD-WAN is application aware and can accelerate these applications: collects packets and reconstructs payload, local device identifies application/client request and mimics server response, remote device communicates with server and mimics client response.
+SCPS protocol acceleration capabilities for satellite communications.
Accelerate Microsoft Office 365 with PConnect SD-WAN
Ensure great user experience with end-to-end security:
+ Alleviate latency.
+ Accelerate access.
+ Reduce bandwidth needs.
+ Flexible deployment options.
SD-WAN Orchestrator for Cloud-based Management X SD-WAN Centre for On-premises Management
Citrix SD-WAN Centre for On-Premises Management:
+ Single pane of glass for branch, datacenter and cloud.
+ Policies are defined centrally and pushed across.
+ Firewall, Virtual WAN, Routing and WAN Optimization all configured from same user interface.
+ No branch or device config or login required.
SD-WAN Center for Centralized Management and Control:
+ Define users, permissions, and authentication method.
+ Simple network map with health indications.
+ Define event severity and alerting methods.
+ See and filter event history.
+ Monitor WAN link performance against carrier SLAs.
Cloud based multi-tenant management and control service:
+ PConnect Cloud Service.
+ Simplified Operations.
+ Hierarchical Administration.
+ Easy to deploy.
+ Intuitive Dashboards & Reports.
Simplified Deployment with Zero-Touch Deployment Service
+ Supported with SD-WAN Centre or SD-WAN Orchestrator deployments.
+ Automated appliance provisioning.
+ Authentication to join Network.
+ Status updates of the deployment process.
+ On-premises appliance support: 210, 210-LTE, 410, 1000, 2000, 2100 platforms.
+ Cloud-based deployments: Amazon and Azure.