A New Approach to Private Connectivity with Graphiant
Graphiant is a Network as a Service company with the goal of providing private connectivity to customers in an as-a-service platform. Historically, private connectivity has been handled with technologies such as MPLS, metro Ethernet, and more recently, SD-WAN. With SD-WAN being one of the newest iterations of private connectivity and having the ability to use different types of network connections and providers, why is something different needed? I gathered two major reasons why from Graphiant's #NFD33 presenation. Graphiant describes that due to the number of tunnels that SD-WAN creates, the complexity can become high, and SD-WAN does not provide true end-to-end encryption, due to decryption happening at each hop.
Graphiant solves the complexity issue by implementing less tunnels. This is achieved by their implementation of the Graphiant Stateless Core which is deployed in their own private cloud with multiple locations around the world. Customer edge devices, running Graphiant software only create tunnels to the Graphiant Stateless Core. This means that customers can maintain a full mesh network of sites, without maintaining a full mesh set of tunnels at each edge, which reduces complexity.
As far as end-to-end encryption, the Graphiant edge devices encapsulate a packet in an ESP header, then add a Graphiant label to each packet (there is also an IPSec header added is well, but that is only to handle confidentiality across public networks from the edge to core). The Graphiant Stateless Core then only forwards the packets based on that Graphiant label so the packet itself is not decrypted in the core.
领英推荐
Policy Control
While customers natively achieve any-to-any connectivity they can implement policy leveraging the Graphiant labels to control which edge nodes are able to communicate with each other. This allows customers to implement route policy and control without having to effect the underlying network topology.
Use Cases
Graphiant describes three major use cases to their solution: edge, cloud, and B2B. I liken the edge use case to basic private connectivity. This is the act of creating that any-to-any connectivity across the private infrastructure. The cloud use case is around providing that jump point from the private infrastructure into the public cloud using their Gateway service. Lastly, the B2B use case covers the ability to create connectivity to partners and third party providers such as security use cases like SASE platforms.
Private Connectivity, the New Way
Graphiant provides what I see as a new method to deploy private connectivity, consumed in an as-a-service model. They aim to reduce complextity by implementing less tunnels and providing end-to-end encryption by not decrypting packets in their core. I see implementing Graphiant's solution as being a less complex method to both connecting the private enterprise as well as customer implementations into the public cloud.
Product Leader & Architect | CCDE, CCIE x5, CISSP | Delivering Profitable MSSP Products from Concept to Commercialization
1 年Nanish Ali John Wimpole Abubakar Saeed Muhammad Waqar Khan Sohail Afaq 3xCCIE(RS,SP,DC), 2xVCIX(NV,DCV),PMP,CISSP,AWS-Pro(SA),CISA