Aryaka and Palo Alto Networks

Global SD-WAN with Next Generation Security


Palo Alto Networks and Aryaka seamlessly integrate to deliver a joint solution of enterprise-grade security with a cloud-native Global SD-WAN that has private connectivity, WAN Optimization, and application acceleration capabilities.

As Aryaka Networks and Palo Alto Networks Partner, GAB ExactlyIT Solutions can provide both services out of one hand.

Aryaka´s SmartConnect delivers SLA-based reliable global connectivity and significantly faster application performance for enterprises, and Palo Alto adds a layer of advanced security controls.

Together, Aryaka and Palo Alto, deliver a best-of-breed SD-WAN and security platform for enterprises accessing mission-critical internally hosted applications as well as those going directly to the internet for accessing cloud applications.


Aryaka and Palo Alto Networks – Seven Layers of Global Enterprise Security


  1. Global Private Network
  2. Multi-Path Encryption
  3. Advanced DDoS Migration
  4. Aryaka Virtual Firewall
  5. Palo Alto Networks Next-Generation-Firewall
  6. Palo Alto Prisma
  7. Palo Alto Virtualized Firewall for the cloud

#1 Use Case


Secure branch office: Aryaka Global SD-WAN and Palo Alto next-generation firewall

Challenge: Enable direct and secure hand-off of Internet traffic from the branch.

Solution: Using advanced routing policies, the Aryaka Edge Device (ANAP) automatically forwards all public Internet traffic to a co-located Palo Alto Networks Next-Generation Firewall appliance.

Benefits: By eliminating the backhaul of public Internet traffic, direct hand-off conserves WAN bandwidth and expense, and improves application performance and SLAs to deliver a superior edge-to-edge user experience. The ANAP includes built-in capabilities of a router, dynamic path control and WAN optimization in a single integrated solution. Co-location of the physical firewall at the branch enables secure hosting of services from the branch firewall.


#2 Use Case


Security for the distributed enterprise: Aryaka Global SD-WAN and Palo Alto Prisma Access

Challenge: Enterprises are increasingly leveraging direct Internet breakouts at remote locations to provide optimal and scalable connectivity for the purposes of guest Wi-Fi or SaaS applications. This approach provides the best overall user experience, but it also creates challenges when securing an increased number of internet access points and maintaining compliance with the organization´s security policies.

Solution: The Aryaka Edge device seamlessly forwards all Internet and cloud bound traffic directly to the Palo Alto SmartAccess Service.

Aryaka uses a Global Private Network with built-in optimization and security capabilities that include a multi-layer security approach with a global private core network, fortified security on the POP´s, end-to-end encrypted tunnels, and stateful firewalls.

Palo Alto´s security platform has highly differentiated cyberthreat prevention capabilities.

Together, this ensures that all enterprise, web and cloud traffic obtain enterprise-grade security, irrespective of whether they are going to the Aryaka global SD-WAN or the public Internet.

Benefits: The combined solution does not require additional on-premises hardware, appliances or software and is easy and cost-effective to deploy and manage.


#3 Use Case


Accelerated access to IaaS Solutions: Aryaka Global SD-WAN and Palo Alto VM-Series

Challenge: Organizations are moving data center workloads to IaaS providers like Microsoft Azure. To access these IaaS instances from branch offices, customers need to configure as many tunnels as IaaS instances for every branch office, which is operationally complex. Such a topology also leads to challenges of security and performance.

Solution: With Aryaka SmartConnect, branch offices obtain secure and accelerated connectivity to any IaaS. Aryaka SmartConnect provides direct connectivity to Azure or AWS instances, via either a private connection or IPsec tunnel. This configuration ensures that only one tunnel needs to be created for one branch to the Aryaka SmartConnect service unlike the earlier case of one tunnel for every IaaS instance.

Palo Alto VM-Series is a virtualized form factor of a next-generation firewall that can be deployed in an IaaS environment such as AWS or Azure.

Connecting to an IaaS through Aryaka SmartConnect guarantees high performance access. Once the connectivity to the IaaS instance is established, Palo Alto Networks VM-Series can be deployed on-demand for inserting firewall services.

Benefits: Enterprises connecting to IaaS thus obtain accelerated and optimized connectivity along with the same level of security and performance as workloads in the customer data center, without the use of any additional equipment or resources.