OPAQ built a global network infrastructure and embedded enterprise-grade security services that even extend to an organization’s endpoints. Credit: Thinkstock Today’s threat landscape has led organizations to defend their networks with numerous point solutions, most of which are complex and require significant attention to operations and ongoing maintenance. While large enterprises often have sufficient skilled resources to support the security infrastructure, small- to medium-sized businesses sometimes struggle in this area. For the SMB market in particular, Network Security-as-a-Service is an attractive offering. It allows companies to get the very best security technology at an affordable price point while having someone else maintain the complex infrastructure. This has given rise to a genre of service provider that builds its own network backbone in the cloud and embeds network security as an integral service. More and more players are starting to offer this kind of service. They generally start with a global network backbone and software-defined wide-area networking (SD-WAN), add a full security stack, and connect to various cloud services from Amazon, Google, Microsoft, etc. Customers connect their data centers, branches, end users, and cloud apps to this network, and away they go. It’s networking, plus network security, all in one place, and all managed as a service. A better networking experience This is the basic formula offered by OPAQ, with a couple of interesting twists as real differentiators. The folks at OPAQ believe they have built a better networking experience — especially for small- and mid-sized companies that are challenged to maintain and secure their own network. OPAQ’s global network infrastructure was developed by fabricating data centers inside of core networking facilities such as those from Equinix. Then all those data centers are connected via a secure SD-WAN backbone. By virtue of its acquisition of Bat Blue Networks, OPAQ now has more than 150 direct peering relationships with the likes of Amazon, Apple, Google, Facebook, Netflix, and many other cloud and content providers. OPAQ’s infrastructure and peering relationships enable about 60 percent of client traffic to go directly to its intended destination without ever touching the internet. Thus, OPAQ can intelligently route a majority of traffic across its backbone so that the packets get the fastest route to a cloud or content provider. As strong as the networking is, OPAQ considers its real strength to be its security services. OPAQ provides network control all the way down to the endpoint. It is delivered via an agent installed on servers or mobile computers, and it allows control of the network flow, both inbound and outbound, from a single policy in the cloud. The agent footprint pulls the firewalling capability into the cloud and still maintains east-west traffic control in the local network. OPAQ has patented technology that allows them to software-define and control connectivity such that packets can securely go directly between endpoints rather than being backhauled to the cloud to pass through security before going back to another endpoint sitting in the same conference room. OPAQ partners add security capabilities OPAQ has several strategic technology partnerships that bring strong security capabilities to the networking solution. Palo Alto Networks’ Next-Generation Firewall capabilities are integrated into the OPAQ Cloud, providing customers with enterprise-grade security protection in a simplified, fast and flexible way. Customers (or their managed service providers) gain increased visibility, control and understanding to prevent advanced threats against their network. In addition, Cloudflare capabilities are integrated into the OPAQ Cloud to provide customers with advanced DDoS mitigation, dynamic web application firewall, easy SSL, and other security capabilities. In order to have a thorough security solution, OPAQ believes it’s necessary to know what’s happening on the network, on the workstations, and on the security devices. By stitching those three services together into a single platform, OPAQ makes network provisioning and cloud provisioning easy. It’s all done through a single pane of glass, and OPAQ has all the software-defined fabric that makes secure connections happen. OPAQ’s network is available through service providers, who have the opportunity to add value on top of what OPAQ brings to the table. For example, all the logged data that’s being created by the services in the network is being put into a single aggregation point, which gives managed service providers or managed security service providers the ability to have full telemetry, provide reports, and provide security monitoring on top of the platform. OPAQ can point its log feed into a MSP’s or MSSP’s SIEM to facilitate the monitoring. While any size organization can benefit from the OPAQ Cloud, OPAQ directs its sales efforts mostly to the mid-market — companies that really need and want enterprise-grade security but who would not normally be able to afford to install and manage it themselves on their own network. Considering that these mid-sized companies are often third-party suppliers or partners to much larger enterprises, the quality and completeness of a network security solution is critical. Related content news analysis NetBeez helps narrow down root causes of issues in virtual environments Troubleshooting issues in a sea of virtual hosts can be a challenge. One enterprise with a 99% virtual environment has found a tool that monitors the VMs and helps reduce troubleshooting time. By Linda Musthaler Feb 05, 2020 5 mins VMware Virtualization Network Monitoring news analysis SASE is more than a buzzword for BioIVT Secure access service edge might be the newest Gartner buzzword, but BioIVT implemented its SASE platform more than 18 months ago and is already reaping the benefits of business acceleration based on technology simplification. By Linda Musthaler Nov 12, 2019 8 mins Networking Security news analysis An SD-WAN service that gets around the Great Firewall of China legally Teridion’s SD-WAN service for China complies with government restrictions on IPSec traffic leaving the country yet supports broadband IPSec WAN interfaces for international businesses with branches in China. By Linda Musthaler Nov 04, 2019 9 mins SD-WAN VPN Networking opinion Tokalabs Software Defined Labs automates configuration of lab test-beds The primary challenge of running a test lab is the amount of time it takes to provision the test beds within the lab. This software defined lab platform automates the setup and configuration process so that tests can be accelerated. By Linda Musthaler Oct 21, 2019 5 mins Networking PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe