Internet strategies built for security and choice

Overlay solutions work with your existing network

One of the key benefits of SD-WAN is the ability to build high-performance WANs using relatively low-cost and commercially available broadband Internet links. Using an internet-only approach for data transport has become known as SD-WAN “over the top” (OTT), because your corporate IP traffic runs over a secure connection using cost-effective public internet access, rather than “on-net” solutions that run over the service provider’s private network. OTT strategies are also known as overlay solutions or secure overlay networks.

Masergy has expanded its SD-WAN offerings with OTT solutions, helping enterprises of all sizes take advantage of an internet-only approach for data transport. This is the ideal solution for mid-sized businesses that want a low-cost broadband backbone as well as mid-to-large sized companies locked into long-term contracts for network connectivity. The advantage is that you can:

  • Cut costs by trading private network connections for more cost-effective public ones
  • Choose the local internet service provider that works best for your business locations
  • Leverage your existing corporate network and take full advantage of your bandwidth

How Masergy's SD-WAN Secure OTT works

Masergy creates an overlay network on top of any public or private network and sends encrypted application traffic via IPsec tunnels to Fortinet-powered endpoints over the public internet ("over the top") for your secure, agile, and scalable corporate network. The SD-WAN management portal provides a single view across your network with AI-powered service control and real-time analytics including AIOps and Shadow IT Discovery tools. Located on three continents, Masergy's own NOCs provide a best-in-class managed service, as evidenced by our industry-leading client retention rates and Net Promoter Scores.

Key features of Masergy's OTT service

Built-in security

  • End-to-end IPsec data encryption to protect SD-WAN traffic between all endpoints
  • Integrated next-generation firewall to protect sites and users directly exposed to the internet via broadband connections with SD-WAN

Superior application performance

  • Forward Error Correction (FEC) to lower overall packet loss ratio and improve data integrity over public bandwidth
  • Fast, automated application routing using an optimization database of more than 5,000 enterprise applications

Consolidated management portal

  • Holistic visibility and control with real-time insights available on any desktop or mobile device
  • Industry-leading capabilities including AIOps, Shadow IT Discovery, and Identity-Based WAN Analytics

Determine the underlying network — you can bring your own

The first step of designing an OTT solution is to identify the underlying network, and Masergy offers the flexibility to work with any public or private network. Locked into a contract with a third-party MPLS provider but want to immediately move to an SD-WAN solution? No problem. Masergy’s “bring your own network” (BYON) option allows you to overlay Masergy’s SD-WAN Secure OTT solution on top of your existing third-party network.

As shown in the diagram, when you bring your own network, the SD-WAN Secure OTT solution establishes secure IPsec tunnels between SD-WAN endpoints through your existing third-party MPLS network.

Choose your public connectivity types

Beyond just broadband, Masergy’s SD-WAN Secure OTT solution allows for other
connectivity options. Choose from any of these third-party services:

  • Direct internet access (DIA)
  • Fixed wireless (5G or LTE)
  • Public internet access (broadband)

Yes, of course you can mix and match the options above. Plus, when you bring your own network, you can also route traffic via your existing private network backbone.

Work with any internet service provider

Know which third-party internet service providers you want to use? You can bring your own broadband, DIA, and wireless connections. Conversely, you can leverage Masergy's network of global access partners, allowing us to procure any combination of public connectivity services on your behalf. No matter which type of public connectivity services you choose or which providers you want to use, Masergy will deliver secure and agile connectivity with real-time performance visibility in one SD-WAN management portal.

Layer on security

Security features and services are embedded into every SD-WAN solution, meeting the key tenets of Gartner's SASE model. Three-tiered options include next-gen firewalls for superior perimeter protection and 24/7 SOC services that alleviate your team of the monitoring and threat response. Plus you can enforce consistent security policy across all SD-WAN devices and get security alert metrics within the SD-WAN management portal.

Choose the security service below that best matches your desired level of protection and support.

Unified Threat Management Threat Monitoring & Response Managed Security Services
Next-generation firewall (NGFW) with UTM
Enhanced anti-malware, IDS/IPS, app control, web filtering, and DLP
Built-in AIOps, Shadow IT Discovery, and per-user WAN analytics
Log reporting and alerting
SOC Services: 24/7 monitoring and incident response
Cloud Security: AWS®, Azure®, CASB, Office 365™, 3rd party integration*
Security analytics: Machine learning and behavior analytics
Advanced IDS and raw packet capture
Network visibility (flow data)
Endpoint detection and response
Threat intelligence and hunting
Vulnerability scanning and management

Extend the benefits of SD-WAN to your remote workforce

for power users needing uncompromising connectivity from their home offices

for mobile knowledge workers needing secure access to corporate and cloud applications

Select your management model

Not every IT department is comfortable handing the management of their WAN to a third-party provider. That’s why Masergy empowers your organization with the option to retain 100% control over specific aspects of your SD-WAN service using a co-managed model. The Masergy SD-WAN Secure OTT solution can be set up as a fully managed service or a co-managed solution, where you have the ability to self-manage configurations and policies unique to your corporate network.

The number of offices you have and the miles between them will dictate how many internet service providers your OTT solution will need. Last-mile vendor sprawl can cause management complexities and troubleshooting issues, because patchworked services come with traffic handoffs that can lead to finger-pointing frustrations. Masergy is here to relieve your IT team of this problem. If you choose a Masergy-provided internet connection, we’ll also monitor and manage the performance of your service to ensure maximum uptime for your business-critical apps.

Get real-time visibility and control in one portal

All you need is one portal for end-to-end visibility and total control over your SD-WAN environment. Masergy’s cloud-based SD-WAN management portal offers:

  • Real-time identity-based WAN edge analytics in a customizable dashboard
  • An AIOps virtual assistant for automated network performance evaluation
  • A Shadow IT Discovery solution that increases your security by automatically finding unsanctioned cloud apps on your network

Keep exploring

Answers to your frequently asked SD‑WAN questions

Transform with Certainty