Skip to main content

Anapaya EDGE - The gateway to the SCION Internet

While the SCION architecture provides a new foundation for the internet, enterprises require a practical, manageable way to connect their existing networks to it. The Anapaya EDGE is the product designed to serve this exact purpose, acting as the bridge between the legacy IP world and the next-generation SCION network.

The Anapaya EDGE is a software-based network appliance solution that functions as a secure entry point, or gateway, for an organization's network to access the SCION Internet. It is implemented as a network appliance that can be deployed on standard hardware (as a physical appliance) or in a virtualized environment (as a virtual appliance), providing significant deployment flexibility to integrate into existing enterprise IT infrastructures.

Key features of Anapaya EDGE

  • High availability & instant failover: The Anapaya EDGE ensures maximum business continuity and operational resilience. Its multipathing capability allows for the simultaneous use of several paths, with instant, sub-second failover to an alternative path in the event of a network disruption or outage.

  • Proactive security: Instead of just mitigating threats, the Anapaya EDGE can prevent them by fundamentally reducing the network's attack surface. By controlling network visibility, it can make critical services invisible to anyone outside of a trusted group of peers, effectively reducing the attack surface from billions of devices to just those within the trusted networks.

  • End-to-end path control: Leveraging SCION's path-based architecture, the Anapaya EDGE gives network administrators unprecedented, granular control over their data's path. You can define the exact end-to-end path traffic takes based on latency, cost, provider preference, or geopolitical boundaries, ensuring compliance and optimal performance.

  • Seamless Integration: The Anapaya EDGE deploys as a physical or virtual appliance that transparently integrates with existing IT infrastructure. It uses IP-in-SCION tunneling to encapsulate standard IP traffic, meaning no changes are required for end-user devices or applications.

  • EDGE-to-EDGE encryption: The Anapaya EDGE provides state-of-the-art encryption and authentication for all data traversing the SCION Internet. This feature leverages the industry-standard IPsec ESP protocol for data confidentiality and uses the built-in SCION public key infrastructure for automated key management, eliminating the complexity of traditional VPN setups.

Use cases

The Anapaya EDGE is designed for organizations where network security, reliability, and data control are critical operational priorities. Its primary use cases center on protecting critical infrastructure and enabling applications that require exceptional availability and security.

  • Critical infrastructure protection: Critical infrastructure sectors such as finance, healthcare, energy, and government profit from the Anapaya EDGE's ability to provide highly secure and reliable connectivity across geographically distributed networks.
    • Financial services: As demonstrated by the Secure Swiss Finance Network (SSFN) or the Secure EFTPOS network (SEPN), the Anapaya EDGE is used to create highly secure networks for inter-bank communication, protecting sensitive financial transactions and ensuring operational continuity for banks and financial market infrastructures.
    • Healthcare: The Anapaya EDGE secures the transmission of sensitive patient data and ensures the 24/7 availability of life-critical systems like electronic health records and telemedicine platforms. It helps institutions meet strict compliance and data privacy mandates by controlling the physical path data travels.
    • Energy and utilities: The solution is used to safeguard the command and control systems of critical public infrastructure, including power grids, water facilities, and transportation networks, from cyber-physical attacks that could cause widespread disruption.
    • Government and defense: For government, defense, and diplomatic communications, the Anapaya EDGE enables true data sovereignty by guaranteeing that sensitive information does not leave jurisdictional boundaries. It provides a cyber-resilient network for inter-agency collaboration that is protected from nation-state attacks and routing manipulation.
  • Secure site-to-site and cloud connectivity: The Anapaya EDGE establishes highly secure, reliable, and high-performance connections between an organization's physical locations and cloud environments.
    • Business continuity: With multipathing and instant, sub-second failover, the EDGE ensures that connections between critical sites remain active even if a primary network path fails,
    • Encrypted data transfer: Using EDGE-to-EDGE encryption, the Anapaya EDGE creates secure tunnels between corporate data centers, branch offices, and public cloud deployments (e.g., in AWS and Azure). The key management system based on SCION's public key infrastructure, eliminates the complexity of traditional VPN setups, especially across multiple organizations.
    • Controlled visibility: The Anapaya EDGE allows organizations to control which networks can access their services, ensuring that only trusted partners and users can connect, thus significantly reducing the attack surface.
  • Protected web services: In combination with the Anapaya GATE, the Anapaya EDGE protects public-facing web services such as e-banking portals, remote access solutions, and smart meter management systems. In this context, the Anapaya EDGE connects the protected service to the SCION Internet, while the Anapaya GATE controls access and visibility.