Global reachability with GlobalConnect
GlobalConnect is a powerful extension to the Anapaya GATE service, operating as a dedicated GATE infrastructure. While the standard Anapaya GATE model restricts service access to a select group of SCION-enabled, trusted ISP networks - the GATE providers, GlobalConnect allows organizations to selectively and safely extend the reach of their protected services to the broader public internet. It acts as a controlled bridge between the SCION Internet and the global internet, offering granular control over how and where services are accessible.
GlobalConnect extends the reach of Anapaya GATE to specific geographies, allowing controlled access to the protected resources beyond the SCION Internet.
Controlled global reach
GlobalConnect is designed for organizations that require global or broad geographic reach for their services but are unwilling to accept the security risks of full exposure to the public internet. Its value is centered on three key principles:
- Controlled global reach: Extend service availability to users in specific countries or regions without exposing the service to attackers from all over the world. Prevent traffic from overwhelming your service through rate limiting and AS-level filtering.
- Rapid incident response: In the event of a security incident, GlobalConnect allows for quick disconnection of the service from the global Internet, minimizing potential damage.
How GlobalConnect is used
- Configure the GlobalConnect tunnel: Establish the secure connection from your Anapaya EDGE to the GlobalConnect infrastructure.
- Apply country-specific filters: Define an allow-list of countries from which traffic is permitted. All traffic from non-allow-listed geographies is automatically blocked.
- Configure rate-limiting: Set thresholds on the bandwidth of inbound traffic allowed from the GlobalConnect instances to prevent being overwhelmed by unexpected traffic spikes or volumetric attacks.
- Instantly Deactivate: If an attack is detected or suspected, you can deactivate the GlobalConnect tunnel with a single click on the Anapaya CONSOLE, immediately cutting off all traffic from the public internet and isolating the service within the secure SCION network.
When to use GlobalConnect
GlobalConnect is ideal for organizations with services that are primarily accessed by users in the reach of the Anapaya GATE providers but also need to extend access to users in specific geographies. It provides a secure and controlled way to reach a wider audience without exposing the entire service to the risks of the public Internet. In case of an attack, the service can be quickly disconnected from the global Internet, ensuring that the service remains secure and operational for the majority of its users that are connected to the Anapaya GATE providers.