Smart Access Gateway (SAG) is a software-defined wide area network (SD-WAN) solution developed by Alibaba Cloud based on cloud-native technologies. SAG provides a more intelligent, reliable, and secure approach for enterprises to migrate their workloads to Alibaba Cloud in an all-in-one manner. The important release of SAG 2.0 makes SAG a comprehensive and complete solution. This article will take a look at the major updates to, and technical capabilities behind, Alibaba Cloud Smart Access Gateway (SAG) 2.0.
Alibaba Cloud provides a variety of product forms to support cloud migration in various scenarios. SAG APP was released in SAG 2.0 to enable terminals that run various operating systems to access the cloud. In addition, SAG-vCPE was released in SAG 2.0 to allow third-party cloud resources to access Alibaba Cloud through virtual machines (VMs) or container environments. This release also adds software images and terminal access capabilities, forming a complete cloud access solution.
The following table lists the SAG lineup.
All SAG 2.0 devices are equipped with 4G modules and 4G cards, enabling plug-and-play 4G access to the cloud, so that local ZTPs can be uniformly and remotely configured and managed on the cloud. If the local broadband line fails, the 4G line can also be used for configuration, management, and troubleshooting.
With unified monitoring and management on the cloud, the global vision allows you to easily manage a massive number of terminal devices.
SAG 2.0 supports remote port allocation, flexible networking and switchover at any time among dedicated lines, broadband, and 4G, and remote switchover at any time between one-arm and inline networking modes.
All configurations are sent from the cloud console, so that offline SAG devices are managed like virtual private clouds (VPCs), Elastic Compute Service (ECS) instances, and other cloud resources on the cloud.
SAG has a cloud-based integrated architecture that combines the cloud, network, and terminal together. It takes the cloud network as the core and focuses on intelligent hardware and software terminals. The richer the network access resources, the better the customers' network experience. With the release of SAG 2.0, 16 new access points are added in China, and seven new access points are added outside China. Therefore, the total number of access points exceeds 40 in China and 10 outside China.
For ordinary VPN protocols, UDP-based applications often loses packets or encounters increased delay because the Internet usually limits the speed of UDP packets. Security devices including firewalls also intercept IPsec packets from UDP 500 and 4500 ports, resulting in packet loss. SAG 2.0 adopts an in-house encryption tunnel protocol to support TCP camouflage, which effectively reduces the packet loss rate and delay of UDP-based applications and improves network quality. In addition, TCP and UDP encapsulation protocols switch over automatically, effectively improving the escape capability.
As shown in the following figure, the packet loss rate is 5% when the common VPN protocol is used. However, packets are not lost when the in-house encryption tunnel protocol and TCP encapsulation are used.
Real-time application scenarios such as video conference require high network performance. A video may be stuck if the packet loss rate is higher than 5%, and will be interrupted and thus become unavailable if the packet loss rate is higher than 15%. SAG optimizes the network quality in weak network environments. It can guarantee the video conference quality even if the packet loss rate reaches 15%.
If SAG is not adopted, the video is interrupted and unavailable when the packet loss rate reaches 15%.
The video becomes normal after SAG is adopted.
The FEC function caches messages and segments them according to a specified size. After the required number of packets arrive, the FEC function calculates redundant packets according to the redundancy ratio, and then sends the calculated packets and redundant packets to the receiving end. Upon receipt of a message, the receiving end decodes the message based on a specified algorithm, and makes redundancy compensation. The original packet can be recovered if the number of lost packets does not exceed that of redundant packets.
The following figure shows the process.
SAG 2.0 supports hybrid networking of dedicated lines, broadband, and 4G. This lowers networking barriers for enterprises, saves their costs, and improves the efficiency of network construction. SAG 2.0 supports more flexible networking modes. For example, it supports highly reliable connection to the headquarters over three backup lines: dedicated line, broadband, and 4G. In addition, it supports flexible connection to branches through dual-operator broadband and 4G backup.
SAG 2.0 supports the DNS unified push function. On the centralized DNS server, you can modify clients' DNS configurations in a unified manner. Without any client configurations, all employees can access the applications within your enterprise more securely and quickly, such as Office 365 and internal video conference applications like Webex.
To learn more about Smart Access Gateway, visit https://www.alibabacloud.com/product/smart-access-gateway
Alibaba Cloud New Products - July 8, 2020
Alibaba Clouder - October 16, 2020
Alibaba Cloud Community - September 1, 2022
AlibabaCloud_Network - October 12, 2019
Alibaba Clouder - August 6, 2019
Alibaba Clouder - October 17, 2018
Connect your business globally with our stable network anytime anywhere.Learn More
A global network for rapidly building a distributed business system and hybrid cloud to help users create a network with enterprise level-scalability and the communication capabilities of a cloud networkLearn More
Highly reliable and secure deployment solutions for enterprises to fully experience the unique benefits of the hybrid cloudLearn More
A cost-effective, efficient and easy-to-manage hybrid cloud storage solution.Learn More
More Posts by AlibabaCloud_Network