Smart Access Gateway (SAG) is a software-defined wide area network (SD-WAN) solution developed by Alibaba Cloud based on cloud-native technologies. SAG provides a more intelligent, reliable, and secure approach for enterprises to migrate their workloads to Alibaba Cloud.
You can implement SAG by using one of the following methods:
- SAG devices: client-premises equipment (CPE) devices that support site-to-site connections.
You can deploy SAG devices in on-premises data centers, office branches, and stores to connect their private networks to Alibaba Cloud. SAG provides two device types: SAG-100WM and SAG-1000.
- SAG-100WM can be placed on desks or in extra-low voltage boxes. You can connect broadband and 4G networks to the WAN ports, and wired and Wi-Fi networks to the LAN ports. The maximum bandwidth of encrypted private networks supported by SAG-100WM is 50 Mbit/s (the packet length in the performance test is 512 bytes). SAG-100WM is suitable for quickly connecting small office branches and stores to Alibaba Cloud.
- SAG-1000 can be placed on server racks. You can connect a hybrid network consisting of leased lines, broadband networks, and 4G networks to the WAN ports, and wired networks to the LAN ports. The maximum bandwidth of encrypted private networks supported by SAG-1000 is 500 Mbit/s (the packet length in the performance test is 512 bytes). SAG-1000 is suitable for connecting on-premises data centers and large office branches to Alibaba Cloud.
- SAG APP: an app that supports point-to-site connections.
After you install SAG APP on client devices such as PCs and mobile phones, network connections are established between the devices and Alibaba Cloud. SAG APP supports the following operating systems: Windows 7, Windows XP, Windows 10, macOS 10.11 and later, Android 5.0 and later, and iOS 9.0 and later.
The following figure shows how on-premises data centers, office branches, and stores are connected to Alibaba Cloud through SAG devices. PCs and mobile phones are connected to Alibaba Cloud through SAG APP. Cloud Enterprise Network (CEN) instances deployed across regions can establish connections among Virtual Private Cloud (VPC) networks, on-premises data centers, and mobile devices to establish a full-mesh network topology.
|SAG devices||CPE devices.|
|SAG APP||An app that can be installed on client devices.|
|CCN||An access matrix consisting of Alibaba Cloud distributed access gateways.|
|CEN||Alibaba Cloud cross-region networks.|
|VPC||Private networks deployed in Alibaba Cloud regions.|
SAG is an SD-WAN architecture developed based on cloud-native technologies. Compared with legacy SD-WAN architectures, SAG offers the following benefits.
- Zero touch provisioning (ZTP) and centralized management and maintenance
SAG provides a control plane based on software-defined networking (SDN). Similar to managing VPC networks and Elastic Compute Service (ECS) instances, you can manage SAG devices in the SAG and CloudMonitor consoles, or by calling the SAG API.
- Hybrid networks
SAG provides a data plane based on private WANs on Alibaba Cloud. You can connect private networks to Alibaba Cloud through a hybrid network consisting of leased lines, broadband networks, and 4G networks. This increases the utilization of leased lines and improves network performance.
- Integration of networks and cloud services
An architecture that integrates the cloud, networks, and edge:
- Automatic protocol negotiation between local and cloud VPNs. No additional configuration is required.
- Quick access from private networks to Alibaba Cloud services
- End-to-end security policies for both local and cloud workloads