Concerned about VPN vulnerabilities? Learn how you can benefit from our VPN migration offer including 60 days free service.

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Products & Solutions

Internet 2.0: A Quantum Leap for Secure Global Connectivity


The connectivity requirements of enterprises are rapidly changing due to cloud and hybrid work models. More agile scenarios are required in the course of digitization, and they must offer guaranteed connectivity for both people and machines. Even though the pandemic has brought a lot of movement into digitization efforts, the classic network infrastructure is only slowly catching up with modern requirements. At Mobile World Congress 2023, Deutsche Telekom, Teridion, Intel, and Zscaler presented an approach for WAN backbone redesign that is equivalent to a quantum leap: Secure connectivity is made available via a network over the internet – with guaranteed service levels worldwide.

What makes guaranteed connectivity difficult today

So far, organizations have designed their connection to the internet either via MPLS or more modern via a SASE framework. The path via MPLS uses the backbone of a single carrier and, in contrast, in the Secure Access Service Edge model, contractual capacity is purchased from various line owners, such as AWS, Google, Vodafone, or Deutsche Telekom, and traffic is routed from point A to point B. If MPLS is used, the customer usually has a service level agreement that the respective carrier secures worldwide via subcontracts in order to provide the agreed bandwidths.

However, the organization usually only gets the upper limit of the bandwidth guaranteed and fluctuations are possible. In the event of unforeseen events affecting line capacity, such as unpredictable peaks in demand, severed submarine cables, or natural disasters, routing must be manually readjusted by the provider. With SASE, too, the customer is dependent on the ordered routing path being available via its providers, as spontaneous and fast redirection is technically not possible if required. For both models, the customer is dependent on their chosen providers for connectivity.

Internet 2.0: A network over the internet

Uninterrupted connectivity with guaranteed service levels has so far remained a dream for future-proof connections of modern applications. At Mobile World Congress 2023, Deutsche Telekom, Teridion, Intel, and Zscaler jointly ushered in a paradigm shift for connectivity, offering WAN network functionality as a service. The offer is based on Teridion's solution, which provides customers with the optimal data path through the internet. AI algorithms ensure that guaranteed service levels are met.

The global infrastructure of the Teridion Liquid Network is the foundation for the global WAN-as-a-Service solution. It is based on an elastic network architecture that lays a network for connectivity over the internet. The lines of more than 25 global telecommunications providers and cloud providers are used, which are networked like an intelligent brain with over 500 points of presence worldwide. More than 2,000 Liquid Metal routers detect availability, throughput, latency, and jitter parameters and provide the best connection. As a result, traffic is directed through different routes depending on the time of day, and the customer benefits from the price advantage of optimized routing in addition to the guaranteed throughput speed. With the help of Zscaler, Teridion can bill the routing of data streams via the various carriers and cloud providers as required.

Last mile via Deutsche Telekom's uCPE

As the requirements of companies change and today's applications at the edge already require agile connections, Deutsche Telekom provides an innovative uCPE box for last-mile connectivity that routes data traffic from the application to Teridion. This customer premises equipment, in the form of a magenta box, was developed with Intel and ensures the virtualization of a wide variety of network services in a single device that is easy to install and operate. The box is equipped with several Intel multicore processors, which can be added flexibly as needed thanks to Intel On Demand and VNFs (Virtual Network Functions).

In order to securely map the connection of applications at the edge, the Zscaler Tero Trust Exchange comes into play as another piece of the puzzle. The global security cloud ensures the secure inside-out connection of the applications through the App Connector. Based on policies, only an authorized user can access the application. In this way, companies can eliminate their attack surface on the internet, prevent lateral movement of attackers, and prevent data loss. The Branch Connector also tunnels the data traffic into the Teridion network, so that end-to-end security of the entire data stream can be guaranteed.

A future-oriented range of applications

This solution approach, which is made available by Deutsche Telekom, creates new possibilities for secure connections of edge applications or remote access scenarios. Since the box can be used anywhere in the network, it is particularly suitable for industrial application scenarios or in a retail environment, where access and protection of production lines or IoT devices must be guaranteed. In the course of the digitization of operational technologies (OT), which was previously managed by specialist departments, the secure convergence of OT and IT is feasible and monitoring can be conveniently designed via a single user interface.

This makes the solution equally suitable for companies, managed service providers, or as a partner platform for system integrators – wherever high-performance and secure remote access to applications or machines is important. In addition, the approach is suitable for any organization that operates an international business and needs a reliable data transfer to connect with each other with guaranteed speed and bandwidth. At Mobile World Congress, the power of the partner concept was demonstrated in a live demo with India and China.

Agility for tomorrow today

The solution presented at the Telekom booth enables organizations to redesign their WAN backbone into a more flexible and cost-effective model for future-oriented applications at the edge. The premium internet Zero Trust Exchange delivers performance levels that are equivalent to today's MPLS connections – and can be created and operated with much less complexity. Always-on and secure data streams provide security for companies and machines and form the foundation for uninterrupted business operations.

At RSA, the solution approach will be demonstrated live at the Zscaler booth on Thursday, April 27, 2023. See you there!

form submtited
Thank you for reading

Was this post useful?

dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.