Upcoming live Zoom webinar “SCION for Techies: Elevate your DDoS defense with SCION” |
Get answers to key questions about Anapaya’s technology, SCION, and how they compare to other secure networking solutions.
The Internet today has over 5 billion users and 18 billion IoT devices across more than 75,000 networks – which translates to a giant battlefield in terms of cybersecurity. Lack of trust between such networks and lack of path control are the core issues behind what makes the current Internet insufficient, unreliable and unsafe for its users. This is especially true for critical infrastructure and critical systems. SCION helps interconnected sectors working with sensitive data to communicate securely and reliably.
For more about today’s Internet check here.
SCION is the answer to making the Internet a safer place. Technically, SCION is an inter-domain routing protocol that allows for precise control over data flow, ensuring that packets travel through pre-defined, secure paths. The protocol’s multi-path routing capability ensures that even if one path fails, data can instantly switch to another route, maintaining uninterrupted service and offering organizations a more reliable, secure, and compliant way to transmit data. Like this, your information gets where it needs to go safely and reliably.
For more about SCION check here.
As an end-user of SCION, you can rest assured that your information is taking the best path on secured networks. Specifically, it means
Read this blog for more info.
Do you use the Internet as a communication layer for critical applications and sharing sensitive information? Then you need it. Just because you haven't had any cyber incidents so far (that you know of), you are still a target, and the probability of being hit is growing higher every day. When a service is on the Internet, it can be accessed by everyone, everywhere. On top of that, the Internet is growing exponentially (think IoT).
Read more about this here.
Existing cybersecurity solutions are not adequate, especially when it comes to ensuring availability and cyber resilience. Confidentiality and authentication are not provided by the network and do require additional, specific cybersecurity solutions. But this is essentially a cyber catch-22: security applications provide the required important security properties while simultaneously introducing a new set of attack vectors.
SCION provides the required confidentiality and authentication properties as an integral part of the routing protocol. That’s how SCION addresses the root cause behind most cyberattacks and what makes it a critical component of a future-proof digital world.
Next to its improved security properties, SCION allows network participants to communicate over many routes at the same time, providing resilience and interruption-free connectivity even during disturbances based on large partial network outages. In the end, even if a bad actor gets into the SCION network, you can easily identify, block, and legally pursue them.
Existing security solutions like SD-WAN do work perfectly and complementarily on SCION networks.
For more info read this blog.
SCION’s PKI is based on ECC (error-correcting code memory), making it susceptible to future quantum attacks; but SCION’s algorithm agility allows a seamless transition to quantum-safe KEMs. Plus, the symmetric cryptography used in SCION’s data plane remains secure against quantum attacks, since Grover’s algorithm can only speed up brute-force attacks slightly, mitigated by doubling key sizes.
SCION also offers unique advantages against quantum threats. By controlling data paths, you can avoid untrustworthy networks and split sensitive data across multiple paths, increasing the difficulty of intercepting and decrypting this data later.
To ensure future security, adopting quantum-safe cryptography is crucial. Leveraging SCION can further mitigate risks.
Yes! Our SCION workshops are designed specifically for professionals in leadership positions eager to explore how SCION can revolutionize their network infrastructure.
All information can be found here.
Yes! Born in Switzerland, SCION is all grown up. We are actively expanding SCION's applications beyond Switzerland, from neighbouring countries to those across oceans. SCION was built to scale – reliably.
Global partners like BT, Colt and Intercloud are already part of Anapaya Alliance, a coalition of trusted service providers and industry leaders. You can find SCION in Belgium, France, Germany, Hong Kong, Japan, Luxembourg, Netherlands, Singapore, South Korea, and USA, too. Most importantly, as soon as there is customer demand, ISPs are quick to integrate SCION, ensuring rapid deployment and widespread availability.
Read more about SCION's partners here.
Not at all! Implementing SCION is similar to setting up an Internet connection and is significantly simpler than deploying an SD-WAN. It requires minimal effort and can be quickly integrated into existing network infrastructures. Plus, there is an Anapaya Knowledge Base available 24/7, too.
Learn more in the Anapaya Knowledge base.
With us, right now: we support you in defining your network topology, then we run a proof of concept to gauge what the deployment of SCION in your network would look like. Once we see how it fits with existing systems and any specific requirements that might be needed in addition, we can clearly state the viability of SCION for your specific use case. And for every need, there is a specific solution. Whether it is a whole ecosystem or just certain services for remote users, we’ve got you covered.
See the details of your specific use case here.
No. SCION is available via any Internet access in Switzerland and is a standard product of Axpo, Cyberlink, Everyware, Intercloud, Sunrise, Swisscom, Switch, and VTX. On top of that, SCION is now available in Benelux via Odido, Proximus and Varity. More providers are being onboarded.
Also, SCION is in full production across various markets. Plus, see the networks in CH using it above.
Besides, research is important: continued collaborations with researchers at ETH, Carnegie Mellon University, Otto von Guericke University of Magdeburg and Princeton University help to ensure that SCION not only can provide unseen resiliency and security properties but also will make sure that new features will someday become a reality. For the research and education community, access to SCION is possible via the SWITCH, GEANT and KISTI networks.
See our partners here.
We recommend that you join one of the existing SCION domains. If you need to create your own ISD, please get in touch here.
These networks are built as a SCION Isolation Domain (ISD), and as such, they determine the joining process.
Please check the list of assigned ISDs to find links about how to join here.
SCION connectivity is offered by Internet Service Providers (ISPs), who also provide comprehensive support and maintenance services in line with their own Service Level Agreements (SLAs).
You can book a demo to start your journey. In general, we can run Proof of Concepts when initiating a new project with new customers.
Book a demo here.
Your SCION reseller is your single point of contact. You can open a ticket with them, and they will coordinate any necessary troubleshooting with the various entities involved in the solution.
SCION is a highly cost-effective choice, especially for large, security-critical ecosystems like critical infrastructure. While the initial investment can be higher than some traditional solutions, it is offset by long-term savings. SCION minimizes the need for extensive security teams and reduces dependency on reactive security tools by focusing on prevention. This proactive approach lowers costs and significantly reduces the risk of cybersecurity incidents and their financial impact.
Read more here.
SD-WAN solutions are built on top of private lines and regular Internet lines . They are limited to a single network domain as each SD-WAN network is provided by a single vendor (SD-WAN solutions are not interoperable), while SCION is an open protocol forming its own Internet, with connectivity provided by multiple ISPs and vendors.
SD-WAN can only choose the “last mile” data travels, while SCION allows full end-to-end path customization, allowing it to react to failures and degradations even if they happen in the “middle” of the data’s journey. SCION also provides geofencing, which is not possible over regular Internet with SD-WAN. Ultimately, SCION offers built-in hijacking resistance and path authorization, which you do not get when using SD-WAN over Internet.
For more info read this blog.
While MPLS offers high efficiency, low latency, and strong reliability, it has several business limitations. Even though MPLS isolates customers using Virtual Routing and Forwarding (VRF), it lacks inherent end-to-end data protection.
MPLS is only truly effective when used within a single ISP's network. Since it operates as a private network, a company can only connect to locations within the coverage of its service provider. If multiple MPLS providers are required, complexity and costs increase significantly, making SCION the better choice. SCION enables seamless, secure, and flexible multi-provider connectivity without the high overhead associated with MPLS interconnections.
Find more details on how SCION is different here.
SCION provides similar availability and security to a private line (e.g. a virtual L2 link), combined with the benefit of being Internet-like: connectivity is provided by multiple providers, and can continue uninterrupted even if a whole provider fails. SCION lines from different providers can be easily combined, and the use of native multipath allows for better performance than a “fixed path” virtual L2 circuit. It offers the flexibility of the Internet you know along with the security typically associated with private lines, providing a comprehensive and economical solution for modern cybersecurity challenges.
Check more about SCION here.
SCION is a great fit for ecosystems where many stakeholders need to communicate. As the SCION network is built by a “federation” of ISPs, it does not have single points of failure. In addition, regular private lines usually leverage fixed paths, while SCION provides native multipath, allowing better performance by selecting the best path.
Find out more here.
Use case 1: Closed network made of trust domains
Ideal for site-to-site communication between branches or partners:
When you need to secure your data exchange between sites or your company and third-party suppliers, the EDGE-to-EDGE configuration is a perfect fit.
With the EDGE-to-EDGE setup, data is routed securely between all locations on SCION. In case of a disruption, your services will still be available for business continuity, thanks to redundant ISP connectivity.
By leveraging Anapaya EDGE on the SCION Internet, you can greatly minimize the risk of DDoS attacks, intrusion attempts, and ransomware, reducing the chance of data breaches.
Use case 2: Secure network for remote access
Ideal for securing web services, business services, and IoT services:
If you have a service on the Internet that needs to be accessed by remote users or devices, Anapaya GATE is for you: put your service on the SCION Internet so you can control visibility and select which ISPs allow access to your service. As an operator of critical services, you have fine-grained control over where your service is visible on public networks.
With Anapaya GATE, you get to choose who can see your services, which greatly reduces the load on your security infrastructure. What cannot be seen cannot be attacked! You can effectively reduce your organization’s attack surface and prevent DDoS and intrusion attacks.
Yes. The Swiss Secure Finance Network (SSFN) has been fully operational since 2022.
Additionally, the Swiss Secure Health Network (SSHN) is at the technical implementation stage and the Secure EFTPOS Network (SEPN) is now live, and The Swiss Secure Utility Network (SSUN) also plans to launch in summer 2025.
Yes, it can help in several ways. For one, its mechanism of hidden paths for large-scale SCION services (e.g., EDGE-to-EDGE configurations) defies even well-executed, large scale DDoS attacks because they cannot render a SCION service unreachable for existing trusted users and customers. Even if you have SCION services connected to the public Internet, Anapaya GATE on SCION can safeguard this connection. In one kind of setup, it allows you to disconnect misbehaving remote autonomous systems (ASes) instantly, making a DDoS via GATE access impossible. In another, where a DDoS campaign would be run from the public Internet, all users within the SCION network or with an AS-specific GATE access will not be affected and has the added advantage of making such an attack costly for the hacker.
For more details read this blog.
Yes, it helps by getting to the root of the problem. Ransomware’s initial access to your environment is the real issue – without it, ransomware would not be able to exploit your system. What SCION does is reduce your attack surface from the get-go; together with Anapaya GATE, SCION effectively hides your business from the public Internet, preventing intrusion attempts that lead to initial access. The reduction of attack surface is a staggering 99% compared to the traditional Internet.
Read the whole story here.
SCION allows for precise control over the path data takes, with its geofencing feature. This feature is handy for compliance purposes, as organizations can ensure that packets do not traverse specific ISPs or geographical locations, making it easier to be compliant when it comes to protecting sensitive data.
Learn more here.
The main steps are:
Book your meeting with us here.
SCION is a standard product of Axpo, Cyberlink, Everyware, Intercloud, Sunrise, Swisscom, Switch, and VTX. On top of that, SCION is now available in Benelux via Odido, Proximus and Varity. More providers are being onboarded.
For the full list, go here.
- New monetization models: Partners can elevate their services with continuity, guaranteed communication, geo-fencing, and path optimization, creating new revenue streams.
- Secure networking: Bid farewell to vulnerabilities—eliminate routing attacks and be protected from DDoS attacks with hidden paths and source authentication.
- Extended reach: Break down barriers and extend your network's reach by connecting directly with peers previously beyond access, enriching global networks for your customers.
- Adaptive connectivity: Instantly re-route data to ensure uninterrupted connectivity or enhance performance during failures or maintenance, ensuring seamless experiences.
For more about what’s in for you check here.
Yes, it’s called “Anapaya Alliance”, and it’s dedicated to redefining networking security, resilience, control, and performance standards, ensuring a transformative and trusted online experience for all. Our program offers an opportunity for collaboration and mutual benefit.
Learn more about the Anapaya Alliance here.
The Anapaya software can run both on physical hardware and virtual environments.
For details, please refer to the Technical documentation.
Anapaya offers CONSOLE, empowering both the end-customers and their operators to gain never seen before visualization on the end-to-end network and to make their day-to-day operations seamless.
You can access an online demo of CONSOLE here.
Anapaya offers to network service providers:
Anapaya offers training packages addressing 3 types of audiences:
If you are interested to learn more, go here.
We have different pricing models for different solutions. Please get in touch to learn more.
You can open a ticket in the Anapaya portal here. If you don’t have an account, please reach out to your portal administrator.
Please refer to the technical platform here.
Ask away and we will answer.