Banyan Deployment Models

How to deploy Banyan in your org

  • Updated on Dec 15, 2022
  • 5 minutes to read
  • Contributors

Deployment Models

Banyan has a flexible architecture that allows for two deployment models, depending on your organization’s needs. Currently, our two deployment models are called Self-hosted Private Edge and Global Edge, explained in more detail below:

Self-hosted Private Edge

In the Self-hosted Private Edge deployment model, an organization deploys the Banyan Access Tier on a server (with a public IP address that can be reached from the internet) in the data centers or cloud clusters where corporate resources are hosted.

Deployment - Self-hosted Private Edge

Global Edge

In the Global Edge Network deployment model, an organization uses Access Tiers that Banyan hosts in its Global Edge Network. The organization deploys the Banyan Connector on a server (that can dial out to the internet) in the data centers and cloud clusters where corporate resources are hosted. The Connector then establishes secure tunnels to the Access Tiers on the Global Edge Network.

Deployment - Global Edge Network

Choosing a Deployment Model

In both deployment models, admins define Policies and Services via the Cloud Command Center, and end user traffic flows through the Access Tier, which enforces zero-trust policies. However, the following differences can be considered when choosing a deployment model:

Global Edge Advantages

The Global Edge deployment model uses an outbound Connector inside the org’s private network, to connect to Banyan-managed Access Tiers on Banyan’s Global Edge Network. Since, in this case, Banyan manages the main component (i.e., the Access Tiers), fewer upgrades and management costs are required on the organization’s behalf.

  • Fewer upgrades and management costs
  • Global points of presence to ensure low latency and reliable connections
  • Simpler set-up (does not require ports to be opened; does not require creation of DNS records)
Self-hosted Private Edge Advantages

Organizations who want to own the data plane (i.e., they want device traffic to private resources to route through servers that they own and manage) can opt for the Self-hosted Private Edge deployment model. In this model, Access Tiers are deployed on the organization’s private servers, in data centers where the org’s corporate resources are also hosted.

  • Ability to own the data plane (i.e., the Access Tiers)
  • Ability to manage upgrades of the Access Tiers

Can’t find what you’re looking for?

We’re happy to help. Contact our team .