Edge Deployment Model for Private Access

Selecting the optimal deployment model for access your organization's private resources

  • Updated on May 31, 2024
  • 5 minutes to read
  • Contributors

SonicWall Cloud Secure Edge offers two edge deployment models for access to your organization’s private resources - Self-hosted Private Edge and Global Edge.

In most cases, your SonicWall org will be provisioned so you can use one or both deployment models. Review the notes below so you can use the appropriate Edge deployment model for access to your private resources.

Note that Cloud Secure Edge’s control plane - the Cloud Command Center - is always delivered as a cloud Software-As-A-Service (SaaS) offering.

Self-hosted Private Edge

In the Self-hosted Private Edge deployment model, an organization deploys the Access Tier on a server with a public IP address that can be reached from the internet in the data centers or cloud clusters where corporate resources are hosted.

Edge Deployment - Self-hosted Private Edge

Global Edge

In the Global Edge Network deployment model, an organization uses Access Tiers that SonicWall Cloud Secure Edge hosts in its Global Edge Network. The organization deploys the Connector on a server that can dial out to the internet in the data centers and cloud clusters where corporate resources are hosted. The Connector then establishes secure tunnels to the Access Tiers on the Global Edge Network.

Edge Deployment - Global Edge Network

Choosing an Edge Deployment Model

In both deployment models, admins define Policies and Services via the Cloud Command Center, and end user traffic flows through the Access Tier, which enforces zero-trust policies. However, the following differences can be considered when choosing a deployment model:

Global Edge advantages

The Global Edge deployment model uses an outbound Connector inside the org’s private network to connect to SonicWall-managed Access Tiers on SonicWall’s Global Edge Network. Since, in this case, SonicWall manages the policy enforcement component (i.e., the Access Tiers), fewer upgrades and management costs are required on the organization’s behalf.

  • Fewer upgrades and management costs
  • Global points of presence to ensure low latency and reliable connections
  • Simpler set-up (does not require ports to be opened; does not require creation of DNS records)

Self-hosted Private Edge advantages

Organizations who want to own the data plane (i.e., they want device traffic to private resources to route through servers that they own and manage) can opt for the Self-hosted Private Edge deployment model. In this model, Access Tiers are deployed on the organization’s private servers, in data centers where the org’s corporate resources are also hosted.

  • Ability to own the data plane (i.e., the Access Tiers)
  • Ability to manage upgrades of the Access Tiers
  • Ability to use dedicated IP addresses for ingress/egress traffic flows

What’s next

Read more about how SonicWall Cloud Secure Edge intelligently routes your corporate network traffic.