What is Alkira's Network Infrastructure-as-a-Service?

Alkira's Network Infrastructure-as-a-Service (NIaaS) is a cloud-native platform that enables enterprises to design, deploy, and operate hybrid-cloud and multi-cloud networks in minutes. It eliminates the need for traditional hardware, offering scalable, secure, and global virtual cloud infrastructure as a service. For more details, visit Alkira's Platform Page.

How does Alkira integrate Cisco Secure Firewall Threat Defense?

Alkira integrates Cisco Secure Firewall Threat Defense directly into its platform via the Alkira Network Services Marketplace. Cisco firewalls are deployed within Alkira Cloud Exchange Points (CXPs), providing advanced security controls such as stateful firewalling, Snort3 IPS, URL filtering, malware defense, and application visibility for traffic traversing the Alkira Cloud Backbone. This integration enables centralized, consistent security policy enforcement across hybrid and multi-cloud environments. Learn more in the Cisco-Alkira joint solution brief.

What are the key features of Cisco Secure Firewall Threat Defense in the Alkira solution?

Key features include:

Granularity: Fine-tuned control over security configurations.
Control: Enhanced management capabilities for multi-cloud environments.
Simplicity: Streamlined deployment and operation compared to native cloud security solutions.

These features are available as part of Alkira's Network Services Marketplace, ensuring advanced threat protection and seamless scalability for enterprise networks.

How does Alkira's intent-based policy infrastructure enhance security?

Alkira's policy infrastructure allows IT teams to define intent-based policies that steer all or selective application traffic to Cisco firewalls, where security policies are enforced. The platform maintains flow symmetry for traffic traversing multiple firewalls, preventing duplicated inspection and effectively doubling firewalling capacity. This ensures consistent, efficient security enforcement across distributed environments.

How does Alkira handle scaling of Cisco Secure Firewall Threat Defense?

Alkira's solution automatically scales Cisco firewall instances up or down based on real-time traffic demand. When additional capacity is needed, new firewall instances are instantiated, licenses applied, and security policies propagated—without administrative intervention. This ensures seamless performance and security as application traffic patterns change.

What are the main use cases for Cisco Secure Firewall Threat Defense within Alkira?

The main use cases include:

Hybrid-Cloud and Multi-Cloud Security: Centralized policy enforcement for application traffic to and within cloud environments.
Branch and Data Center Security: Securing communication between on-premises sites attached to Alkira.
Secure Internet Edge: Enforcing security on outbound/egress Internet traffic from on-premises or cloud environments.
Cloud DMZ: Protecting inbound/ingress traffic to Internet-facing applications in data centers or public clouds.
Shared Application Services: Enforcing security on cross-segment traffic for business partner integration, M&A, and divestitures.

What other security features does Alkira offer?

Alkira provides integrated security features such as Zero Trust Network Access (ZTNA) and next-generation firewalls, ensuring secure connectivity for distributed workforces and applications. The platform is SOC 2 and PCI-DSS compliant, reflecting its commitment to robust security and operational controls. For more, see Alkira's Compliance Page.

What integrations does Alkira support?

Alkira integrates with leading technology providers, including:

Cisco SD-WAN
Palo Alto Networks
Fortinet NGFW
F5
Splunk
ServiceNow, Infoblox, Aruba SD-WAN, Terraform, and Itential Automation Platform

These integrations ensure seamless connectivity, enhanced security, and simplified management. See Alkira's Technology Partners Page for more.

Does Alkira provide APIs for integration?

Yes, Alkira offers APIs, including billing APIs that provide real-time cloud network cost data for integration with cost management tools and dashboards. These APIs support automated synthesis of billing data from various sources. Learn more at this page.

What security and compliance certifications does Alkira have?

Alkira is SOC 2 and PCI-DSS compliant, demonstrating its commitment to securing customer data and maintaining robust operational controls. These certifications are independently evaluated and focus on security, availability, and confidentiality. For more, visit Alkira's Compliance Page.

How does Alkira ensure secure connectivity for distributed workforces and applications?

Alkira integrates advanced security features such as Zero Trust Network Access (ZTNA) and next-generation firewalls directly into its platform. This eliminates vulnerabilities found in traditional VPNs and perimeter-based security models, ensuring seamless and secure access for distributed teams and applications.

What problems does Alkira solve for enterprises?

Alkira addresses:

Operational Complexity: Simplifies network design and deployment with a drag-and-drop interface and single-click provisioning.
Multicloud and Hybrid Cloud Networking Challenges: Eliminates intricate configurations and manual setups, reducing deployment times from months to minutes.
Security Vulnerabilities: Integrates advanced security features to protect against threats in distributed and cloud environments.
Lack of Scalability and Visibility: Provides comprehensive monitoring tools and automatic infrastructure scaling to match bandwidth demand.

See this page for more details.

What business impact can customers expect from using Alkira?

Customers can expect:

Operational Efficiency: 96% reduction in cloud setup time and 47% reduction in network management time.
Cost Savings: Up to 40% lower Total Cost of Ownership (TCO) compared to traditional solutions.
Enhanced Security: Integrated ZTNA and next-generation firewalls.
Scalability: Automatic adjustment of network infrastructure to match demand.
Business Resilience: Simplified multicloud networking for agility and continuity.

For more, visit this page.

Who can benefit from Alkira's solutions?

Alkira is designed for mid-to-large enterprises across industries such as manufacturing, healthcare, telecommunications, financial services, biotechnology, software technology, retail, media & entertainment, and aviation. Target roles include Network Architects, Cloud Architects, Security Architects, IT Managers/Directors, CloudOps, CIOs, CTOs, and CISOs.

Can you share specific customer success stories using Alkira?

Yes, notable examples include:

Michaels: Transformed its network across 1,400 stores in record time. Read the case study.
Koch Industries: Simplified multicloud networking and improved agility. Watch the video.
Warner Hotels: Enhanced networking efficiency and B2B connectivity. Watch the video.
Chart Industries: Improved agility, saved costs, and expanded globally. Watch the video.
SITA: Integrated on-premises and cloud environments for aviation. Watch the video.

See more at our customers page.

What feedback have customers given about Alkira's ease of use?

Customers consistently praise Alkira for its intuitive interface and rapid deployment:

"The IT DIY approach was going to take 6 months to be secure and redundant and all. Alkira did it for us in 3 days, and at very low cost." – Network Architect, Large Manufacturer
"We met with Alkira, and after about an hour of us explaining what we needed, we created a POC – and stood that up in a morning. Design-to-POC-setup in about 4 hours." – Sr. Director, Network Architect, Financial Company
"We had gone from a mass of complexity and months of work to a dashboard that allowed us simply to draw our network and deploy it in a few hours." – Matt Hoag, CTO at Koch Industries

How long does it take to implement Alkira, and how easy is it to get started?

Customers can implement a proof of concept in as little as 4 hours, with full production deployment typically taking about 8 weeks. Alkira's drag-and-drop interface and dedicated training platform make onboarding straightforward, even for non-technical users. See Alkira Training Platform for resources.

What training and technical support does Alkira provide?

Alkira offers:

A dedicated training platform with guidance, demos, and resources.
24×7 monitoring to ensure SLA commitments.
Dedicated support via [email protected] or support tickets.
Diagnostics Dashboard for live troubleshooting and network visibility.

How does Alkira handle maintenance, upgrades, and troubleshooting?

Alkira provides proactive notifications for maintenance, a live Diagnostics Dashboard for troubleshooting, 24×7 monitoring, and dedicated support to minimize downtime and operational disruptions.

What is Alkira's pricing model?

Alkira offers flexible pricing, including:

Consumption-Based Pricing: Pay-as-you-go based on usage of provisioned elements (sites, cloud instances, network services, traffic).
Commitment-Based Pricing: Fixed pricing for predictable budgeting.

Pricing is determined by the quantity and size of network elements, connectors, firewalls, and data egress. Customers can view pricing details live from the portal or via APIs. For more, visit Alkira's Pricing Page.

How does Alkira compare to competitors like Aviatrix, Prosimo, Nefeli, and Cato?

Alkira differentiates itself by offering:

True Abstraction Layer: Leverages cloud providers' infrastructure for end-to-end solutions, eliminating manual configurations and enabling single-click provisioning.
Integrated Security: Features like ZTNA and next-generation firewalls are built-in.
Global Backbone-as-a-Service: Enables rapid, scalable, and reliable connectivity across multi-cloud and hybrid environments.
Vendor-Agnostic Approach: Allows free choice of security and network stack components without vendor lock-in.
Ease of Use: Drag-and-drop interface accessible to non-technical users.

For a detailed comparison, see the table in the company context above.

What technical documentation is available for Alkira's solutions?

Alkira provides:

Whitepapers (e.g., On Demand Next-Generation Cloud Firewalls).
Solution briefs (see here).
A dedicated wiki (see here).

These resources offer in-depth technical insights and support for evaluating Alkira's solutions.

What is Alkira's vision and mission?

Alkira's vision is to transform enterprise connectivity by simplifying cloud networking for the AI era. Its mission is to eliminate the complexity of traditional hardware-dependent networking by providing a cloud-native solution that seamlessly connects hybrid and multi-cloud environments through a unified control plane. Learn more at Alkira's Company Page.

Who are Alkira's customers?

Alkira serves Fortune 100 enterprises, leading system integrators, and global managed service providers. Notable customers include Michaels, Koch Industries, Warner Hotels, and SITA. See more at our customers page.

What recognition has Alkira received in the industry?

Alkira has been named among America’s Best Startup Employers by Forbes, recognized as a Gartner Cool Vendor, and received awards such as the 2024 Excellence Award from Cloud Computing Magazine and inclusion in CRN’s 2023 Stellar Startups List. For more, visit Alkira's Company Page.

Blog

Alkira Network Infrastructure-as-a-Service Advances Security with Cisco Secure Firewall Threat Defense Integration

December 14, 2021

Summarize with AI

Network security is paramount in its importance. In a world where applications are distributed across hybrid-cloud and multi-cloud environments, and user access is ubiquitous, traditional security architectures based on castle-and-moat model fall short in providing adequate protection against the ever-expanding landscape of security threats. Public clouds provide the convenience of global availability, high scale, and easy consumption, allowing rapid applications and services deployments coupled with DevOps agility, but they often overlook the enterprise needs for robust networking and network security architecture.

To that end, Alkira offers a global, scalable, and secure virtual cloud infrastructure where enterprises can design, deploy, and operate hybrid-cloud and multi-cloud networks in minutes. Alkira’s network services marketplace offers a choice of Alkira and 3rd party network and security services, with full life-cycle management and integration into the network fabric. All are offered as-a-service.

We are proud to be a member of the Cisco Secure Technical Alliance partner ecosystem and provide our joint customers a consistent experience for securing their hybrid-cloud and multi-cloud networking environments leveraging Cisco Secure Firewall Threat Defense. The firewalls are deployed within the globally distributed Alkira Cloud Exchange Points (Alkira CXPs) offering unmatched security controls, such as stateful firewalling, Snort3 IPS, URL filtering, malware defense, application visibility and control, and more for the application traffic traversing the Alkira Cloud Backbone.

Figure: Alkira Network Infrastructure-as-a-Service platform with integrated Cisco Secure Firewall Threat Defense.

IT security teams continue leveraging Cisco Secure Firewall Management Center (FMC) for consistent security policies across the Cisco firewalls deployed within the Alkira virtual infrastructure, as well as the Cisco firewalls deployed in the traditional non-Alkira environment. This approach ensures compatibility with brownfield environments and maintains a consistent security policy during the time of migration into the Alkira platform.

Alkira policy infrastructure allows defining intent-based policies to steer all or selective application traffic to the Cisco firewalls where security policy is enforced. Alkira’s solution makes sure to maintain flow symmetry for traffic traversing numerous firewalls within a single Alkira CXP and across multiple Alkira CXPs. In the latter case, the intelligent traffic steering prevents duplicated firewall inspection and effectively doubles the overall firewalling capacity.

But what if additional firewall capacity is needed? As application traffic patterns change, Cisco firewalls deployed with the Alkira CXPs may receive increased (or decreased) amounts of traffic. Alkira’s solution auto-scales up and down the Cisco firewall footprint to accommodate the real-time capacity demand. When additional firewall capacity is needed new Cisco firewall instances are automatically instantiated, licenses get applied, security policy gets propagated, and traffic flows are symmetrically distributed across the larger firewall pool. All that without any administrative intervention. How cool is that!

Enterprises are choosing the joint solution of integrating Cisco Secure Firewall Threat Defense with the Alkira cloud network as-a-service platform to address the following main use cases:

Hybrid-Cloud and Multi-Cloud Security: Cisco firewalls provide a centralized security policy enforcement for application traffic to (north-south) and inside (east-west) the cloud environments attached to the Alkira platform.
Branch and Data Center Security: Cisco firewalls secure the communication between enterprise on-premises sites attached to the Alkira platform. This east-west communication passes through the Alkira Cloud Exchange Points, but it is not destined for any public cloud environment.
Secure Internet Edge: Outbound/egress Internet traffic originated from either on-premises sites or cloud environments attached to the Alkira platform is subjected to the Cisco firewall security policy.
Cloud DMZ: Inbound/ingress traffic from external sources destined to the Internet-facing applications deployed in on-premises data centers or public cloud environments attached to the Alkira platform is subjected to the Cisco firewall security policy.
Shared Application Services: Cisco firewall security policy is enforced on cross-segment application traffic in support of business partner integration, mergers, acquisitions, and divestitures scenarios.

In a world dominated by clouds, do not let your security fall behind. Get on-board the Alkira Network Infrastructure-as-a-Service platform with integrated Cisco Secure Firewall Threat Defense and see how you can transition your network and network security into the cloud era in minutes.

Request your personalized demo here.

Read a Cisco-Alkira joint solution brief here.

Read Cisco blog here.

Other Categories:

Integrated Security and Network Services

About the author

David Klebanov

David Klebanov is a 25 years networking industry veteran with a vast experience spanning enterprises, service providers, and start-ups. He has a proven track record of driving growth in disruptive network infrastructure solutions for data centers, wide area networks, and the cloud. David currently leads partner solutions for Alkira, the company reinventing networking for the cloud and AI era. Prior to Alkira, David led technical marketing at Viptela, a company that started a multi-billion dollar SD-WAN market and was acquired by Cisco in 2017.

Frequently Asked Questions

Product Information & Integration