Simplify cloud access
Scale from 1 to 100s of VPCs – even across multiple providers
Banyan does not charge you to deploy the Flexible Edge, whether deployed at one site/VPC or at 100.
Deploy the Banyan Connector anywhere and manage them all from a single portal.
Connectors can be deployed to ESXi servers, Docker infrastructure, or Cloud Service Provider (CSP) environments and all will behave the same, ensuring consistency and easy policy management.
Legacy network-centric SSE
Full tunnel • Always-on packet inspection
• Poor performance & UX
Banyan endpoint-centric SSE
Intelligent routing • Always on, not always inline
• Great performance & UX
Shrink your footprint and management overhead, consolidating all your bastions, VPNs, and proxies
With the Banyan solution, a simple on-premises (or cloud-based) Connector replaces all your bastions, VPNs, and proxies.
You can deploy several Connectors globally and manage them centrally from the Banyan Cloud Command Center, our SaaS-based admin portal. This helps ensure consistent policies, giving you a single pane of glass view of all users, devices, resources, and activities.
Banyan runs in parallel with your bastions, VPNs, and proxies to make migrations easy.
Apply policies based on user and device attributes
Create a single authentication and authorization policy regardless of user or resource location.
Apply additional authentication types and device posture assessment to SaaS applications that don’t natively support them.
Service accounts for programmatic access
Each service account can be set up with different privilege levels from full Owner to ReadOnly. Also specify privileges for Admin, ServiceAuthor, PolicyAuthor, and EventWriter levels.
Easily revoke access by deleting or disabling a service account.
High-performance connectivity with dead-simple deployment
Cloud-native solution delivers IaaS auto-scaling
Deploy to your CSP and scale up or down automatically
Public cloud infrastructure-as-a-service (IaaS) providers, such as Amazon AWS, Microsoft Azure, Google GCP, and Oracle OCI are supported
Scale out to multiple regions or different CSPs
Scale out for high availability or for higher traffic environments
High-performance WireGuard foundation with zero trust protections
Service Tunnels are a good solution for non-proxied thick apps and local drive-mapping needs. The Banyan app already has the necessary Service Tunnel client capabilities built in, and the WireGuard server functionality is woven into the Banyan Controller, Access Tier, and Connector. Nothing extra needs to be done to deploy to your end users.
Configuration is handled via the Banyan Cloud Command Center, with Service Tunnels being authorized for specific users and groups. Authorization can also be based on device identity and Trust Levels.
Service Tunnel granularity is based on CIDRs (subnets) or specific IP address, protocols, and ports.
A single Service Tunnel can be used to connect to all backend resources of an organization when the backends do not have overlapping subnets. With overlapping subnets, different connections will be presented to the end user in the Banyan app, connecting them to the site which has the resource they require.
Easy transition from legacy VPN to zero trust tunnel to zero trust proxy
Banyan is designed to run in parallel with your bastions, VPNs, and proxies to help with migrations.