SCION FAQ

If you would like to find out more about SCION, the SCION-Fabric or Anapaya, please review the FAQs below.

banner-partnership-2
What is SCION?

SCION, standing for Scalability, Control and Isolation On next-generation Networks, is a protocol that aims to make connecting to networks more secure, controllable and reliable. Due to the smart usage of cryptography routing information, SCION is immune to route hijacking. SCION is path-aware and gives the control to the sender, enabling real end-to-end path-control, true multi-pathing, geo-fencing, DDoS protection and more. Connected networks that use SCION are collectively known as the SCION-Fabric.

How is SCION Different from SD-WAN?

SCION, unlike an SD-WAN solution does not rely on overlay tunnels, and supports a completely new type of underlying network. SCION’s network is more comparable to the Internet or MPLS VPN than SD-WAN solutions but with improved security and control.

However, SCION can complement existing SD-WAN solutions by offering real end-to-end path control (including the middle-mile), protection against hijacking and deeper network insights.

What is a Border Router (BR)?

A Border Router, or "BR" for short, is the data-plane of the architecture installed to enable a Service Provider. Service providers need to provide several Border Routers depending on the services they offer, their network size, capacity to transport, number of interconnection points and topology.

The smallest border router configurations begin with two or three BRs.

What is a Control Service (CS)?

A Control Service, or "CS" for short, is the control-plane of the architecture installed to enable a Service Provider. Service providers must have at least 3 instances of Control Services in order to offer carrier-grade SCION-based services. These Control Services can run on virtual machines or on standard x86 servers.

How do I access the SCION-Fabric from my local service provider?

Usually the SCION-enabled Service Providers offers all-in-one bundles that users can take advantage of. These include:

  • The required Anapaya EDGE
  • Access to the Fabric
  • Transit on the SCION-Fabric
  • Global management of the solution

Users who want to acquire EDGE and access to the SCION-Fabric from another source will have to manage it independently from the rest of the solution.

If you would like to find out which of your service providers are SCION-enabled, please contact us.

Who are the members of the SCION-Fabric, and how do I join?

In order to join the SCION-Fabric, you will have to connect with one Tier1 SCION-transit provider, for example, from Anapaya CONNECT. This will enable you to reach all the other participants in the SCION-Fabric, and become part of the fabric. 

If you would like to benefit from the end-to-end multi-pathing features, 2 connections with Tier 1 transit providers are recommended.

What are the Autonomous Systems (AS) Requirements?

Users can reuse their Internet AS name as well as only use one AS for domestic ISPs. However, we recommend using more SCION-ASes than Internet-ASes in order to benefit from better path control, multi-pathing and isolation.

What does Anapaya offer?

Anapaya Systems provides users the opportunity to access the SCION-Fabric through its own industrial-grade implementation of the SCION protocol. Users can thus connect to their peers in a highly secure, reliable and controllable way

While Anapaya does not offer any services around open-source SCION, they do offer services corresponding with their own industrial-grade implementation of the SCION protocol. This includes:

  • Industrial-grade SCION-based components for Service Providers (Anapaya CORE) and Enterprises (Anapaya EDGE).
  • Professional services to help customers learn, install and operate their solution.
  • SCION-transit services (Anapaya CONNECT) to transport customers’ traffic between intelligently placed POPs, through the first SCION-native backbone in the world.
Does Anapaya encrypt their customers’ traffic?

Anapaya does not encrypt the traffic that is transported over the SCION-Fabric.

Usually, end-customers already have VPN-endpoints to encrypt their traffic. Anapaya EDGE is the gateway to the SCION-Fabric, and it is designed to be inserted in typical architectures relying on IPSec VPN.

How can I access the SCION-Fabric?

In order to access the SCION-Fabric through Anapaya, users can either go through Anapaya’s services itself, or use a locally SCION-enabled Service Provider.

How do I access the SCION-Fabric from Anapaya?

To access the SCION-Fabric via Anapaya, you need:

  • An Anapaya EDGE, the gateway to the Fabric. Available from Anapaya.
  • A last-mile connectivity component, such as Internet or Ethernet access ordered from your local ISP
  • The Anapaya CONNECT service (a port and a transit), Available from Anapaya

This offers you the opportunity to deal directly with the best last-mile provider in the country.