Edge WAN & Firewall
SD-WAN sites connected through the AIARCO anycast backbone, with a centrally-managed edge firewall.
What it is
Edge WAN turns AIARCO's anycast backbone into a private overlay between your office sites, on-prem data centres and Atlas regions. Firewall rules are managed centrally and pushed to every site. IPsec or GRE tunnels from any compatible site router.
When to use it
- Multi-site offices with a single private overlay.
- Cloud-to-cloud private path without paying transit twice.
- Centrally-managed firewall policy across all sites.
Quickstart
asc edge wan sites add hq --tunnel-type ipsec --remote-ip 1.2.3.4 --psk <psk>
asc edge firewall rules add --from hq --to atlas-apac --proto tcp --port 5432 --action allowclient.edge.wan.sites.add('hq', tunnel_type='ipsec', remote_ip='1.2.3.4', psk='...')await client.edge.wan.sites.add({ name: 'hq', tunnelType: 'ipsec', remoteIp: '1.2.3.4', psk: '...' });Limits & quotas
| Limit | Default | Burst | Notes |
|---|---|---|---|
| WAN site-month | $50 | — | |
| Firewall rule-month | $0.50 | — | |
| Tunnel protocols | IPsec, GRE | — |
Pricing
See pricing. Pay-as-you-go, billed monthly via Stripe.
API surface
POST /v1/edge/wan/sitesPOST /v1/edge/firewall/rules
Required scope(s): edge:write. See Scopes.
Security
All access is authenticated and scoped. See Auth & scopes and Network controls.