Netskope One

Converged Gateway

Seamlessly converges networking and security services with App Store-like simplicity—ensuring consistent security, policy enforcement, and performance across on-premises, remote locations, and any cloud, all managed through a single console.

About Converged Gateway

Converged SASE Gateway: The new on-prem edge

Netskope One Converged Gateway unifies networking and security in a single, context-aware Edge AI platform, replacing legacy point appliances with on-demand SASE services that deliver scale, performance, and App Store-like simplicity across branches, remote users, and cloud workloads.

Challenges

Fragmented policies and performance stall enterprise transformation

Appliance sprawl

Enterprises are burdened with a patchwork of point products—SD-WAN, firewalls, IPS, IoT security—each solving a single problem. Adding new services means more appliances, driving up cost, complexity, and integration challenges.

Rigid architecture

Disjointed networking and security policies—along with forced trade-offs between performance and protection—lead to incomplete visibility and inconsistent experiences across branches, remote locations, and cloud environments.

Complex operations

Too many consoles and manual workflows slow down rollouts, delay issue resolution, and add unnecessary overhead across networking and security teams.

Converged Gateway powering Netskope One SASE with converged services at any edge

Flexible deployment models
Deploy at the Branch/DC as a physical or virtual appliance, across multiple clouds, or as a lightweight client for remote users—delivering scalability, resiliency, zero-touch provisioning, unified policies, and streamlined one-console management.

Edge AI platform with on-demand services
Replaces fragmented point products with a converged SASE gateway that consolidates Netskope and third-party networking, security, and edge-compute services—delivered with App Store-like simplicity. Deploy, manage, and scale services on demand with just a few clicks, eliminating complexity and streamlining operations.

One platform
Protect valuable data while delivering a phenomenal user experience with Netskope One SASE, powered by the NewEdge Network, providing global reach across 75+ regions for unmatched performance and complete security. Its patented Zero Trust Engine shares real-time risk insights across users, devices, and applications, enabling adaptive, uniform policy enforcement across SD-WAN and SSE.

Networking Services

Security Services

Extensible Services

High-performance networking services

Secure SD-WAN

Secure SD-WAN

Unifies SD-WAN and advanced security capabilities, sharing Netskope’s Zero Trust Engine control plane with SSE to deliver uniform SASE policies informed by user, device, and app risks. Ensures exceptional application performance across any transport with dynamic path selection, sub-second brownout/blackout protection, link remediation, and TCP/UDP optimization for seamless, resilient connectivity. Supports VRF-segmentation and hierarchical topologies.

Advanced routing

Advanced routing

Netskope One SD-WAN incorporates a distributed network of cloud gateways within the NewEdge network to provide high-performance datapath from any branch, data center, or remote user to any cloud, SaaS, or UCaaS application.

Context-aware AppQoE

Context-aware AppQoE for over 83k+ apps

Deliver context-aware SD-WAN by integrating with Netskope Zero Trust Engine to support the industry’s highest number of 83k+ SaaS applications for visibility and control. Build efficient operations by automatically prioritizing with Netskope Cloud Confidence Index-based automated QoS smart defaults.

Wireless 4G/5G

Wireless 4G/5G

Built-in high-speed 4G/5G connectivity and Netskope Zero Trust SIM provide global cellular access to 400+ networks, extending zero trust security to IoT/OT devices—like machines and robots—that can’t run a Netskope client. Optimize wireless WAN by strengthening cellular signals and ensuring global carrier interoperability—ideal for SOHO, branch offices, and IoT deployments.

Cloud On-Ramp

Enhanced application experience with cloud WAN

Netskope’s Converged Gateway operates as a distributed network within the NewEdge infrastructure, delivering high-performance data paths from any branch, data center, or remote user to any cloud, SaaS, or UCaaS application.

DEM

WAN insights with built-in digital experience management

Provides visibility into end-to-end performance monitoring with hop-by-hop analysis across mid-mile providers and application performance monitoring. IT teams can accurately identify the root cause of issues so they can remediate them to optimize application performance.

Secure SD-WAN

Advanced routing

Context-aware AppQoE for over 83k+ apps

Wireless 4G/5G

Enhanced application experience with cloud WAN

WAN insights with built-in digital experience management

Complete end-to-end security services

Device Intelligence

Secure both managed and unmanaged devices

Integrated Device Intelligence uses AI/ML to discover, classify, and assess risk for IT, IoT, and OT devices. Security policies are flexibly enforced across the Netskope One Gateway, SSE, and third-party tools—delivering end-to-end protection for both managed and unmanaged devices.

App Firewall

Consistent firewall policy on premises and in the cloud

Application firewall services on premises and in the cloud secure both east-west and outbound traffic across all ports and protocols for users and offices. Policy controls include applications, port/protocol, group-IDs, fully qualified domains, and wildcards as destinations.

IPS/IDS

Get intrusion detection and protection right

Suricata and Netskope Threat Labs provide real-time intrusion intelligence with an industry-leading database of over 60,000 threat signatures. New signatures are automatically propagated to Netskope’s Converged Gateways.

VRF-aware segmentation

VRF-aware segmentation

Extend VRF-based segmentation across branches, data centers, and cloud. Support versatile segment-aware topologies like full mesh, hub-spoke, and dynamic branch to branch for use cases like threat isolation, compliance, mergers, and more.

Netskope Publisher

Netskope Publisher: deploy anywhere

Seamlessly runs as a Converged Gateway service, enabling secure connectivity between private applications hosted on premises or across clouds and the Netskope SSE—ensuring zero trust access, consistent policy enforcement, consolidation, and streamlined management.

Netskope Broker

Runs the same broker on premises and in the cloud

Extends the cloud-based broker on premises as a service for low-latency, resilient operations during outages offering centralized management. Delivers Universal ZTNA to all apps on premises and in multi-cloud environments, further extending UZTNA to all IT and IoT devices via integrated device intelligence replacing Legacy NAC solutions.

Secure both managed and unmanaged devices

Consistent firewall policy on premises and in the cloud

Get intrusion detection and protection right

VRF-aware segmentation

Netskope Publisher: deploy anywhere

Runs the same broker on premises and in the cloud

Deliver, manage, and scale apps and services anywhere—via a unified, zero-touch platform built for extensibility

Zero touch

Zero touch

Effortlessly deploy custom container services with a true zero-touch provisioning. Bulk deployment across multiple SASE gateway appliances made simple with intuitive policy.

Partner marketplace

Partner marketplace

Ensures extensibility by enabling an open partner ecosystem with a robust application marketplace including Azure IoT Edge, ThousandEyes, Speedtest, and more.

Bring your own applications

Bring your own applications

Developer-friendly SDKs and APIs enable seamless integration with enterprise IT systems and third-party services to automate service deployment, policy management, and monitoring—accelerating innovation and reducing time-to-market.

Docker compatible

Docker compatible

Deliver proactive support through zero-trust secure access to remote devices inside the branch, including phones, ATMs, and servers, via HTTP, RDP, SSH, and VNC, speeding up incident resolution.

Lifecycle management

Lifecycle management

One-click deployment of container services from a catalog that includes Netskope services like IoT/OT device intelligence and DEM, as well as partner containers such as Cisco Thousand Eyes, Microsoft Azure IoT Edge, and custom containers.

One orchestrator for everything

One orchestrator for everything

Manage all networking, security, and extensible services—from cloud to on prem to remote—with a single, cloud-delivered console that simplifies operations and policy consistency.

Zero touch

Effortlessly deploy custom container services with a true zero-touch provisioning. Bulk deployment across multiple SASE gateway appliances made simple with intuitive policy.

Partner marketplace

Ensures extensibility by enabling an open partner ecosystem with a robust application marketplace including Azure IoT Edge, ThousandEyes, Speedtest, and more.

Bring your own applications

Docker compatible

Deliver proactive support through zero-trust secure access to remote devices inside the branch, including phones, ATMs, and servers, via HTTP, RDP, SSH, and VNC, speeding up incident resolution.

Lifecycle management

One orchestrator for everything

Manage all networking, security, and extensible services—from cloud to on prem to remote—with a single, cloud-delivered console that simplifies operations and policy consistency.

Benefits

Key customer benefits

Easy like an app store

Eliminate point products with a converged gateway that delivers networking, security, and enterprise services on demand with App Store-like simplicity to streamline operations and reduce costs and complexity.

Uniform policy and performance

Enable consistent networking and security performance and policies across all locations, users, and form factors—delivering contextual visibility, uniform SASE policies, controls, and a seamless user experience everywhere.

Streamlined operations

Single pane of glass that manages SD-WAN and SSE, and built-in automation accelerating rollouts, streamlining workflows, and reducing operational overhead.

Use cases

Transform your connectivity and security with Converged Gateway use cases

Secure SD-WAN

Unifies SD-WAN and security, delivering consistent SASE policies informed by user, device, and app risks—powered by the Netskope Zero Trust Engine.

Learn about Secure SD-WAN

Endpoint SD-WAN

Industry’s most innovative all-software client that brings SD-WAN capabilities to provide secure, optimized access to endpoint devices from anywhere.

Learn about Endpoint SD-WAN

Micro Branch

Branch of One

Smart workspaces for employees working from home, to fleets, and more. Unparalleled connectivity, zero trust security, and edge compute capabilities for your remote-first environments.

Learn about Micro Branch

Wireless WAN

Get ahead of long broadband installation lead times, complex network setup, and hard-to-connect legacy equipment by using cloud-managed secure, performant, flexible Wireless WAN from Netskope.

Learn about Wireless WAN

Multi-Cloud Networking

Extend Netskope One SD-WAN to major public cloud providers like AWS, Microsoft Azure, and Google Cloud using automated cloud operations. Instantly gain deep analytics across your multi-cloud environment using policy-aware Netskope One Platform.

Learn about Multi-Cloud Networking

IoT/OT Security

Protect your network from vulnerable IoT/OT devices with integrated device intelligence powered by AI/ML for discovery, classification, and dynamic risk assessment.

Learn about IoT/OT Security

Secure SD-WAN

Unifies SD-WAN and security, delivering consistent SASE policies informed by user, device, and app risks—powered by the Netskope Zero Trust Engine.

Learn about Secure SD-WAN

Industry’s most innovative all-software client that brings SD-WAN capabilities to provide secure, optimized access to endpoint devices from anywhere.

Learn about Endpoint SD-WAN

Branch of One

Smart workspaces for employees working from home, to fleets, and more. Unparalleled connectivity, zero trust security, and edge compute capabilities for your remote-first environments.

Learn about Micro Branch

Wireless WAN

Get ahead of long broadband installation lead times, complex network setup, and hard-to-connect legacy equipment by using cloud-managed secure, performant, flexible Wireless WAN from Netskope.

Learn about Wireless WAN

Multi-Cloud Networking

Learn about Multi-Cloud Networking

Protect your network from vulnerable IoT/OT devices with integrated device intelligence powered by AI/ML for discovery, classification, and dynamic risk assessment.

Learn about IoT/OT Security

With Netskope One SD-WAN, Netskope delivers a fully integrated, single-vendor SASE platform

95%

of enterprises will have adopted a consolidated “secure” SD-WAN offering in branch offices, instead of deploying two products (firewall and SD-WAN), by 2028, up from 80% in 2024.

70%

of new SD-WAN deployments are now bundled with security features such as NGFW, IPS, and CASB.

80%

of the SD-WAN market will be dominated by vendors offering converged security capabilities within their WAN edge platforms, by 2026

Partners

Netskope One SD-WAN ecosystem partnerships

Enables customers to reimagine their IT infrastructure by allowing them to connect any remote user and branch to any on-premises, cloud, and SaaS service at speed and scale.

Benefits

Simplified and fully automated connectivity to public and private cloud services
SD-WAN capabilities in the cloud, providing optimized application access
Full visibility from a single console into cloud usage, network traffic, application usage, security risks, and events
Policy-based, context-aware steering from user to cloud and cloud to cloud

Explore our partners below.

Related products

^{Netskope One}
Secure SD-WAN

One platform, One software, One policy

Secure SD-WAN

^{Netskope One}
SSE

Converges security capabilities into a single cloud platform.

SSE

^{Netskope One}
SASE

Combines Security Service Edge (SSE) with Secure SD-WAN.

SASE

Netskope One SASE Essentials Workshops

Elevate your SASE knowledge by attending our Netskope One SASE Essentials Workshop where we’ll cover Netskope Secure SD-WAN, unified Secure Access Service Edge (SASE) Gateway, Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), and Endpoint SD-WAN.

This workshop is free for a limited time.

Learn more

Accelerate your cloud, data, AI, and network security program with Netskope

Get Started

Converged Gateway

Converged SASE Gateway: The new on-prem edge

Fragmented policies and performance stall enterprise transformation

Appliance sprawl

Rigid architecture

Complex operations

Converged Gateway powering Netskope One SASE with converged services at any edge

High-performance networking services

Secure SD-WAN

Advanced routing

Context-aware AppQoE

Wireless 4G/5G

Cloud On-Ramp

DEM

Complete end-to-end security services

Device Intelligence

App Firewall

IPS/IDS

VRF-aware segmentation

Netskope Publisher

Netskope Broker

Deliver, manage, and scale apps and services anywhere—via a unified, zero-touch platform built for extensibility

Zero touch

Partner marketplace

Bring your own applications

Docker compatible

Lifecycle management

One orchestrator for everything

Key customer benefits

Transform your connectivity and security with Converged Gateway use cases

Secure SD-WAN

Endpoint SD-WAN

Micro Branch

Wireless WAN

Multi-Cloud Networking

IoT/OT Security

With Netskope One SD-WAN, Netskope delivers a fully integrated, single-vendor SASE platform

Netskope One SD-WAN ecosystem partnerships

Amazon Web Services

Microsoft Azure

Google Cloud Platform

Microsoft Teams

Zoom

Related products

Netskope One SASE Essentials Workshops

Related resources

Type

Accelerate your cloud, data, AI, and network security program with Netskope