CoIP Architecture and Components

CoIP Architecture and Components

As hybrid cloud deployments become standard, enterprises need solutions to rapidly connect applications running on a variety of infrastructure to retain business agility. That’s where Zentera comes in. Zentera’s CoIP Enclave™ solution creates a “universal VPC” that connects and secures application workloads across complex hybrid environments. CoIP Enclaves work with any infrastructure in any environment, do not interfere with existing network security, and are being deployed in less than a day.

Hybrid Cloud Architecture

The CoIP overlay routes application traffic over a web services framework in a way that is transparent to both the application and the details of the underlying physical networks.


CoIP LAN is an overlay network that connects distributed resources as if they are running in a LAN environment in the overlay infrastructure. The underlay physical connections are required among the resources to support CoIP LAN tunnels.


CoIP WAN is an overlay network that connects distributed resources across wide area, physical network domains as if they are running in a unified WAN environment in the overlay infrastructure. The underlay physical networks are fragmented. CoIP WAN builds SSL tunnels using the fragmented physical networks.

CoIP Controller (zCenter)

The Controller governs every aspect of communications within a CoIP overlay network. It provides a central enforcement point for all network and security policies, and can be deployed as a Linux physical or a virtual appliance. The Controller offers options of web-GUI as well as API for automated management and control of a CoIP Enclave deployment. The Controller supports high-availability (HA) operation.

ZNS Switch Node

The ZNS Switch Node bridges CoIP overlay connections. Multiple ZNS Switch Nodes nodes can be clustered for higher availability and throughput. The ZNS Switch Node is available as a Linux physical or virtual appliance.

Edge Gateway

Deployed to serve multiple virtual machines, a CoIP Edge Gateway provides an onramp to the overlay network. A single Edge Gateway can be used to connect a service into the overlay network (for example, Microsoft Active Directory), while multiple Edge Gateways can be used to bridge subnets together.

Endpoint Gateway (zLink)

A CoIP Endpoint Gateway deploys on an endpoint to provide overlay network services, including overlay addressing and security filtering and segmentation. CoIP Endpoint Gateways are available for practically any Linux or Windows platform.

Global Architecture Diagram

For enterprises looking to run a large global operation, with several business initiatives, deployments, and geographical regions, multiple zCenters can be used to address distributed business requirements.

Enterprises using CoIP Enclave can:

  • Deploy applications to a hybrid or multi-cloud environment without time-consuming network analysis and design
  • Bridge hosts or subnets, even if no physical route exists
  • Virtualize networking for existing on-premises applications

Zentera Systems, Inc.

Zentera secures application workloads in hybrid environments with a type of software-defined perimeter called an enclave. The CoIP Enclave™ solution provides security and connectivity. It works with any infrastructure in any environment, does not interfere with existing environments or security, and can be up and running in less than a day. CoIP Enclave provides comprehensive network security for enterprise applications in the cloud, moving to the cloud or on-premise, and is deployed for worldwide operations by global corporations. The company has received numerous honors, including consecutive Red Herring Top 100 Awards, and is based in Silicon Valley.

Copyright © 2018 Zentera Systems, Inc.
All Rights Reserved.


All other trademarks and copyrights are the property of their respective owners.