About secure transport concentrators
Secure transport concentrators are auxiliary sites linked to a primary site that needs secure transport. These concentrators include only the appliances responsible for handling secure transport and must always be associated with a primary site. They inherit most settings from the primary site, and these settings are finalized when you perform a hybrid push from the Sites & Networks page.
Typically located in a data center, secure transport concentrators work alongside SteelHeads that manage path selection and QoS. All networks and uplinks connected to these concentrators are secured. The SCC designates these appliances within the site and automatically creates an auxiliary site labeled as a secure transport concentrator.
In backhaul scenarios, for example, a branch office encrypts internet-bound traffic and sends it to the data center. At the data center, the concentrator decrypts the traffic, applies path selection based on defined rules, and forwards it to the internet. This setup ensures secure, efficient routing of sensitive or public-bound data.
Best practices for creating secure transport concentrators
• Create a site for which you need secure transport, typically the data center. Define the topology for the site appropriately; that is, create secure networks and uplinks. Call this SiteA.
• Create a secure transport concentrator associated with SiteA. The SCC prompts you to add appliances and link them to the SiteA.
• You will inherit most of the properties of SiteA (that is, the linked site). You will be prompted to import uplinks from the linked site but only for secured networks. If there are no secure networks in the associated site then the SCC issues an error.
• The secure transport concentrator uplinks will change the gateway of the inherited uplinks. The other properties aren’t editable.