Point of presence：Point of presence is also known as POP. POP point, as an important network node of the SD-WAN network, is responsible for the communication with the smart gateway, and with other cross-domain POP points of the SD-WAN backbone network.
Smart gateway：In the SD-WAN architecture, the Smart gateway is usually referred to as CPE. CPE is an important network device deployed on the client side of the SD-WAN. It is mainly responsible for establishing an encrypted channel with the POP through the network.
The client-side traffic is transmitted to the POP point and SD-WAN backbone network through the SD-WAN transmission network using encryption and is transmitted to the CPE at the opposite end of the SD-WAN.
SD-WAN Backbone Network：In SD-WAN, the backbone network between POP nodes is composed of China Telecom's high-quality ChinaNet network and CN2-DCI network. The user's SD-WAN network traffic is logically isolated in the backbone network using VxLAN technology.
Internet Protocol Security：Internet Protocol Security(IPsec) is a protocol package that protects network transmission protocol suite (a collection of interrelated protocols) of the IP protocol by encrypting and authenticating the packets of the IP protocol.
IPsec is mainly composed of the following protocols: 1. Authentication header (AH), which provides connectionless data integrity, message authentication and protection against replay attacks for IP datagrams; 2. Encapsulated security payload (ESP), which provides confidentiality and data source Authentication, connectionless integrity, anti-replay and limited traffic-flow confidentiality; Third, security association (SA), provides algorithms and data packets, and provides parameters required for AH and ESP operations.