Device Management SD-WAN Solution for Multi-offices and Remote Workforce

Contact Sales


Enterprises working with sensitive data often restrict access to its servers to within the company’s local network. It lowers the risk of data breach from external cybersecurity threats.

However, there are common scenarios in which employees require encrypted access to an enterprise’s local server under a hotel or cafe’s public Wi-Fi during a work trip, during a sales demo presentation, or the employee is a remote workforce.

Therefore, enterprises require a network security solution that can both restrict local server access to its employees, while enabling encrypted but also convenient remote access to selected workforce.


Hardware Deployment & Remote Device Management Platform

GL.iNet’s simplified SD-WAN solution requires deploying a primary router or a security gateway at the headquarters’ office, and assigning secondary routers for branch offices and remote workforce.

All routers will then import into GL.iNet’s GoodCloud remote device management platform and integrate into the enterprise SD-WAN network by each device’s MAC address. Within the GoodCloud platform, the enterprise network can whitelist selected routers for access permission towards the enterprise’s local server, files, and applications.

The resulting scenario will be selected employees are able to remotely access sensitive data within the enterprise’s local network only when their computers or smartphones are connected to their assigned routers by custom permission roles.

The assigned routers will add an additional layer of network security, even when employees are connected to personal home Wi-Fi networks, public Wi-Fi in cafes, hotel Wi-Fi during a business trip, or unknown Wi-Fi networks during a sales presentation.

SD-Wan Diagram

Self-hosting Cloud Management Platform

GoodCloud offers a self-hosting option for enterprise users, designed to enhance control over their network infrastructure. This option offers the potential for reduced latency, increased performance, and a high level of customization in the server environment, as well as the ability to meet security and compliance requirements.

Recommended Devices

All of GL.iNet’s routers are able to integrate into our SD-WAN solution. All routers are able to run both OpenVPN and WireGuard, supporting more than 30 VPN services; however, each device is optimized for different types of users:

For Headquarter office and Branch offices:

Spitz AX (GL-X3000) - Wi-Fi 6 4G LTE / 5G NR Dual-SIM Gateway. Spitz AX features a 2.5G multigigabit WAN port for fast Ethernet connections and a failover dual-SIM cellular network for uninterrupted network coverage in offices.

Flint (GL-AX1800) - Powerful office router with high-speed OpenVPN and WireGuard VPN encryption. It includes four long range omnidirectional antennas with improved wall-penetration capabilities, capable of reaching a connection range of 70-100 meters (220-320 feet).

For Remote Workforce:

Slate AX (GL-AXT1800) - Travel router with high-speed internet and VPN encryption. Slate AX is most useful when users are using the WireGuard protocol. WireGuard is able to utilize multiple CPU cores to process VPN encryption, which makes Slate AX’s quad-core hardware capable of reaching up to 550 Mbps using WireGuard.

Beryl AX (GL-MT3000) - Travel router with high bandwidth and mass device connectivity. Beryl AX is most useful when users are using the OpenVPN protocol. OpenVPN can only utilize a single CPU core at a time, and Beryl AX is capable of reaching up to 150 Mbps using OpenVPN. Beryl AX is the perfect tool to be used as a hotspot device that bypasses a hotel's number of Wi-Fi device restrictions, during a business trip.

Customization and White Label Service


Flint (GL-AX1800), Slate AX (AXT1800), Beryl AX (GL-MT3000), Mango (GL-MT300N-V2) runs on OpenWrt v21.02, our proprietary firmware based on OpenWrt. It supports more than 5000 ready-made plug-ins for customization. Simply browse, install, and manage packages with our no-code interface within the device’s Admin Panel at

White Label

GL.iNet’s routers, Admin Panel, and GoodCloud remote device management platform are all available for white label services, including custom logos, silk printings, custom packages, interface, and more. Feel free to contact our account managers to inquire about the terms and extent of our customization services.

Learn more about GL.iNet’s white label & customization services: