The Mako System is a PCI-certified, cloud-managed, carrier-independent networking solution that makes it easy to connect and manage thousands of global sites in a high-performance SD-WAN business network that has no single point of failure and is secure, reliable, scalable and cost-effective. It consists of two parts: the Mako Central Management System (CMS) network management application and a range of managed Mako devices installed at customer locations or virtualized in the Cloud. Review the Mako System’s most important features and technology below.


The Mako System is a PCI-certified, cloud-managed, carrier-independent networking solution that makes it easy to connect and manage thousands of global sites in a high-performance SD-WAN business network that has no single point of failure and is secure, reliable, scalable and cost-effective. It consists of two parts: the Mako Central Management System (CMS) network management application and a range of managed Mako devices installed at customer locations or virtualized in the Cloud. Review the Mako System’s most important features and technology below.


If your business processes, stores or transmits credit card data, it must meet a special set of security criteria known as the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS ensures that a baseline of security is in place and helps reduce your risk of credit card fraud, but for many businesses, implementing and maintaining compliance with PCI DSS can be challenging and expensive. There are annual, quarterly and ongoing activities and obligations that your business must document.

In 2009, Mako Networks became the first network management company in the world to qualify as a PCI-certified Level 1 service provider, and we have successfully demonstrated our compliance every year since then. The end-to-end PCI certification of the Mako System, including the Mako CMS and all Mako devices, makes us unique among our competitors. Mako Networks designs and produces hardware and software that achieves a type of PCI certification that is transferrable to your business network.

The Mako System’s end-to-end PCI DSS certification and cloud-based PCI-compliance tools can assist your business with securing sensitive data and meeting compliance obligations.

  • PCI-certified Enterprise Templates facilitate bulk security configuration of Mako devices, applying and maintaining network settings across your enterprise to provide constant, assured compliance.
  • PCI-compliance tools in the Mako CMS make it easy to demonstrate compliance for each of your merchant locations when necessary.
  • PCI-certified wireless networking technology is a perfect fit for the latest wireless POS devices, such as tablets, handheld scanners and more.

Mako Networks is a world leader in helping businesses like yours meet and maintain compliance with PCI DSS and other standards, such as ISO, GDPR and HIPAA.


A Secure Access Service Edge (SASE) merges networking and security functions into a unified cloud-delivered service to address evolving cyber security concerns, growing demand for easy remote access and widespread adoption of software-as-a-service (SaaS) applications. As usual, Mako Networks was ahead of the trend, anticipating the security and resilience requirements that have become essential to a modern business network. The Mako System was a SASE solution long before that term was coined. It delivers a powerful combination of PCI-certified security, high availability, flexible SD-WAN scalability and cloud-based control and visibility.

The Mako System is a secure and reliable SASE SD-WAN solution that allows you to construct your network using hardened, tamper-proof network devices that are exclusively managed via the cloud-based Mako CMS. It leverages an array of transport services to connect users and applications safely and dependably. The Mako System reduces complexity and cost while increasing performance and ease of use. Most importantly, security policies can be enforced consistently throughout your organization, even if you use a franchise model.

With more than 20 years of experience designing, deploying and maintaining high-security, high-performance distributed enterprise networks, including developing the specialized hardware and software that makes our SASE solution possible, Mako Networks has the knowledge and expertise to solve your network challenges.


Mako Networks’ patented Software-Defined Wide Area Network (SD-WAN) technology decouples WAN control from hardware and firmware and moves it to a cloud-based software application: the Mako CMS. By defining and managing flexible WAN paths using software instead of hardware, you can easily introduce layers of redundancy to eliminate failure points in your network. The Mako System’s SD-WAN technology encompasses many of our high availability features, including Mako VPN Cloud, Fast Failover and Seamless Voice.

Mako VPN Cloud is WAN connectivity designed for the distributed enterprise, which makes it easy to securely and reliably connect thousands of remote locations or key personnel to your central enterprise and trusted third-party service providers. A Mako VPN Cloud creates highly resilient encrypted private connections over the public Internet reducing risk, cost and complexity while enhancing security, availability and performance. Redundancy is scalable for each cloud to a level appropriate for your business requirements. Traffic is intelligently routed to any available Mako VPN concentrator in a Mako VPN Cloud, either physical (hosted on-prem) or virtual (hosted in GCP, AWS or Azure); perfect for businesses migrating services to the Cloud. Far from a one-size-fits-all solution, you can customize which traffic flows over your Mako VPN Clouds and which traffic is routed directly to the Internet.

Mako’s Fast Failover automatically switches traffic across your remote sites’ available Internet connections (including Ethernet, cable, SFP, fiber, xDSL and cellular) for the level of resiliency and redundancy best suited to your needs. You can choose how each connection is used, set priority for each circuit, configure failover patterns and load balance across multiple circuits. While conservative failover configurations can reduce cellular data usage, Fast Failover configurations deliver seamless performance that will not drop a single packet. When pairing Fast Failover with our Mako Voice VoIP option, Seamless Voice mirrors voice packets over two or more circuits, so a failover event will not interrupt an active call.

Mako Networks has been connecting and protecting distributed enterprise organizations like yours for more than 20 years. Choosing our SD-WAN technology will future-proof and secure your business network, enabling you to keep your focus on serving your customers.

Cloud Management

The Mako CMS allows an IT team of any size to manage a large global network. Mako devices have no local means of management and can only be managed from the Mako CMS, greatly enhancing network security. Using a patented communications protocol, each Mako device connects securely to the Mako CMS over the public Internet.

User security features include multi-factor authentication and role-based permissions. Authorized users have 24/7 remote access from anywhere in the world to a complete suite of cloud-based tools for advanced configuration, automated real-time alerts, enterprise reporting and troubleshooting diagnostics, reducing or eliminating the need for on-site maintenance.

Use VLAN to implement advanced segmentation configurations. Use SD-WAN to connect your sites in a Mako VPN Cloud and to configure failover behavior. The Mako System can handle any network design you can imagine, meeting any enterprise-wide requirements or site-specific accommodations. Enterprise Templates and Zero-Touch Deployment ensure that your design is scalable to any number of global locations.

Each Mako device automatically receives site-specific configuration information from the cloud-based Mako CMS. Your remote sites can get up and running quickly and easily, including running on cellular while you wait for terrestrial broadband installation.

Enterprise Templates

With the Mako System’s Enterprise Templates, you can perform network administration on one site or thousands of sites at once. Your implementation can be as simple as applying a single global template across your entire organization or as granular as targeting specific groups of sites with multiple prioritized templates. Complex firewall rules can be templated and deployed to thousands of Mako devices via the Mako CMS, massively reducing the time to implement changes.

Our PCI-certified templates facilitate bulk security configuration of Mako devices and make it easy to demonstrate compliance for each of your merchant locations when necessary.

The Mako System’s Zero-Touch Deployment model, paired with Enterprise Templates, facilitates rapid deployment that delivers out-of-the-box centralized security. When you make changes to a template, the Mako System can actively push those changes to all Mako devices using that template, so you can seamlessly and centrally update device configurations. The result is the creation of secure, supportable, segmented networks at remote sites without compromising your organization’s productivity or security standards.

Large-Scale Deployments

After assessing your existing network and consulting with you to develop a custom Mako System implementation that meets your business requirements, Mako Networks or its authorized partners will execute a rapid and painless deployment plan for your distributed locations. Our flexible solution is designed to support large-scale deployments and evolve with your organization’s requirements.

Mako devices are shipped preconfigured and are completely cloud-managed via the Mako CMS, allowing for centralized network control and templated security with no onsite configuration or setup required. Each of your locations can receive the same standardized deployment package for ease of management at scale.

Mako helps your organization maintain critical infrastructure while keeping your networks secure. If you need to implement a work-from-home model or expand your footprint with new remote locations, we have the experience, technology and flexibility to manage large-scale deployments.

Next-Generation Firewall

Mako Networks offers security gateways that feature Next-Generation Firewall (NGFW) technology, including packet inspection and Intrusion Detection and Prevention (IDS/IPS). All traffic entering and leaving your network is scrutinized to ensure network connections are authorized and intrusion attempts are identified and blocked. Port scanning protection, worm detection, MAC address control and complex firewall rules can be templated and deployed to thousands of Mako devices at once via the Mako CMS, massively reducing the time to implement changes and ensuring your enterprise’s security posture is readily up to date.

High Availability

High Availability (HA) for business networks means you can rely on exceptional uptime for your critical connections so your business operations are not interrupted by connectivity issues. The Mako System uses SD-WAN technology to provide a range of redundancy and failover options, including our Fast Failover configurations that deliver seamless HA performance for business continuity, meaning your critical business systems stay online and do not drop a packet during unexpected service outages.

Choose the amount of reliability and resiliency your business needs. The Mako System supports circuit (multiple connections and routes), hardware (multiple devices) and geographic (multiple locations) redundancy and gives you the flexibility to specify seamless connectivity for locations and services that require it while conserving data usage elsewhere.

  • Mako VPN Cloud tunnels create private routes over the public Internet, leveraging the distributed nature of the Cloud to eliminate any single points of failure.
  • Mako security gateway WAN connections can be configured to failover from one to another in the event of a service outage. Connect to any available broadband carriers at each of your sites with options for Gigabit Ethernet, cable, SFP, fiber, xDSL and dual-SIM cellular.
  • Two or more Mako VPN concentrators can be configured to use circuit, geographic or hardware redundancy, supporting Active/Active, Active/Passive and Load Balancing modes. Certain models have a backup power supply, as well.

Seamless connectivity keeps your stateful data, such as payment transactions, connected through a failover event. A typical scenario would see terrestrial broadband automatically fail over to cellular broadband and back again without any data loss. Even VoIP voice calls stay connected. Or if voice data or any other traffic is not considered critical for your business, you can restrict it from using the cellular connection and only allow payments to process. You can control the balance of cost and performance for every site in your enterprise.

Already known for world-class security features, the affordable and seamless HA performance of Fast Failover sets Mako Networks apart.

Advanced Diagnostics

Advanced diagnostic tools in the Mako CMS give you instant, in-depth insight into the health and performance of every device, the circuits that connect them and the overall network. Run commands on your Mako devices to troubleshoot issues related to configuration, connectivity, performance and more as you fine-tune the behavior of your network.

In addition to the remote diagnostic tools in the Mako CMS, color-coded LED lights on Mako devices convey Internet and network connection information at a glance to on-site users. For non-technical users, this makes it easy to quickly identify basic network issues.

Usage Reporting

Streamline operations, control data costs and more with reports and analytics. The Mako CMS carefully tracks a variety of metrics, such as internet usage for each site, and presents visualizations of this data to authorized users, who can use this as they see fit to adjust business practices or to automate Mako CMS actions, such as disabling internet access when a certain event occurs or a threshold is reached.

Status Alerts

Subscribe to real-time notifications of potential network issues, including worm alerts, online/offline status, WAN failover, VPN health, intrusion detection, unauthorized devices and more. Authorized Mako CMS users can elect to receive proactive alerts via email, webhooks for integrated notifications (Microsoft Teams, Slack, etc.) or NetFlow for an existing SIEM platform.

Cloud VPNs

The Mako CMS is the easiest way to set up a Virtual Private Network (VPN). Create secure, encrypted VPN connections with just a few clicks and without needing static IP addresses. Connect retail locations or other remote sites to head offices, data centers or third-party services. Our VPNs are carrier-independent and can be established over any kind of broadband connection, including cellular. Choose whether traffic flows in one or two directions. Your data is encrypted in both directions for maximum security.

The latest cloud VPN technology replaces the need for outmoded IPsec tunnels and legacy MPLS networks. Mako VPN Cloud is our patented SD-WAN technology for creating VPN clouds in the Mako System. Its advantages include rapid WAN failover between primary and secondary connections, multi-network support within a single VPN connection and support for dynamic mesh network topologies. It also supports geographical diversity for data center connectivity when used in supporting environments. As part of this, Mako VPN concentrators now support BGP routing for exchanging route information with internal routers and firewalls.

Like the rest of the Mako System, Mako VPN Clouds scale easily with your distributed enterprise, eliminating networking pain points caused by rapid growth and inconsistent environments.

Remote Access

The Mako System is a quick, simple solution for providing authorized users with granular, remote access to your corporate network, including Mako VPN Clouds. Strong encryption of both inbound and outbound traffic ensures secure communication, while multi-factor authentication is available to reduce the risk of unauthorized access and to help meet compliance requirements.

Implementing remote access in the Mako System is easy for both administrators and end users. Administrators use the intuitive Mako CMS to manage users, devices, and access. End users need only import a single configuration file into a remote access client installed on their device, such as Viscosity (recommended) or OpenVPN (free). Mako Networks enables you to add this critical feature to your business network with minimal effort for maximum security.

Cellular Failover

The Mako CMS gives you control over WAN failover patterns and behaviors for each of your sites. Mako devices that feature onboard cellular modules are typically configured to use a primary wired connection with a secondary cellular connection for reliable broadband Internet access. These cellular failover configurations keep your critical data flowing by automatically rerouting designated network traffic, including secure VPN traffic, to your cellular service whenever fixed-line services are down.

You also control the balance of cost and performance for each of your sites. Optional Fast Failover configurations deliver seamless connectivity that keeps stateful data, such as payments and live voice calls, connected through a failover event. More conservative failover configurations reduce costly cellular data usage.

Mako devices with onboard cellular use a commercial-grade cellular modem with one or two internal SIM slots, avoiding the pitfalls of external cellular modems that can be accidentally or maliciously disconnected. At locations where reliable wired broadband is not available, these Mako devices can be configured to operate solely on cellular connections.


Many Mako devices support the activation of multiple private or guest Wi-Fi networks per site. Whether you have one, 10 or 10,000 locations, our Wi-Fi networking capabilities are simple to set up, highly reliable and centrally managed. Our Mako 4600 wireless access points support 4×4 MIMO Wi-Fi 6, providing up to 8 SSIDs with world-class coverage, speed and capacity. All our Wi-Fi networks support VLAN configurations via the Mako CMS.

If your current guest Wi-Fi suffers from weak security, poor performance and unmonitored usage (or does not exist), you are not alone. As part of the end-to-end PCI-certified Mako System, our guest Wi-Fi has a wealth of security features, including content filtering. We offer wireless access points with next-gen performance. The Mako CMS contains a suite of real-time customer data analytics that give you access to valuable metrics such as dwell time to drive your targeted marketing strategies.

The Mako System’s PCI DSS certification covers both wired and wireless communications, so your Wi-Fi networks can be configured securely for wireless devices handling sensitive data, such as POS tablets or healthcare equipment.


Mako Voice is a custom VoIP solution that commonly saves businesses 30-70% when compared to their existing telecom equipment and service. It’s rich with features, such as Office-to-Mobile Business Continuity for seamless call routing to company- or employee-owned cellular devices via a cloud-hosted PBX.

Mako Voice can be tailored to meet your organization’s requirements, including options for Hosted PBX or SIP Trunking, allowing you to save money on your phone service while using existing equipment. Mako consults with you to determine the best products for your needs. One license provides every advanced feature, regardless of the platform being on-prem or hosted.

Mako Voice delivers the most value for your dollar in the VoIP services market, thanks to Mako Networks’ renowned quality, industry-leading features and competitive pricing. We share our customers’ high expectations for quality and only offer products and services that meet those standards. Our all-inclusive approach to network security is replicated and applied to creating all-inclusive VoIP solutions.