CloudWAN’s white box SD-WAN platform is custom built by NTT to power the managed SD-WAN service offerings of a diverse global service provider distribution network. Designed from the ground up to provide the world-class SD-WAN features and operational infrastructure needed to solve the most common networking use cases that our service provider partners face every day. CloudWAN is among the most comprehensive and customizable SD-WAN white-box solutions for service providers on the market today.
Automatically create VPN tunnels (DTLS) between edge devices. CloudWAN supports full mesh and hub & spoke network topologies.
Enterprise-level security is built-in. CloudWAN natively employs two-way authentication using x509 certificates and standard-based cipher suite(AES256-SHA) to enable highly scalable and secure VPNs.
Route all site traffic to a central office.
Automatically establish VPN tunnels between edge devices in the same network.
Reduce bandwidth costs and boost application performance with CloudWAN Internet Breakout.
Offload selected application traffic to the internet versus backhauling all traffic over a customer’s private WAN. Provide direct internet access for selected traffic from the edge device without encrypting and encapsulating it into a VPN tunnel.
Set the policy in the CloudWAN Controller to breakout locally or remotely via a hub site. Saved templates make it easy to deploy and update the routing policy across your existing network and new sites as they come online.
Hybrid WAN enables the use of multiple WAN uplinks as an active-active model to enable the incremental rollout of overlay-based VPNs alongside existing MPLS circuits.
Create application-specific policies to steer packets to multiple paths based on the application data they carry. For example, using an MPLS path for low latency voice traffic and an internet path for data traffic.
For the Internet-bound traffic, the Native Firewall (IP Filter) provides an effective firewall mechanism. VPN Micro-Segmentation provides IP filtering for VPN-bound traffic.
These two features allow traffic to permit/deny based on a conditional match of the packet content and the network/interface.
Prioritize bandwidth for select applications and bypass lesser classifications of traffic to conserve bandwidth and avoid throughput bottlenecks for business-critical traffic.
CloudWAN provides for the categorization of traffic (such as applications and protocols) priority and desired performance criteria for a particular application.
CloudWAN supports multiple methods for edge device LAN-side redundancy.
PAIR WAN redundancy makes CloudWAN resilient to edge device and uplink failure. You may use two uplinks across two edge devices, just as they would be used with a single device.
The PAIR interface of an edge device mirrors the uplink attributes of the paired edge device at the site. The PAIR interface (e.g., WAN 2 on Edge Device1) acts as a proxy for the “remote” uplink on the on a Site (WAN 2 on Edge Device2). The first edge device in the pair recognizes the directly attached uplink and the PAIR interface as WAN interfaces and establish tunnels through them.
VRRP establishes redundant default gateways over two edge devices. Hosts on the LAN establish a virtual IP address to the primary edge device acting as a gateway. The second edge device automatically activates upon the failure of the primary edge devices. This allows hosts on the LAN to keep reaching hosts on the WAN through a working edge device, even after an edge device VRRP switch-over.
For use cases requiring BGP routing, CloudWAN supports BGP sessions. The user sets up their own router that speaks BGP, and then two edge devices can connect to the router. The edge devices and router peer and advertise routing tables to each other.
CloudWAN can establish an OSPF routing protocol with the router. An edge device uses OSPF to receive the router’s routing information and distributes it to all the other edge devices. The routing information from other edge devices is redistributed to OSPF and propagated to the LAN of the edge devices.
Easily deploy network function virtualization (NFV) to edge devices, and manage NFVs from the CloudWAN Controller.
Cloud Connector is a virtual appliance that enables customers to access resources on public clouds via secure tunnels. Cloud Connector is provisioned with Zero Touch Provisioning.
Easily create application containers and deploy applications and microservices to edge devices.
Establish new customer accounts and onboard sites.
Manage each customer’s network, sites, and edge devices. Monitor network and edge device performance, including:
Create and distribute network policy templates for:
CloudWAN is fully manageable via Rest API. Easily integrate CloudWAN SD-WAN into the service provider’s customer-facing interface and customize managed service offerings. CloudWAN API Explorer goes beyond API documentation by providing an environment for discovering, testing, and utilizing API calls on staging and live networks.
CloudWAN service providers can provide isolated views and operations for each customer. Network traffic is securely isolated. CloudWAN service providers can accommodate multiple customers in one CloudWAN system.
Eliminate the complexity and cost of sending network engineers and technicians to onboard new sites. CloudWAN’s streamlined Zero Touch Provisioning system makes standing-up new sites easy and fast. The service provider arranges the delivery of a CloudWAN approved edge device and uses the CloudWAN Admin Portal to drop ship a service provider-branded instruction manual and USB drive to the customer. Once the edge device and installation guide arrive, the customer plugs in the edge device and USB drive. The device boots and automatically joins the customer’s network in about ten minutes.