- en-US
Fully-featured SD-WAN for Service Providers
CloudWAN’s white box SD-WAN platform is custom built by NTT to power the managed SD-WAN service offerings of a diverse global service provider distribution network. Designed from the ground up to provide the world-class SD-WAN features and operational infrastructure needed to solve the most common networking use cases that our service provider partners face every day. CloudWAN is among the most comprehensive and customizable SD-WAN white-box solutions for service providers on the market today.
SD-WAN features that enterprise, mid-market, and SMB networks demand
Easy VPN
Secure
Internet Breakout
API Extensible
QOS
Hybrid WAN
ZTP
Single View Dashboard
Easy VPN
Secure
Internet Breakout
API Extensible
QOS
hybrid-wan
Zero Touch Provisioning (ZTP)
Single View Dashboard
Easy VPN for any topology
Automatically create VPN tunnels (DTLS) between edge devices. CloudWAN supports full mesh and hub & spoke network topologies.
Enterprise-level security is built-in. CloudWAN natively employs two-way authentication using x509 certificates and standard-based cipher suite(AES256-SHA) to enable highly scalable and secure VPNs.
Hub and Spoke Topology
Route all site traffic to a central office.
Full Mesh Topology
Automatically establish VPN tunnels between edge devices in the same network.
Internet Breakout
Reduce bandwidth costs and boost application performance with CloudWAN Internet Breakout.
Offload selected application traffic to the internet versus backhauling all traffic over a customer’s private WAN. Provide direct internet access for selected traffic from the edge device without encrypting and encapsulating it into a VPN tunnel.
Set the policy in the CloudWAN Controller to breakout locally or remotely via a hub site. Saved templates make it easy to deploy and update the routing policy across your existing network and new sites as they come online.
Hybrid WAN
Hybrid WAN enables the use of multiple WAN uplinks as an active-active model to enable the incremental rollout of overlay-based VPNs alongside existing MPLS circuits.
Create application-specific policies to steer packets to multiple paths based on the application data they carry. For example, using an MPLS path for low latency voice traffic and an internet path for data traffic.
Native Firewall & VPN Microsegmentation
For the Internet-bound traffic, the Native Firewall (IP Filter) provides an effective firewall mechanism. VPN Micro-Segmentation provides IP filtering for VPN-bound traffic.
These two features allow traffic to permit/deny based on a conditional match of the packet content and the network/interface.
Quality of Service (QoS)
Prioritize bandwidth for select applications and bypass lesser classifications of traffic to conserve bandwidth and avoid throughput bottlenecks for business-critical traffic.
CloudWAN provides for the categorization of traffic (such as applications and protocols) priority and desired performance criteria for a particular application.
Enterprise-grade failover handling
CloudWAN supports multiple methods for edge device LAN-side redundancy.
PAIR
PAIR WAN redundancy makes CloudWAN resilient to edge device and uplink failure. You may use two uplinks across two edge devices, just as they would be used with a single device.
The PAIR interface of an edge device mirrors the uplink attributes of the paired edge device at the site. The PAIR interface (e.g., WAN 2 on Edge Device1) acts as a proxy for the “remote” uplink on the on a Site (WAN 2 on Edge Device2). The first edge device in the pair recognizes the directly attached uplink and the PAIR interface as WAN interfaces and establish tunnels through them.
VRRP
VRRP establishes redundant default gateways over two edge devices. Hosts on the LAN establish a virtual IP address to the primary edge device acting as a gateway. The second edge device automatically activates upon the failure of the primary edge devices. This allows hosts on the LAN to keep reaching hosts on the WAN through a working edge device, even after an edge device VRRP switch-over.
BGP
For use cases requiring BGP routing, CloudWAN supports BGP sessions. The user sets up their own router that speaks BGP, and then two edge devices can connect to the router. The edge devices and router peer and advertise routing tables to each other.
OSPF
CloudWAN can establish an OSPF routing protocol with the router. An edge device uses OSPF to receive the router’s routing information and distributes it to all the other edge devices. The routing information from other edge devices is redistributed to OSPF and propagated to the LAN of the edge devices.
Vendor Agnostic NFV support
Easily deploy network function virtualization (NFV) to edge devices, and manage NFVs from the CloudWAN Controller.
Cloud Connector
Cloud Connector is a virtual appliance that enables customers to access resources on public clouds via secure tunnels. Cloud Connector is provisioned with Zero Touch Provisioning.
Edge Application Distribution and Orchestration
Easily create application containers and deploy applications and microservices to edge devices.
- Create new applications with quick container file creation.
- Distribute containerized applications to edge devices from the CloudWAN Controller.
- Update applications easily with stored containers.
- Delete applications by edge device and site.
CloudWAN Service Management Access
CloudWAN provides multiple cloud-based interfaces and robust API that service providers use to establish and scale managed SD-WAN operations.
CloudWAN Admin Portal
Establish new customer accounts and onboard sites.
- Create and manage customer accounts (projects).
- Distribute edge device OS for Zero Touch Provisioning.
CloudWAN Controller Dashboard
Manage each customer’s network, sites, and edge devices. Monitor network and edge device performance, including:
- CPU & memory usage
- Network utilization
- Tunnel conditions
Create and distribute network policy templates for:
- Firewall
- Hybrid WAN and QoS policies
- VNF services
CloudWAN API Explorer
CloudWAN is fully manageable via Rest API. Easily integrate CloudWAN SD-WAN into the service provider’s customer-facing interface and customize managed service offerings. CloudWAN API Explorer goes beyond API documentation by providing an environment for discovering, testing, and utilizing API calls on staging and live networks.
Multi-tenant at Scale
CloudWAN service providers can provide isolated views and operations for each customer. Network traffic is securely isolated. CloudWAN service providers can accommodate multiple customers in one CloudWAN system.
Zero Touch Provisioning
Eliminate the complexity and cost of sending network engineers and technicians to onboard new sites. CloudWAN’s streamlined Zero Touch Provisioning system makes standing-up new sites easy and fast. The service provider arranges the delivery of a CloudWAN approved edge device and uses the CloudWAN Admin Portal to drop ship a service provider-branded instruction manual and USB drive to the customer. Once the edge device and installation guide arrive, the customer plugs in the edge device and USB drive. The device boots and automatically joins the customer’s network in about ten minutes.
