CLOUDWAN END-CUSTOMER SOLUTION

More than SD-WAN: CLOUDWAN is the Network of the Future

To compete and grow in challenging business environments, you need to respond quickly to changing market conditions. CLOUDWAN unleashes the true power of your business. Built on NTT i3’s Elastic Services Infrastructure, it is a flexible and scalable next-generation networking solution for the future. ​​Whether you’re opening a manufacturing plant in Taipei or a retail shop in Milan, CLOUDWAN fuels your business growth with the speed and agility required to grow and adapt to market demands.

CLOUDWAN System Overview

All the great things in one product

Easy VPN

Easy VPN allows you to create a highly scalable and secure VPN mesh network by automatically creating tunnels between edge devices. Provisioned via ZTP, Easy VPN enables you to build site-to-site VPNs without sending skilled engineers onsite.

  • Easy VPN: Automatically creates tunnels between edge devices.
  • Zero Touch VPN setup: If you connect to the Internet, you can build site-to-site VPN’s without sending skilled engineers to site.
  • Enterprise Level Security: With the help of technologies such as two way authentication using x509 certificates and Standard-based cipher suite(AES256-SHA), we enable a highly scalable and secure VPN mesh network between customer sites.

Flexible Internet Breakout

As enterprises introduce modern SaaS applications, the amount of traffic moving between the enterprise and these applications in the cloud is increasing. Flexible Internet Breakout can enable direct internet access for select traffic from a CPE, resulting in an improved user experience while reducing bandwidth demands at the central site.

  • Local Internet Breakout can provide direct internet access for selected traffic from CPE device without encrypting and encapsulating into VPN tunnel. Offloading traffic to the internet rather than backhauling over the private WAN significantly reduces the cost of setting up internet accesses to each site.
  • Dynamic and centralized policy management allows distribution of policies to the VNFs on edge devices automatically.
  • Ability to breakout locally to Internet based on DPI match (Office365, Other SaaS applications, etc.)

Hybrid WAN

Hybrid WAN provides you with the ability to steer packets to one or more paths based on the applications they carry. For example, you could steer business critical applications to use the MPLS path, while sending unclassified, or non-priority packets via the Internet path.

  • Hybrid WAN enables the use of multiple WAN uplinks in an active-active model. Hybrid WAN allows you to incrementally roll out overlay-based VPNs alongside their existing MPLS VPN.
  • A key requirement is the ability to steer the packets to one or more paths (MPLS or Internet) based on the application they carry. For example, this would allow you to use the MPLS path for voice traffic and the Internet path for data traffic.

Zero-Touch Provisioning

ZTP is a simple and rapid way of deploying CLOUDWAN. Simply send a CPE to your location. Any staff onsite can plug it in and turn it on. From there, the CPE queries and downloads the appropriate configurations.

  • Zero Touch Provisioning eliminates the need to send network engineers onsite to deploy devices. With ZTP, a person onsite only needs to:
    • Plug-in cables (WAN, LAN, Power)
    • Power on the device
  • Actual CPE configuration is done from centralized management system:
    • Provisioning Physical CPEs by matching vendor information (serial number, MAC address etc.)
    • Provisioning Cloud Connectors (VMs) with unique tokens
    • Replacing hardware without any loss of configuration

Security

Cyber security is a growing concern for all enterprises. CLOUDWAN allows your organization to be agile and responsive to the changing business needs by including enterprise security features as part of our platform. CLOUDWAN’s features bring together many security advantages into a unified platform with central management.

  • Easy VPN
    • Secure and encrypted connection with better performance
  • Traffic Segmentation
    • Provides ability to apply security policies to sensitive data and applications
      Hybrid WAN
      Local Internet Breakout
  • VNF Security Functionality
    • Easily deploy & manage best of breed security technologies
    • Increase visibility and control across your network
    • Apply consistent security policies from a central location
    • Managed security services of the VNFs provided by NTT Security

Quality of Service

CLOUDWAN offers application aware QoS which allows the flexibility to classify priority traffic based upon application. This is increasingly important as organizations rely upon high-bandwidth applications such as VoIP and video conferencing to conduct business. CLOUDWAN makes it easy for you to assign priority and steer traffic according to application.

  • First, we support strict priority queue, and then Weighted Round Robin (WRR)
  • Application aware QoS allows flexibility to classify priority traffic based on the application

Dashboard

The CLOUDWAN user interface is simple and easy to navigate. Log into one portal and quickly get an overview of key network statistics and easily manage devices, networks and policies. The dashboard provides a central portal to easily manage.

  • The dashboard provides a central portal to easily manage:
    - CPE Devices
    - Networks
    - Firewall, Hybrid WAN and QoS policies
    - VNF services
  • The user can see the detailed device metrics such as:
    - CPU usage
    - Memory usage
    - Network utilization

REST API

Use our RESTful API to easily integrate CLOUDWAN services with your own system

  • All CLOUDWAN resources (device, VPN configuration, Port configuration, NFV configuration, etc.) can be read/created/updated/deleted with HTTP/REST interface
  • Authorized users can fully manage CLOUDWAN services
  • All CLOUDWAN resources (device, VPN configuration, Port configuration, NFV configuration, etc.) can be read/created/updated/deleted with HTTP/REST interface

CLOUDWAN Optional Features

Cloud Connector

Cloud Connector supports your multi-cloud strategy. Easily access resources on most public clouds via secure tunnels.

  • Cloud Connector is a virtual appliance that enables customers to access resources on most Public Clouds via secure tunnels
  • Cloud Connector is provisioned with Zero Touch Provisioning
  • Below are supported clouds:
    Amazon Web Services
    Azure
    VMware
    Google Cloud (roadmap)
    NTT Com ECL2.0 (roadmap)

NFV Support

CLOUDWAN supports network function virtualization. Easily deploy and centrally manage industry leading virtual solutions such as Palo Alto Networks and Fortinet.

UTM/Firewall

Fortinet

Proxy

Symantec

Roadmap

SilverPeak PaloAltoNetworks SOPHOS riverbed

Applications & Services at the edge

CLOUDWAN supports deploy any type of applications and updates to edge devices without touching the device by using Docker technology.

Custom Edge Services

  • Allow to deploy custom edge services and applications, e.g. consolidate and process data before sending to clouds