What is the Lumen SD WAN Solution?
Lumen SD WAN uses a single, automated platform that can be monitored and managed from a central control dashboard. The solution is provisioned via various SD WAN vendors, each offering different features and capabilities depending on the appliance used and its suitability for business needs.
Lumen SD WAN Versa Networks:
Lumen's SD WAN offering based on Versa Networks is aimed at multi-site deployments, creating a more efficient use of resources by providing centralized cloud management and bandwidth management and monitoring the performance of business-critical applications.
- SD WAN: Lumen-Versa Networks offer a flexible WAN solution designed to fit individual site needs on a global scale if need be, along with Border Gateway Protocol (BGP), Open Shortest Path First (OSPF) and Carrier-Grade Network Address Translation (CGNAT). All SD WAN-hosted infrastructure, including software licenses and rental customer premises equipment (CPE), can support up to 10 Gbps. Multiple virtual routers are available to enable unlimited forwarding paths and complete traffic segmentation. The service is compatible with Lumen's connectivity but also offers a 'bring-your-own-transport' service, which supports Ethernet, MPLS, Broadband, 4G/LTE and dedicated Internet.
- Managed Services: Clients are offered SD WANaaS, including managed and co-managed options (See, What is the Lumen managed, co-managed and DIY services solution?).
- Security Features: Security features include stateful firewalling with Geo-IP-based firewall rules, including Intrusion Detection System (IDS) /Intrusion Prevention System (IPS), URL filtering, IP filtering and content filtering. Authentication, encryption and key exchange are also available, real-time reporting with historical analytics and pervasive visibility from Layer 2 to Layer 7, including sites, circuits, applications, threats and SD WAN.
For more information on Versa Networks, please see our vendor listing here.
Lumen SD WAN VMware (VeloCloud):
VMware and Lumen offer a granular SD WAN solution which includes Dynamic Multipath Optimization (DMPO) to provide a secure branch to the data centre, cloud access and business-critical applications such as voice and video.
- Configuration: Lumen-VMware offers over 100 PoPs worldwide, thousands of Edges, and over 2,000 cloud gateways and over 65 orchestrators. Direct SaaS application access is also provided via cloud breakout that does not involve data centre backhauling.
- Dynamic Multipath Optimization (DMPO): VMware's DMPO product is available from Lumen SD WAN. It includes performance optimization for business-critical applications in real-time, application-aware per-packet link steering with on-demand remediation and supports LTE, MPLS and broadband internet circuits.
- Zero-Touch Deployment: Leverages a hyper-scale solution with push or pull activation.
Cloud Based, Multi-tenant Orchestrator: Offers centralized management and visibility in a cloud-hosted, multi-tenant environment (see, What is the Lumen managed, co-managed and DIY services solution?).
For more information on VMware, please see our vendor listing here.
Lumen SD WAN Cisco Meraki:
The Lumen-Meraki solution is ideal for enterprises looking to lower their operating costs whilst improving their multi-site resource usage through a single, centralized PCI 3.2. certified cloud-based management service wrapper.
- Deployment: The Lumen-Meraki offering can be deployed as 'over the top of existing networks, bundled or as a tailored solution.
- Analytical Tools: Latency, MOS, packet loss and jitter can all be monitored through historical or real-time analytics and reporting. This gives customers visibility into their networks and the ability to monitor network performance.
- Support: The Lumen-Meraki solution features Wi-Fi-capable hardware and built-in LTE capability. This offering provides support for DIA, MPLS and LTE connectivity.
- Security Features: This solution supports dynamic path selection, intelligent routing and integrated security such as Content filtering, Intrusion detection & prevention, Stateful firewall, Geo-IP based firewall rules and Site-to-site auto VPN.
For more information on Cisco Meraki, please see our vendor listing here.
Lumen SD WAN Cisco Viptela:
The Lumen-Viptela solution is ideal for complex enterprise networks that require proficient security, routing and segmentation. The service includes four components: vEdge Routers, vSmart Controller, vManage Network Configuration and Monitoring System and vBond Orchestrator. This solution provides centralized policies and orchestration for large-scale networks.
- Deployment Options: The Lumen-Viptela offering can be deployed via Dual Broadband, Broadband + LTE or MPLS + DIA. This provides deployment options for low-priority remote locations to sites with mission-critical applications such as headquarters or data centres.
- vManage Network Configuration and Monitoring System: A virtual appliance provided by Viptela that runs on VMware vSphere ESXi Hypervisor with a minimum of two vCPUs and 8GB of memory, enabling configuration management and monitoring of the SD WAN solution. The solution also offers the Trusted Platform Module (TPM) chip, designed to authorize vEdge routers requesting to join the network. Overlay Management Protocol eliminates bottlenecks and speeds up network changes and end-to-end network segmentation to protect against internal and external security threats. Scale-out architecture protects the network from multiple overlay failures. Security features include encrypted control and data traffic with the ability to scale to over 10,000 network endpoints and over 100,000 routes and integrated firewall services, which include user policies such as IPsec, VPN, NAT and ACLs.
- vEdge Routers: There are three vEdge router types available: vEdge 100, vEdge 1000 and vEdge 2000. The vEdge 2000 router has a 10Gbps encryption capacity, full widths and 1Rack Unit (RU). The vEdge 1000 router has a 1Gbps encryption capacity, with half-width and 1RU sizes. The vEdge 100 router has a 100Mbps encryption capacity and includes tabletop with 1RU sizes. Lumen-Viptela vEdge devices automatically authenticate new vEdge devices on the network through preinstalled security credentials and leverage integrated enterprise firewall functionality. Functions such as Border Gateway Protocol, Open Shortest Path First, Access Control Lists and Quality of Service, and routing policies can all be performed by the IP routers. vEdge devices will auto-establish IPsec sessions with other vEdge routers. However, when connected to the vSmart controller, it will auto-establish a secure Datagram Transport Layer Security session instead. Policy constructs can manipulate extranets, access control, service chaining, routing information and segmentation through the vSmart controller's centralized policy engine.
- vBond Orchestrator: The vBond Orchestrator is a virtual appliance that requires a minimum of two vCPUs and 8GB or a minimum of two vCPUs and 4GB of memory when run on VMware vSphere ESXi Hypervisor.
- vSmart Controller: The vSmart Controller is a virtual appliance that provides secure connections to network vEdge routers via DTLS. The controller operates through VMware vSphere ESXi Hypervisor and shares route, policy and security information via an Overlay Management Protocol (OMP).
For more information on Cisco Viptela, please see our vendor listing here.