LUMEN® SD-WAN

Unleash your network potential with Lumen SD-WAN solutions—featuring automated security, optimized performance and intelligent scalability for driving digital innovation.

Secure virtualization for large-scale networks

Lumen® SD-WAN with Cisco Viptela provides advanced routing, segmentation and security capabilities for interconnecting complex enterprise networks with centralized policy and orchestration.

Business woman standing above a factory floor in a warehouse while working on a tablet

Benefits

Total Solution

Network service insertion

Consolidate network services at centralized locations and route traffic with simple policy changes.

Network service insertion

Consolidate network services at centralized locations and route traffic with simple policy changes.

Security

End-to-end network segmentation

Secure sensitive traffic among different lines of business with end-to-end segmentation. Rapidly onboard partners over any transport in enterprises with a dynamic partner ecosystem.

End-to-end network segmentation

Secure sensitive traffic among different lines of business with end-to-end segmentation. Rapidly onboard partners over any transport in enterprises with a dynamic partner ecosystem.

Security

Encryption at scale

Provide powerful encryption capabilities using automated key management and device authentication to secure nearly any infrastructure. Transport-agnostic VPNs provide a secure IP fabric over any underlying transport.

Encryption at scale

Provide powerful encryption capabilities using automated key management and device authentication to secure nearly any infrastructure. Transport-agnostic VPNs provide a secure IP fabric over any underlying transport.

Animated clouds connecting to a tablet, computer and globe

Features and Specs

  • Broadband + LTE, which is ideal for low-priority branches or remote locations
  • Dual broadband, which is ideal for networks without MPLS, at branch locations or data centers
  • MPLS + dedicated internet, which is ideal for sites with mission-critical applications, typically data centers and/or headquarters

  • vSmart Controller
  • vEdge Router
  • vBond Orchestrator
  • vManage Configuring and Monitoring System

  • Virtual appliance
  • Runs on VMware vSphere ESXi Hypervisor
  • Establishes secure Datagram Transport Layer Security (DTLS) connections to each vEdge router in the network
  • Overlay Management Protocol (OMP) to share routes, security and policy info

  • Uses preinstalled security credentials to automatically authenticate each new vEdge device before it joins the network
  • Centralized policy engine in the vSmart controller provides rich inbound and outbound policy constructs to manipulate routing information, access control, segmentation, extranets and service chaining
  • Full-featured IP routers perform standard functions such as OSPF, BGP, QoS, ACLs, and routing policies
  • Integrated enterprise firewall functionality
  • Automatically establishes secure DTLS sessions with the vSmart controller and standard IPsec sessions with other vEdge routers
  • vEdge 100 router includes tabletop and 1RU sizes and 100 Mbps encryption capacity
  • vEdge 1000 router includes half-width and 1RU sizes and 1 Gbps encryption capacity
  • vEdge 2000 router includes full-widths and 1RU and 10 Gbps encryption capacity

  • Virtual appliance enabling configuration management and monitoring of the solution
  • Runs on VMware vSphere ESXi Hypervisor with a minimum of two vCPUs and 4GB of memory
  • Minimum of two vCPUs and 8GB of memory

  • Virtual appliance enabling configuration management and monitoring of the solution
  • Runs on VMware vSphere ESXi Hypervisor with a minimum of two vCPUs and 8GB of memory
  • Centralized policy and distributed enforcement including Overlay Management Protocol to eliminate bottlenecks and enable quick turnaround in network changes
  • Automated secure bringup including Trusted Platform Module (TPM) chip with signed certificate to help ensure automated authentication of vEdge routers joining the network
  • Integrated enterprise firewall including user-based security policies and segmentation, IPsec, VPN, NAT and ACLs standard to enhance security and simplify infrastructure management
  • Encrypted control and data traffic that can scale to multiple tens of thousands of network endpoints and 100K+ routes while still providing multipoint security
  • Scale-out architecture with redundancy that can withstand multiple failures in the overlay network for both the control and data plane
  • End-to-end network segmentation that can be rapidly enabled without additional control plane protocols to protect the network from internal and external threats
VIEW DATA SHEET

Use Cases

Transport-agnostic VPNs

Cost-effective and secure IP fabric over virtually any underlying transport.

Transport-agnostic VPNs

Cost-effective and secure IP fabric over virtually any underlying transport.

B2B partner network

Enterprises with a dynamic partner ecosystem can rapidly onboard partners over virtually any transport.

B2B partner network

Enterprises with a dynamic partner ecosystem can rapidly onboard partners over virtually any transport.

Network service insertion

Firewalls, IPS and load balancers can be consolidated at centralized locations, and traffic can be routed through these services with simple policy changes.

Network service insertion

Firewalls, IPS and load balancers can be consolidated at centralized locations, and traffic can be routed through these services with simple policy changes.

End-to-end network segmentation

Sensitive traffic among different lines of business and partners can be secured.

End-to-end network segmentation

Sensitive traffic among different lines of business and partners can be secured.

Encryption at scale

Powerful encryption capabilities using automated key management and device authentication to secure nearly any network infrastructure.

Encryption at scale

Powerful encryption capabilities using automated key management and device authentication to secure nearly any network infrastructure.

Regional internet exit

Enterprises can deliver optimal end-user experiences for cloud, VDI and internet applications by enabling regional internet exit points.                                        

Regional internet exit

Enterprises can deliver optimal end-user experiences for cloud, VDI and internet applications by enabling regional internet exit points.                                        

Contact a Cisco Viptela specialist