Software Defined Wide Area Network (SD-WAN)

SD-WAN enables enterprises to securely support application growth, network agility, and simplified branch implementations while delivering high-performance, reliable branch access to cloud services, private data centers, and SaaS-based enterprise applications. The CDT SD-WAN is built on software-defined networking principles to address end-to-end automation, application continuity, branch transformation, and security from the data center and cloud to the edge.

N
  • Enables direct cloud access
  • Lower WAN operating and capital outlay expenses
  • Greater business agility and responsiveness
  • Robust edge to edge security and micro-segmentation
  • Cost-effective solution for ensuring high availability at branch sites
  • Rapid provisioning
  • Transport independence vendor-agnostic (i.e. MPLS, broadband, LTE, etc.)
  • Management simplicity and flexibility
  • Improves performance using dynamic multipath optimization protocol
  • Built-in encryption
  • Single edge device can support multiple virtual functions
  • Easy integration with an existing network via routing protocols
  • Facilitates redundancy and high availability at the edge

Transport Independent

  • Customer in coordination with CDT and CALNET can choose any combination of transport for each field office
  • Vendor redundancy
  • Increased availability
  • CDT direct peering to Cloud Service Providers (CSP) will provide the best network path and low latency

Single Orchestration for WAN Configuration in One Place

  • Cloud deployed and accessible
  • Resilient

Ease of Configuration

  • Customer able to configure some features on their devices
  • Profile-centric configuration
  • Optimize administration

Virtualization

    • Virtual WAN between sites and Cloud communications
    • Able to maintain logical network design and security
    • Application-based policy and offload
    • Dynamic multi-path optimization

Technology Can be Deployed Anywhere

    • reachability to VeloCloud Orchestrator and VeloCloud Gateway is required

24/7 Service Desk

    • Single point of contact for problem escalation and resolution

Proactive monitoring and auto-notification

Performance

    • CDT has engineered an SDWAN service offering that leverages the benefits of the VeloCloud SDWAN product as well as the low-latency infrastructure of CDT’s Equinix presence to bring the highest level of network connectivity performance for any compute destination.

      Dynamic Path Selection – VMware SD-WAN “Dynamic Multipath Optimization” comprises deep application recognition, automatic link monitoring, auto-detection of provider, and auto-configuration of link characteristics; routing and Quality of Service (QoS) settings.

      Smart QoS – Granular classification of 2,500+ applications enables smart control. Out-of-the-box defaults set the QoS policies for common business objectives with IT required only to establish traffic priority. Knowledge of application profile enables automation of QoS configurations and bandwidth allocations.

      Link Steering and Remediation – On-demand, per-packet link steering is performed automatically based on the measured performance metric, intelligent application learning, the business priority of the application, and link cost. Delivers sub-second blackout and brownout protection to improve application availability. Remediates link degradation through forward error correction, activating jitter buffering and synthetic packet production.

      Application Performance Monitoring – VMware SD-WAN continuously computes a VMware SD-WAN Quality Score to assess the performance of critical voice, video, or data applications at any given time with the ability to alert IT staff. This analysis provides administrators a comprehensive before-and-after view into application behavior on individual links and the VMware SD-WAN enhancements.

Security Benefits

- IRS 1075 Compliant
- L2-L7 Stateful, context-aware (application, user, device)
- PCI certified
- Orchestrator hosted in FedRAMP authorized data center
- Segmentation - 64 segments
Built-in integration support for:
- Solarwinds
- Zscaler
- Splunk
- Symantec Web Security
- Fortinet
- Palo Alto
- Checkpoint

Included Security ServicesCloud Partner-Based SecurityOn Premise Security as a Virtual Network Function
Security FunctionsApplication Based Firewall,
End to End Network Segmentation
IPS, URL Filtering, Anti-bot,
Anti-malware, CASB
IPS, URL Filtering, Anti-bot,
Anti-malware, Anti-virus
Delivery ModeIncluded SaaS Partners
Prisma, Zscaler, Symantec, CloudGuard Connect
VNF Partners
PaloAlto, Check Point
Management PresentationSingle Pane of Glass for SD-WAN and Security
(VeloCloud Orchestrator)
Individual Panes of Glass for SD-WAN and Security
(Partner)
Individual Panes of Glass for SD-WAN and Security
(Partner)

Applications Approved for Access Via the Internet Using the CDT SD-WAN Service

The applications listed below have been approved by the CDT Office of Information Security (OIS) to be accessed via the Internet using the CDT SD-WAN Service.

  • O365
  • OneDrive
  • YouTube
  • Zoom
  • GoToMeeting
  • SharePoint
  • MS Teams
  • Webex
  • BaseCamp
  • Salesforce
  • BlueJeans
  • Concur

SD-WAN Customers may submit requests to add applications to this list. Requests will be reviewed and responded to by CDT OIS.

CDT SD-WAN provides a transport-independent secure overlay, enabling the use of broadband Internet with or without traditional MPLS, a cloud network for access to both enterprise and cloud applications, and a business-driven orchestration layer for automation and virtual services insertion.

CDT SD-WAN Architecture (PDF)

The SD-WAN Portfolio (PDF) depicts the major components of the CDT SD-WAN topology. The VeloCloud Edge devices are located at branch offices, Headquarters, and Data Centers. The VeloCloud Gateways are typically located close to compute resources. The VeloCloud Orchestrator is a SaaS implementation. SD-WAN provides access to Cloud Service Providers and is transport agnostic.

StageCDTCustomerQOS
PlanningSchedule design meetings to determine customer requirements and appropriate solutions, include QOS if needed.
Assist with intake document completion.
Provide high-Level design.
Provide cost estimates.
Provide requirements and as much information as possible on the intake document.
Participate in design meetings and provide the level of support needed by CDT.
Participate in the design meetings and provide input regarding design requirements based on best practices.
Answer any questions related to edge devices.
ProvisioningParticipate in the design meetings and provide input regarding design requirements based on best practices.
Answer any questions related to edge devices.
Be available for building access, test, and turn-up.
Make any necessary LAN changes required for successful installation and assist with troubleshooting.
Review configuration if needed, be available during test and turn-up, and assist with troubleshooting.
Support24 x 7 x 365 CDT Service Desk support for network connectivity.
Collaborate with customer and vendor partners for circuit/hardware troubleshooting and resolution.
Plan and augment network changes as needed with CDT.Monitor Edge devices.
Collaborate with CDT for troubleshooting and resolution.

The rate schedule represents standard CDT services.

Service DescriptionService IdentifierProduct NameUnit of MeasurementRateService CodeNotes
Broadband ConnectionSDWANNetwork ServicesConnectionPass-through + 1.59% CDT Processing FeeU198* - Service requires internet access through Broadband Connection (U198) or Dedicated Internet Service (U798).
SD WAN DeviceSDWANNetwork ServicesDevicePass-through Cost + 4.81%U498
SD WAN Gateway and Connectivity to CGEN InfrastructureSDWANNetwork ServicesPer Mbps$13.00U502
Business Wifi AccessSDWANNetwork ServicesConnectionPass-through + 1.59% CDT Processing FeeU504
Business Wifi EquipmentSDWANNetwork ServicesConnectionPass-through + 1.59% CDT Processing FeeU505
Business Wifi AdjustmentSDWANNetwork ServicesOne-Time/Per AdjustmentVariableU506
Business Wifi One-Time Vendor FeeSDWANNetwork ServicesOne-TimePass-through + 1.59% CDT Processing FeeU512
Professional ServicesSDWANNetwork ServicesHourlyPass-through Cost + 4.81%U520
Dedicated Internet ServiceSDWANNetwork ServicesConnectionPass-through + 1.59% CDT Processing FeeU798* - Service requires internet access through Broadband Connection (U198) or Dedicated Internet Service (U798).

Subscriptions to this service are available. 

Customer onboarding to SD-WAN is a two-step process that begins with the Customer submitting a Case/Request for a Design and Cost Estimate for WAN Connection/SDWAN.

Service Request NameLink
SD-WAN Service Onboarding
Step 1 - Request a New Network Design and Cost Estimate for SD-WAN
  • The Customer contacts their Account Lead if needed.
  • The Customer submits a Case/Request for a New Network Design and Cost Estimate for SD-WAN and completes the SD-WAN intake document to the best of their knowledge.
  • A requirements gathering/design meeting will be scheduled and coordinated by CDT.
  • Additional meetings may be scheduled until all information has been gathered and validated.
  • Based on the requirements meeting(s), CDT attaches a Cost Estimate, a completed SD-WAN Intake Form, and HLD to the Case/Request.
  • The Case/Request will then be closed.
Order New Network Design and Cost Estimate
SD-WAN Service Onboarding
Step 2 - Request to implement SD-WAN
  • The Customer contacts their Account Lead if needed.
  • The Customer submits a Case/Request for SDWAN implementation and must attach the following provided to them in Step 1: Cost Estimate, SD-WAN Intake Form and HLD.
  • A follow-up design meeting may be coordinated by CDT, depending on the complexity of the design or for clarification.
  • When all documents are completed and validated, the CDT fulfillment teams will coordinate with the Customer and QOS to schedule and implement the design, test connectivity, and turn-up the remote site.
  • The Case/Request will then be closed.
Order SD-WAN Implementation

If you have questions or need further clarification, please contact your CDT Account Lead by using the Account Lead Directory, or call Customer Engagement at (916) 431-5390.

Can we establish a connection to a data center over the Broadband link?

Yes, you can utilize the broadband internet connection to access data center resources.

Can we use a Broadband circuit as a backup link for an MPLS connection to connect to the data center?

Yes, a Broadband circuit can be used as a backup link for an MPLS connection using the SD-WAN overlay.

Can we deploy VeloCloud in High Availability (HA) mode?

Yes, VeloCloud Edge supports High Availability (HA) mode.

Can we manage our own devices?

Yes, many elements of the SD-WAN edge device may be managed by the customer.

Can we migrate completely from MPLS to SD-WAN Broadband?

Yes, data traffic can be migrated to Broadband. The current CALNET contract requires voice traffic to be transported on MPLS circuits only, to meet contractual SLAs.

Can we use Broadband as a backup path for voice traffic if the MPLS connection fails?

Yes, voice traffic can be routed to a Broadband link, but only if the primary MPLS connection fails. When the MPLS connection is restored, voice traffic must be routed back to the MPLS connection.

Service OptionFulfillment Timeframe SLONotes/Dependencies
Network Cost Estimate for FRS, FRS-E, DC-to-DC, CPI, & SD-WAN95% within 30 calendar daysNetwork Cost Estimate fulfillment timeframe is for the delivery of initial cost estimate and/or high-level network design for a single Telco vendor at one service/site location

Based on complexity of customer department’s network design requirements
    Dependencies:
    • Telco vendor response time – applies to SD-WAN and FRS-E only
    • No quote/services are needed from local exchange carrier
    • Customer availability to attend design meetings with the appropriate technical staff
    • Customer submission of accurate information/documentation

Process includes:
  • Customer Initiates Request - Customer submits request, completes questionnaire (Avg – 3 days)
  • CDT Network Review – Network Support review/approve, gather additional information, and conduct internal meetings with Network Engineering as needed (Avg – 5 days)
  • Customer and CDT Network Meeting – Network design and technical requirements meeting with customer and preparation of high-level network design/topology (Avg – 10 days)
  • Vendor Quote Submission – CDT submit and receive telco quotes from selected vendor (applies to SD-WAN and FRS-E only) (Avg – 10 days)
  • CDT Delivery and Customer Accepts – Network provide cost estimate and/or high-level network design to customer and customer accepts (Avg – 2 days)
ADD SD-WAN95% within 135 calendar daysDependencies/Assumptions (applies to all add, change, move, and upgrade SD-WAN requests)
  • Availability and delivery of telco and SD-WAN equipment
  • No work/services needed from local exchange carrier
  • No Individual Price Reduction (IPR) approval needed
  • Site readiness
    • Access/Signed lease to building
    • Viable infrastructure/cabling (copper and/or fiber) ready to accept service
    • No special permits/inspection and/or other vendor pricing needed

  • Customer submission of accurate information and documentation (Cost Estimate and High-Level Network Design attached to the case)
  • Installation timeframe is for only one service/site location

Process includes:
  • Customer Initiates Request – 1 Day
    • Customer submits request with attached approved network design/cost estimate and completed customer sections of the SD-WAN Intake Form

  • CDT Network Review & Submission to Telco and SD-WAN Vendor - 10 Days
    • Network Provisioning Submits Form 20 to Telco Vendor– Network Provisioning reviews, requests additional information, and conducts internal meetings with Network Engineering (as needed); once finalized, Network Provisioning will submit Form 20 to vendor to order service
    • Network Provisioning Issues Work Authorization (WA) to SD-WAN Vendor – WA authorizes vendor to order the equipment and schedule installation of SD-WAN equipment

  • Telco and SD-WAN Vendor (Circuit and Equipment Installation/Configuration) – 94 Days
    • Telco Vendor
      • Receives and reviews request
      • Schedules site survey to determine site readiness/viable infrastructure to deliver requested circuit
      • Schedules circuit delivery (installation & configuration)
      • Schedules secondary site survey to test completion of circuit installation (if needed)
      • Vendor notifies CDT and customer of successful circuit installation

    • SD-WAN Vendor
      • SD-WAN vendor receives, and reviews work authorization
      • SD-WAN vendor delivers equipment to customer site/location
      • CDT Network confirms customer receipt of SD-WAN equipment
      • SD-WAN vendor coordinates installation with CDT & customer at site/location (includes rack & stack, WAN connectivity verification)

  • LAN Activation – 15 Days
    • CDT Network Provisioning coordinates and schedules LAN turn up on the CDT router calendar with all parties (may include customer, telcos, CDT network, and SD-WAN equipment vendor)
    • CDT Network Engineering performs LAN activation and tests to confirm connectivity, circuit stability, speed, and CDT monitoring tools can reach the network equipment

  • CDT Create NSDM Record & Network Billing Profile – 10 Days
    • Customer’s network connection/record is documented in NSDM network database to initiate billing
    • Note: Circuit billing is initiated upon successful WAN activation and SD-WAN equipment billing is initiated upon successful LAN activation

  • CDT Delivery and Customer Accepts – 5 Days
    • Network informs customer of completion and customer accepts ServiceNow resolution
    • Note: Date of LAN activation and customer acceptance is the billing start date
MOVE, CHANGE, UPGRADE
SD-WAN
95% within 90 calendar daysProcess includes:
  • Customer Initiates Request – 1 Day
    • Customer submits request with attached approved network design/cost estimate and completed customer sections of the SD-WAN Intake Form

  • CDT Network Review & Submission to Telco and SD-WAN Vendor - 10 Days
    • Network Provisioning Submits Form 20 to Telco Vendor– Network Provisioning reviews, requests additional information, and conducts internal meetings with Network Engineering (as needed); once finalized, Network Provisioning will submit Form 20 to vendor to modify service
    • Network Provisioning Issues Work Authorization (WA) to Equipment Vendor – WA authorizes vendor to order the equipment and schedule installation (if needed)

  • Telco and SD-WAN Vendor (Circuit and Equipment Installation/Configuration) – 49 Days
    • Telco Vendor
      • Receives and reviews request
      • Schedules circuit change (installation & configuration)
      • Schedules secondary site survey to test completion of circuit change (if needed)
      • Vendor notifies CDT and customer of successful circuit change

    • SD-WAN Vendor
      • SD-WAN vendor receives, and reviews work authorization
      • SD-WAN vendor delivers new equipment to customer site/location (if needed)
      • CDT Network confirms customer receipt of new SD-WAN equipment (if needed)
      • SD-WAN vendor coordinates installation with CDT & customer at site/location (if needed)

  • LAN Activation/Change – 15 Days
    • CDT Network Provisioning coordinates and schedules LAN activation/change on the CDT router calendar with all parties (may include customer, telcos, CDT network, and SD-WAN equipment vendor)
    • CDT Network Engineering performs LAN activation/change and tests to confirm connectivity, circuit stability, speed, and CDT monitoring tools can reach the network equipment

  • CDT Create NSDM Record & Network Billing Profile – 10 Days
    • Customer’s network connection is updated in NSDM network database to initiate billing
    • Note: Circuit billing is initiated upon successful WAN activation/change and SD-WAN equipment billing is initiated upon successful LAN activation/change

  • CDT Delivery and Customer Accepts – 5 Days
    • Network informs customer of completion and customer accepts ServiceNow resolution
    • Note: Date of LAN activation/change and customer acceptance is the billing start date
DELETE SD-WAN95% within 31 calendar days
(Remove from monthly billing invoice)





95% within 120 calendar days
(Network equipment pickup/removal from customer site)

Process includes:
  • Customer Initiates Request – 1 Day
    • Customer submits decommission request

  • CDT Network Review & Submission to Telco and SD-WAN Vendor - 5 Days
    • Network Provisioning submits Form 20 to telco vendor to disconnect circuit and contacts SD-WAN vendor to coordinate cancellation and return of SD-WAN equipment

  • Telco and SD-WAN Vendor (Circuit and Equipment Decommission) – 84 Days
    • Telco Vendor receives, reviews, and processes circuit decommission request
    • SD-WAN equipment vendor sends information to customer for return of SD-WAN equipment

  • LAN & Circuit Decommission – 15 Days
    • CDT Network Provisioning coordinates and schedules circuit decommission on router calendar
    • CDT Network Engineering removes circuit and router details from CDT monitoring tools

  • CDT Update NSDM Record & Billing – 10 Days
    • Customer’s network connection is updated in NSDM network database to stop billing
    • Note: SD-WAN service billing is discontinued 5 days after the Form 20 submission

  • CDT /Vendor confirmation and Customer Accepts – 5 Days**
    • Network informs customer of completion and customer accepts ServiceNow resolution
    • **Note: Not counted in total fulfillment timeframe as customer billing is already stopped when NSDM record is removed