SD-WAN enables enterprises to securely support application growth, network agility, and simplified branch implementations while delivering high-performance, reliable branch access to cloud services, private data centers, and SaaS-based enterprise applications. The CDT SD-WAN is built on software-defined networking principles to address end-to-end automation, application continuity, branch transformation, and security from the data center and cloud to the edge.
- Enables direct cloud access
- Lower WAN operating and capital outlay expenses
- Greater business agility and responsiveness
- Robust edge to edge security and micro-segmentation
- Cost-effective solution for ensuring high availability at branch sites
- Rapid provisioning
- Transport independence vendor-agnostic (i.e. MPLS, broadband, LTE, etc.)
- Management simplicity and flexibility
- Improves performance using dynamic multipath optimization protocol
- Built-in encryption
- Single edge device can support multiple virtual functions
- Easy integration with an existing network via routing protocols
- Facilitates redundancy and high availability at the edge
Transport Independent
- Customer in coordination with CDT and CALNET can choose any combination of transport for each field office
- Vendor redundancy
- Increased availability
- CDT direct peering to Cloud Service Providers (CSP) will provide the best network path and low latency
Single Orchestration for WAN Configuration in One Place
- Cloud deployed and accessible
- Resilient
Ease of Configuration
- Customer able to configure some features on their devices
- Profile-centric configuration
- Optimize administration
Virtualization
-
- Virtual WAN between sites and Cloud communications
- Able to maintain logical network design and security
- Application-based policy and offload
- Dynamic multi-path optimization
Technology Can be Deployed Anywhere
-
- reachability to VeloCloud Orchestrator and VeloCloud Gateway is required
24/7 Service Desk
-
- Single point of contact for problem escalation and resolution
Proactive monitoring and auto-notification
Performance
-
-
CDT has engineered an SDWAN service offering that leverages the benefits of the VeloCloud SDWAN product as well as the low-latency infrastructure of CDT’s Equinix presence to bring the highest level of network connectivity performance for any compute destination.
Dynamic Path Selection – VMware SD-WAN “Dynamic Multipath Optimization” comprises deep application recognition, automatic link monitoring, auto-detection of provider, and auto-configuration of link characteristics; routing and Quality of Service (QoS) settings.
Smart QoS – Granular classification of 2,500+ applications enables smart control. Out-of-the-box defaults set the QoS policies for common business objectives with IT required only to establish traffic priority. Knowledge of application profile enables automation of QoS configurations and bandwidth allocations.
Link Steering and Remediation – On-demand, per-packet link steering is performed automatically based on the measured performance metric, intelligent application learning, the business priority of the application, and link cost. Delivers sub-second blackout and brownout protection to improve application availability. Remediates link degradation through forward error correction, activating jitter buffering and synthetic packet production.
Application Performance Monitoring – VMware SD-WAN continuously computes a VMware SD-WAN Quality Score to assess the performance of critical voice, video, or data applications at any given time with the ability to alert IT staff. This analysis provides administrators a comprehensive before-and-after view into application behavior on individual links and the VMware SD-WAN enhancements.
-
Security Benefits
- IRS 1075 Compliant
- L2-L7 Stateful, context-aware (application, user, device)
- PCI certified
- Orchestrator hosted in FedRAMP authorized data center
- Segmentation - 64 segmentsBuilt-in integration support for:
- Solarwinds
- Zscaler
- Splunk
- Symantec Web Security
- Fortinet
- Palo Alto
- Checkpoint
Included Security Services Cloud Partner-Based Security On Premise Security as a Virtual Network Function
Security Functions Application Based Firewall,
End to End Network SegmentationIPS, URL Filtering, Anti-bot,
Anti-malware, CASBIPS, URL Filtering, Anti-bot,
Anti-malware, Anti-virus
Delivery Mode Included SaaS Partners
Prisma, Zscaler, Symantec, CloudGuard ConnectVNF Partners
PaloAlto, Check Point
Management Presentation Single Pane of Glass for SD-WAN and Security
(VeloCloud Orchestrator)
Individual Panes of Glass for SD-WAN and Security
(Partner)Individual Panes of Glass for SD-WAN and Security
(Partner)
Applications Approved for Access Via the Internet Using the CDT SD-WAN Service
The applications listed below have been approved by the CDT Office of Information Security (OIS) to be accessed via the Internet using the CDT SD-WAN Service.
- O365
- OneDrive
- YouTube
- Zoom
- GoToMeeting
- SharePoint
- MS Teams
- Webex
- BaseCamp
- Salesforce
- BlueJeans
- Concur
SD-WAN Customers may submit requests to add applications to this list. Requests will be reviewed and responded to by CDT OIS.
CDT SD-WAN provides a transport-independent secure overlay, enabling the use of broadband Internet with or without traditional MPLS, a cloud network for access to both enterprise and cloud applications, and a business-driven orchestration layer for automation and virtual services insertion.
The SD-WAN Portfolio (PDF) depicts the major components of the CDT SD-WAN topology. The VeloCloud Edge devices are located at branch offices, Headquarters, and Data Centers. The VeloCloud Gateways are typically located close to compute resources. The VeloCloud Orchestrator is a SaaS implementation. SD-WAN provides access to Cloud Service Providers and is transport agnostic.
Stage CDT Customer QOS
Planning Schedule design meetings to determine customer requirements and appropriate solutions, include QOS if needed.
Assist with intake document completion.
Provide high-Level design.
Provide cost estimates.Provide requirements and as much information as possible on the intake document.
Participate in design meetings and provide the level of support needed by CDT.Participate in the design meetings and provide input regarding design requirements based on best practices.
Answer any questions related to edge devices.
Provisioning Participate in the design meetings and provide input regarding design requirements based on best practices.
Answer any questions related to edge devices.Be available for building access, test, and turn-up.
Make any necessary LAN changes required for successful installation and assist with troubleshooting.Review configuration if needed, be available during test and turn-up, and assist with troubleshooting.
Support 24 x 7 x 365 CDT Service Desk support for network connectivity.
Collaborate with customer and vendor partners for circuit/hardware troubleshooting and resolution.Plan and augment network changes as needed with CDT. Monitor Edge devices.
Collaborate with CDT for troubleshooting and resolution.
The rate schedule represents standard CDT services.
Service Description Service Identifier Product Name Unit of Measurement Rate Service Code Notes
Broadband Connection SDWAN Network Services Connection Pass-through + 1.59% CDT Processing Fee U198 * - Service requires internet access through Broadband Connection (U198) or Dedicated Internet Service (U798).
SD WAN Device SDWAN Network Services Device Pass-through Cost + 4.81% U498
SD WAN Gateway and Connectivity to CGEN Infrastructure SDWAN Network Services Per Mbps $13.00 U502
Business Wifi Access SDWAN Network Services Connection Pass-through + 1.59% CDT Processing Fee U504
Business Wifi Equipment SDWAN Network Services Connection Pass-through + 1.59% CDT Processing Fee U505
Business Wifi Adjustment SDWAN Network Services One-Time/Per Adjustment Variable U506
Business Wifi One-Time Vendor Fee SDWAN Network Services One-Time Pass-through + 1.59% CDT Processing Fee U512
Professional Services SDWAN Network Services Hourly Pass-through Cost + 4.81% U520
Dedicated Internet Service SDWAN Network Services Connection Pass-through + 1.59% CDT Processing Fee U798 * - Service requires internet access through Broadband Connection (U198) or Dedicated Internet Service (U798).
Subscriptions to this service are available.
Customer onboarding to SD-WAN is a two-step process that begins with the Customer submitting a Case/Request for a Design and Cost Estimate for WAN Connection/SDWAN.
Service Request Name Link
SD-WAN Service Onboarding
Step 1 - Request a New Network Design and Cost Estimate for SD-WAN
Order New Network Design and Cost Estimate
SD-WAN Service Onboarding
Step 2 - Request to implement SD-WAN
Order SD-WAN Implementation
If you have questions or need further clarification, please contact your CDT Account Lead by using the Account Lead Directory, or call Customer Engagement at (916) 431-5390.
Can we establish a connection to a data center over the Broadband link?
Yes, you can utilize the broadband internet connection to access data center resources.
Can we use a Broadband circuit as a backup link for an MPLS connection to connect to the data center?
Yes, a Broadband circuit can be used as a backup link for an MPLS connection using the SD-WAN overlay.
Can we deploy VeloCloud in High Availability (HA) mode?
Yes, VeloCloud Edge supports High Availability (HA) mode.
Can we manage our own devices?
Yes, many elements of the SD-WAN edge device may be managed by the customer.
Can we migrate completely from MPLS to SD-WAN Broadband?
Yes, data traffic can be migrated to Broadband. The current CALNET contract requires voice traffic to be transported on MPLS circuits only, to meet contractual SLAs.
Can we use Broadband as a backup path for voice traffic if the MPLS connection fails?
Yes, voice traffic can be routed to a Broadband link, but only if the primary MPLS connection fails. When the MPLS connection is restored, voice traffic must be routed back to the MPLS connection.
Service Option Fulfillment Timeframe SLO Notes/Dependencies
Network Cost Estimate for FRS, FRS-E, DC-to-DC, CPI, & SD-WAN 95% within 30 calendar days Network Cost Estimate fulfillment timeframe is for the delivery of initial cost estimate and/or high-level network design for a single Telco vendor at one service/site location
Based on complexity of customer department’s network design requirements
Dependencies:
Process includes:
ADD SD-WAN 95% within 135 calendar days Dependencies/Assumptions (applies to all add, change, move, and upgrade SD-WAN requests)
Process includes:
MOVE, CHANGE, UPGRADE
SD-WAN95% within 90 calendar days Process includes:
DELETE SD-WAN 95% within 31 calendar days
(Remove from monthly billing invoice)
95% within 120 calendar days
(Network equipment pickup/removal from customer site)
Process includes: