XAAS: Connectivity

XAAS: Security und Connectivity

CANCOM SD-WAN as a Service

Customized and with WAN from a single source

CANCOM SD-WAN aaS

Make your network costs more flexible: With CANCOM SD-WAN aaS, we assume overall responsibility for your company’s wide area network (WAN). In addition to the SD-WAN platform as an overlay, we also offer you all line connections in the WAN, the underlay, on request. You can select the access technologies exactly according to your needs on site – from xDSL or Ethernet to LTE. CANCOM SD-WAN aaS is the first choice if you rely on operating applications in the public cloud – or access SaaS applications via the network. Strict network separation due to IT security requirements and increasing the application experience with the help of KPI-based routing are further example scenarios.

CANCOM SD-WAN
Overlay

SD-WAN platform

The SD-WAN platform is based on proven Cisco technology. Its advantages include very good bandwidth flexibility and high availability. In addition, there is segmentation, application-based routing and support for local breakouts. Optional features include IPS / IDS / URL filtering and Advanced Malware Protection. Layer 7 policies as well as WAN and TCP optimization can also be selected. Further functionalities can be found in the various packages. The spectrum ranges from optimized routing for IaaS, SaaS or colocation to analytics and reporting to cloud security and sandbox.

Underlay

WAN Services by CANCOM

As a carrier-independent network provider with its own MPLS backbone, CANCOM has partnerships with all leading carriers. This enables us to provide you with worldwide WAN connections including all relevant access technologies, from xDSL and DarkFiber to Ethernet and SFV to radio-based solutions such as WLL, UMTS and LTE.

For Public Cloud users

Application Routing

For example, in hybrid cloud scenarios, CANCOM SD-WAN aaS convinces with routing at the application level: Data traffic with applications operated in the CANCOM data center or on-prem remains securely within the network. In contrast, local Internet traffic is routed directly and without detours to the Internet when CRM or another SaaS application from the cloud is used. It is also possible to route traffic for public cloud offerings such as Sharepoint online to a virtual SD-WAN router within the network – the focus is always on the most efficient route!

Strong partnerships

Your benefit in focus

In the first step, we analyze the existing WAN with you in a standardized assessment and define the specific requirements. During implementation, rollout and transition, we follow proven best practice procedures. After going live, we continue to support you as your partner throughout the entire lifecycle. For example, every year with the help of the Business Value Check or an Innovation Workshop – so that CANCOM SD-WAN aaS continues to perfectly meet your requirements in the future!

Your added value at a glance
Advantages with CANCOM SD-WAN as a Service
  • All active components are provided by CANCOM
  • Low investment costs thanks to CANCOM's upfront contribution
  • Remote operation on SLA basis
  • Use exactly as needed
  • Optional: overlay and underlay from a single source
  • All access technologies: from xDSL and DarkFiber via Ethernet to WLL, UMTS and LTE
  • Existing lines can be integrated
  • Flexibilization of IT investments (opex instead of capex)
                       
  • Application routing enables maximum efficiency
  • Monthly full service price
  • Service Management

Our procedure model

This is how we implement CANCOM SD-WAN aaS for you

01. Assessment
  • Evaluation workshop
  • Pre-assessment
  • Strategy & roadmap
  • High-level design
02. Proof of Concept
  • Standardized deployment of a PoC environment
  • Fixed procedure with test scenarios from 5 selectable use cases
03. Planning & implementation
  • Low-level design
  • Migration & rollout concept
  • Project management
  • Transition to final operation
04. Change, adopt & lifecylce mgmt.
  • Durable analytics & reporting
  • Business value check’s
  • Innovation workshops

Proof of Concept

Choose from our use case-based, standardized test setups

By performing a proof of concept, we test the technical and organizational feasibility of the concept created and the technologies envisaged. This ensures that the expected benefits can actually be realized at a later date. We also minimize the risk of wrong decisions and gain additional planning security. We ensure the standardized deployment of a PoC environment in which all scenarios are tested with real parameters.

Choose from 5 selectable use cases for your test scenario:
  • 1. Flexible topology set-up & multi-segmentation

Advantages

  • Strict separation of network areas (production, development or guest networks) by mapping virtual networks (VPN overlay) on physical WAN infrastructure
  • Each VPN overlay can be assigned to its own topology depending on the communication requirements (e.g. production network full mesh topology as well as guest network hub-and-spoke topology).
  • Strict separation of VPN overlay and transport layer allows flexible use of a wide range of WAN technologies (MPLS, Internet, LTE)
  • Highest security through use of strong WAN encryption technologies

Services

  • Definition and mapping of desired topology for respective VPN overlay (max. 3 VPN overlays)
  • Configuration of respective LAN interfaces for each VPN overlay (static or dynamic)

Requirements (provided by the customer)

  • Provide separate LAN handover point for each VPN overlay & define application tests.
  • 2. Optimization of SaaS applications

Advantages

  • Optimization of access to SaaS applications directly from customer locations
  • Automatic selection of the best available WAN route
  • Permanent monitoring through probing
  • Support for a variety of different SaaS applications (Microsoft 365, Salesforce, Amazon, etc.)
  • SaaS Performance Overview in the SD-WAN Dashboard

Services

  • Definition of up to 5 SaaS applications
  • Customization of SD-WAN configurations for on-premises SaaS breakout
  • Setup of probing procedure on different WAN interfaces (MPLS, Internet or LTE) &. Setup of SD-WAN dashboard for central performance overview

Requirements (provided by the customer)

  • Customer defines SaaS application testing
  • 3. Connection of existing IaaS environments

Advantages

  • Connection of SD-WAN infrastructure to customer's public cloud environment at AWS or Azure
  • VPN overlay networks can be stretched into the cloud environment
  • Performance overview in the SD-WAN dashboard

Services

  • Connection to customer's IaaS infrastructure at AWS or Azure (via VPC gateway for AWS or VNET gateway for Azure)
  • Definition of required configurations for virtual SD-WAN appliances, installation and connection
  • Setup SD-WAN dashboard for central performance overview

Requirements (provided by the customer)

  • Existing AWS or Azure subscription
    • Provision of IAM role or access token for CANCOM in own cloud environment
    • (Consumption) costs for AWS/Azure for the duration of the PoC (for virtual SD-WAN components)
  • Definition application tests
  • 4. Direct Internet access at the site

Advantages

  • Internet traffic can break out directly at the respective location
  • Relieving the load on central Internet access points
  • Protection of Internet access through comprehensive security mechanisms (DNS Security, Proxy with SSL Interception, Advanced Malware Protection, Cloud Firewall for Non-Web Traffic)
  • Integration in CANCOM Cloud Security aaS solution (based on Cisco Secure Cloud Edge)

Services

  • Configuration of required IPSec connections between SD-WAN appliances and Sec. cloud edge environment
  • Definition of appropriate traffic policies & setup of a basic cloud edge security rule set
  • Monitoring of tunnel connections on SD-WAN controller
  • Access to Secure Cloud Edge Dashboard

Requirements (provided by the customer)

  • Provision of existing WAN connection
  • 5. Application Optimization

Advantages

  • Optimization of access to applications directly from customer locations
  • Automatic selection of the best available or preferred WAN route
  • Permanent monitoring of the application

Services

  • Definition of applications based on IP address/FQDN, ports and L4 protocol or selection of predefined applications and definition of measurement parameters based on loss, latency and jitter
  • Setting up application monitoring on different WAN interfaces (MPLS, Internet or LTE)
  • Customization of SD-WAN configurations for application optimization

Requirements (provided by the customer)

  • Definition of applications
Our partners within SD-WAN as a Service
i_kontakt

Contact

Talk to us about your project!

Contact us! Our experts will contact you quickly and will assist you.