A: With Multapplied SD-WAN software, you do NOT create VPNs for voice or other high priority traffic and there is no need to create a VPN for voice. Our Quality of Service (QoS) profile allows you to define and manage high priority data to be placed in a priority queue or ‘Class of Service”.
A: With MNI SD-WAN, these IPsec tunnels and the “support” needed to maintain and manage them are a thing of the past.
All configurations are created on the Management Server and pushed out to the hardware, CPE devices at the sites or branch’s and the Aggregation Servers in the SD-WAN DC. You create a “Space” for the Private WAN in three clicks plus type in the Name and a Key. Then you simply add site profiles to the space. Building the site profile takes about four minutes and consists of four mouse clicks and the typing of the site name into a field and then a final save click of the mouse, then add the circuit details that will be used at the site and you are done. The system builds all the routing groups and tunnel configurations for you and it does not make mistakes so there is no troubleshooting. Adding a new site is as easy as building the new site profile. Then you need to get the hardware ready by keying in the generated node key to the CPE and it is ready to deploy at the site. No need to touch all the other sites’ hardware to update routes or troubleshoot for possible errors, it just works.
A: MNI SD-WAN feature called Private WAN (PWAN) allows you to create a private virtual MPLS-like environment to securely connect all your sites. Choose from AES 128 or AES 256 encryption ciphers to keep your data private. This coupled with our proprietary tunnel technology that moves your data by the packet over multiple circuits, adds yet another layer of security to your data.
A: This depends on if whether you have a single site or a multiple sites. Firewalls can be localized at each site between the LAN and the SD-WAN CPE or virtualized onto the CPE.
If you have a multiple site Private Wide Area Network deployed, the firewall can be in the data center and secure traffic at the WAN edge before traffic enters the WAN.
As a Multapplied Partner running and managing your Multapplied SD-WAN, you have the choice as to how to deploy Security and UTM services for your customers and whether to standardize on a single vendor or support multiple Security platforms.
A: Yes. Multapplied is fully white label so you’re able to license, manage, and control your own SD-WAN product under your brand name.
A: A key part of our product is a centralized configuration server. You will manage your customer base via the Management Server. Your Technicians use this web-based application on this Management Server to manage, monitor, and report on each CPE.
A: You will need hardware or a virtual environment for a Management Server plus at hardware for at least two Aggregation Servers (the SD-WAN core nodes) and IP Addresses.
Aggregation Servers: A minimum of two is needed to provide High Availability (HA) in each Data Center. You’ll also need to provision sufficient Bandwidth in each DC so the Aggregators can support traffic from your customer base.
Management Server: The Management Server controls the configurations of the core node Aggregation Servers and the Edge CPE/Bonders at each site. The Management Server is not in the data path. It is recommended to locate the Management Server in a separate DC or Cloud environment from your Aggregation Servers.
IP Addresses: You’ll also need a /30 IP address for each customer. Note that a customer can have 1 or 5000 sites and it will still be sufficient to provision a single public /30 IP address per customer.
A: You’ll use the web interface/GUI of the Management Server to set up and configure the new customer plus their sites, service options, Internet connection info, and bonded IP address. The Management Server will assign an API key to their CPE. After you boot the CPE on the provisioning network and provide the API key when requested, the configuration is downloaded to the CPE. The whole process takes less than 20 minutes, most of which is the CPE configuring its operating system automatically. Some of our partners use API to automate this process.
A: No, if you resell DSL lines from a provider that forwards PPP authentication requests to your own Radius server. Our application integrates with the open-source FreeRadius server to completely manage PPP credentials for you. We will build API based integrations to other ISP operations systems as required.
A: Build the profile, image with the ISO or install on a base Debian 10 (today) OS install. This can take as little as 10 minutes, excluding operating system install time.
A: Yes. Aggregation Servers can be configured to automatically build a Managed Mesh between each other. Bonds are assigned a primary and secondary Agg and failover is then inherently set up. We recommend a minimum of Two Aggregators to start and add additional Aggregators as demand or geographic coverage increases to build the infrastructure for support of your customer base. Multiple core Aggregators can be easily deployed in multiple data centers to locate them close to your customer concentrations, increasing performance. By the way – remember that you can deploy unlimited core nodes and our licensing model makes that easy and cost-effective (they’re free).
A: Best practice here for HA Management Server is to spin up the Mgt Server in a virtualized cloud environment. In this manner, if the Management Server fails it simply reboots in a new instance and all is good. Customer CPE devices and Agg’s can live without a Management Server as long as they do not need to switch from primary Agg or CPE to secondary.
A: Yes, HA CPE is a standard configuration for many customer deployments and this is fully documented on the Management Server under the Documentation Section.
A: As long as you have two or more circuits connected and configured for the site and at least one of these circuits remains active, no, your customer will not even know a circuit failed. The only indication is a reduction in overall bandwidth the customer has available. Even when using a circuit in fail over mode, the customer will not experience anything more than a lost syllable or small audio anomaly in voice. Data transactions will not be affected at all in this instances.
A: There is no known limit to the number of circuits that can be used. Of course hardware must support the number of circuits you plan to use. We know of a deployment using over 20 circuits to achieve the bandwidth requirements for the end customer.
A: No, you do not need to use circuits from a single provider. In fact, we recommend diverse carrier circuits be used to provide better uptime for your customer.
The circuits do not have to be the same speed but there are reasonable limits. For instance, using a 100Mb and 10Mb circuit on the same CPE at the same time is not a good idea. Using the 100Mb as a primary and the 10Mb as a failover however is perfectly acceptable.