WIXLIB

ENTERPRISEUnityEdgeConnectSD-WANSolutionAs cloud-based application adoption continues to accelerate,geographically distributed enterprises increasingly viewthe wide area network (WAN) as critical to connecting usersto applications.As enterprise applications migrate from thecorporate data center to the cloud, private lineconnections such as multi-protocol label switching(MPLS) have proven to be overly rigid and expensive.With greater reliance on the Internet, the opportunity to achieve “cloud speed” is better served byintegrating broadband services into the WANtransport mix.Silver Peak Unity EdgeConnect SD-WAN solutionsenable enterprises to dramatically reduce the costand complexity of building a WAN by leveragingbroadband to connect users to applications. Byempowering customers to use broadbandconnections to augment or replace their currentMPLS networks, Silver Peak improves customerresponsiveness, increases application performance,and significantly reduces capital and operationalexpenses by up to 90%.Silver Peak Data SheetUnity EdgeConnect SolutionThree components comprise the Unity EdgeConnectSD-WAN solution: Unity EdgeConnect physical or virtualappliances (supporting any common hypervisor)deployed in branch offices to create a secure,virtual network overlay. This enables customers to move to a broadband WAN at their ownpace, whether site-by-site, or via a hybrid WANapproach that leverages MPLS and broadbandinternet connectivity. Unity Orchestrator, included with the EdgeConnect solution, provides unprecedented levels ofvisibility into both legacy and cloud applicationsand the unique ability to centrally assign policiesbased on business intent to secure and control01

all WAN traffic. Policy automation speedsand simplifies the deployment of multiplebranch offices. Unity Boost is an optional performancepack that service chains WAN optimizationto the EdgeConnect SD-WAN solution.Boost allows companies to accelerateperformance of latency-sensitive applications and minimize transmission ofrepetitive data across the WAN in a single,fully integrated SD-WAN solution.Figure 1: EdgeConnect XS shown here. Also available as a virtual appliance.EdgeConnect Key Features 02Zero-Touch Provisioning: A plug-and-playdeployment model enables Unity EdgeConnectto be deployed at a branch office in seconds,automatically connecting with other Silver Peakinstances in the data center, other branches, or incloud Infrastructure as a Service (IaaS) such asAmazon Web Services, Microsoft Azure andVMware’s vCloud Air.Tunnel Bonding: Configured from two or morephysical WAN transport services, bonded tunnelsform a single logical overlay connection,aggregating the performance of all underlyinglinks. If a link fails, the remaining transport linkscontinue to carry all traffic avoiding applicationinterruption.Virtual WAN Overlays: The EdgeConnectSD-WAN solution is built upon an applicationspecific virtual WAN overlay model. Multiple overlaysmay be defined to abstract the underlying physicaltransport services from the virtual over-lays, eachsupporting different QoS, transport, and failovercharacteristics. Applications are mapped todifferent overlays based upon business intent.Virtual WAN overlays may also be deployed toextend micro-segmentation of specific applicationtraffic from the data center across the WAN to helpmaintain security compliance mandates.Dynamic Path Control (DPC): Real-time trafficsteering is applied over any broadband or MPLSlink based on company- defined policies basedupon business intent. In the event of an outageor brownout, DPC automatically switches-over toa secondary connection. WAN Hardening: Each WAN overlay is securededge-to- edge via 256-bit AES encrypted tunnels.No unauthorized outside traffic can enter thebranch. With the option to deploy EdgeCon-nectdirectly onto the Internet, WAN hardening securesbranch offices without the appliance sprawl andoperating costs of deploying and managingdedicated firewalls.Path Conditioning: Provides private-line-likeperformance over the public Internet. Includestechniques to overcome the adverse effects ofdropped and out-of-order packets that arecommon with broadband Internet and MPLSconnections to improve application performance.First-packet iQ Application Classification:EdgeConnect First-packet iQ applicationclassification identifies applications on the firstpacket to deliver trusted SaaS and web trafficdirectly to the Internet while directing unknown orsuspicious traffic to the data center firewall or IDS/IPS. Identifying applications on the first packet isespecially important when branches are deployedbehind Network Address Translation (NAT); thecorrect path must be selected based on the firstpacket to avoid session interruption.Internet Breakout: Granular, intelligent trafficsteering enabled by First-packet iQ eliminates theinefficiency of back hauling all HTTP/HTTPS trafficto the data center. Alternatively, trusted SaaS andweb traffic may be sent directly from the branch tothe Internet delivering the highest performance.Unknown or untrusted web traffic can be directedto more advanced corporate or web-basedsecurity services.Silver Peak Data Sheet

Stateful Firewall: An extension of WAN harden- Bandwidth Cost Savings Reports: Documents Routing: EdgeConnect supports standard LayerOrchestrator Enables FasterSD-WAN Deploymentsing, stateful firewall integrated with Edge Connect ensures no unauthorized outside traffic canenter the branch, but branch-initiated sessionsare allowed enabling secure Internet Breakout.2 and Layer 3 open networking protocols suchas VLAN (802.1Q), LAG (802.3ad), IPv4 and IPv6forwarding, GRE, IPsec, VRRP, WCCP, PBR, BGP(version 4). Cloud Intelligence: Real-time updates on thebest performing path to reach hundreds ofSoftware-as-a-Service (SaaS) applications,ensuring users connect to those applicationsin the fastest, most intelligent way available.the cost savings for moving to broadband connectivity.Unity Orchestrator, included with Unity EdgeConnect,enables zero-touch provisioning of EdgeConnect appliances in the branch. Orchestrator automates theassignment of business intent policies to ensurefaster and easier connectivity across multiplebranches, eliminating the configuration drift thatcan come from manually updating rules and accesscontrol lists (ACLs) on a site-by-site basis. UnityOrchestrator enables customers to: Avoid WAN reconfigurations by delivering applications to users in customized virtual overlays. Align application delivery to business goalsthrough virtual WAN overlays based onbusiness intent. Simplify branch deployments with EdgeConnectProfiles that describe the virtual and physicalconfiguration of the location.Figure 2: Orchestrator enables the automated distribution of businessintent policies to multiple branch offices.Orchestrator Key Features Single Screen Administration: Enables quickand easy implementation of network-wide business intent policies, which eliminates complexand error-prone policy changes at every branch. Real-Time Monitoring and Historical Report-ing: Provides specific details into application,location, and network statistics, including continuous performance monitoring of loss, latency,and packet ordering for allow network paths.All HTTP and native application traffic areidentified by name and location, and alarmsand alerts allow for faster resolution of serviceprovider issues.Silver Peak Data SheetFigure 3: Orchestrator enables centralized and automatedoverlay management.In addition to centralized and automated controlof the entire SD-WAN topology (Figure 3), UnityOrchestrator provides specific detail into WANperformance, including: Detailed reporting on application, location, andnetwork statistics.03

Continuous performance monitoring of throughput, loss, latency, jitter and packet ordering forall network paths. Identification of all application traffic by nameand location. Alarms and alerts allow for faster resolution ofservice provider issues. Bandwidth cost savings report for documentingthe cost savings of moving to broadband.Gain Control over the CloudGain an accurate picture of how Infrastructure-as-a-Service (IaaS) and Software-as-a-Service(SaaS) and are being used within your organization. Name-based identification and reporting of allcloud applications.Why Add Boost?Silver Peak Unity EdgeConnect appliances aloneprovide enhanced application performance forbroadband or hybrid WAN deployments, utilizing theincluded Dynamic Path Control (DPC) for real-timetraffic steering over multiple WAN links, and PathConditioning for overcoming the adverse effects ofdropped and out-of-order packets that are commonwith Internet connections.However, sometimes additional performance isneeded for specific applications or locations. Asdistance between locations increases over the WAN,application performance degrades.This has less to do with the available bandwidth, andis more about the time it takes to send and receivedata packets over distance, and the number of timesdata must be re-sent.Boost Use Case Examples Tracking of SaaS provider network traffic. Cloud Intelligence provides Internet mapping of Customers replicating to a disaster recovery (DR)Boost Application Performanceas Needed Enterprises with remote sites located in ruraloptimal egress to SaaS services.Unity Boost is an optional performance pack thatincludes: Latency Mitigation: TCP and other protocolacceleration techniques are applied to all traffic,minimizing the effects of latency on applicationperformance and significantly improvingapplication response times across the WAN. Data Reduction: Data compression anddeduplication eliminates the repetitivetransmission of duplicate data. Silver Peaksoftware inspects WAN traffic at the byte-leveland stores content in local data stores.Advanced finger- printing techniques recognizerepetitive patterns for local delivery. Data Reduction can be applied to all IP-basedprotocols, including TCP and UDP.04site thousands-of-miles away might want to addBoost to ensure recovery point objectives (RPOs)are not compromised.areas, or with sites that are exceptionally fartheraway from the company’s data center, mightwant to add Unity Boost to overcome the effectsof high latency.With Unity Boost, customers gain the flexibility toenable enhanced WAN optimization capabilitieswhere and when it is needed in a fully integratedsolution. Boost is licensedper-megabit-per-second, per-month, so customersdo not have to pay for WAN optimization across theentire network.Overcome Effects of LatencyThe time it takes for information to go from sender toreceiver and back is referred to as network latency.Since the speed of light is constant, WAN latency isdirectly proportional to the distance traveled between the two network endpoints. Silver Peak offersSilver Peak Data Sheet