SD-WANfrom NTT Communications

SERVICE DESCRIPTION

www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing

Copyright © 2017 NTT Communications Security: External Use 1

1 NTT SD-WAN Service Portfolio NTT Communications, (NTT Com’s), SD-WAN service offers a new approach for deploying enterprise

grade Wide Area Networks (WANs) giving the ability to combine multiple access line connections with

application-based policy forwarding and security functions. This offers higher network service

availability and increased network performance.

The following are the key features of NTT Com’s SD-WAN service:

1.1 NETWORK CONNECTIVITY

NTT Com offer a broad and fully comprehensive selection of network access types and connectivity in

over 190 countries which is designed into a solution as the core component of SD-WAN.

Based on the client’s specific requirements and overall business needs, NTT Com can mix and match

multiple types of network technologies such as: MPLS, Ethernet, Internet, Broadband, Wireless and

4G/LTE — and deliver the most optimal connectivity solution for each customer office. Alternatively,

customers can provide their own ISP connections for NTT Com to integrate into a complete SD-WAN

solution.

Furthermore, NTT Com delivers scalable VPN gateway services such as Secure Socket Layer (SSL)

VPN Service to enable enterprises to connect to their business partners and enable a mobile

workforce.

1.2 ACTIVE-ACTIVE PATH CONTROL

Active-Active Path Control enables enterprises to distribute and manage network traffic, including local

ISP path optimization, traffic prioritization, and performance based routing. Leveraging advanced

routing optimization capabilities enables intelligent load-balancing of traffic over the best performing

path.

1.3 APPLICATION ACCELERATION

NTT Com SD-WAN Application Acceleration service provides: Transmission Control Protocol (TCP)

optimization, caching and compression, and application specific optimization to boost the end-to-end

performance of enterprise applications traversing the Enterprise WAN. This application Acceleration

service enables better performance of the network for the end user and a more effective working

environment.

1.4 SECURE CONNECTIVITY

NTT Com’s SD-WAN service addresses two main concerns around WAN security: protecting the

network from external threats and protecting the user’s access to public cloud and internet services.

As part of the SD-WAN service portfolio, NTT Com's Secure Web Gateway offers customers

distributed internet security via NTT Com Local Cloud Centers (LCCs) located globally and/or via

uCPE on-premises:

Firewall service

Intrusion protection service

URL filtering service

Malware detection reporting

www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing

Copyright © 2017 NTT Communications Security: External Use 2

1.5 REAL-TIME STREAMING NETWORK ANALYTICS

NTT Com’s application visibility reporting & analytics tool, was developed in-house and enables real-

time in-depth views of network and application performance with features that include:

Real time, interactive dashboards that enable enterprises to keep an instant pulse on the health of a network and applications — to continuously monitor traffic flows, enabling the identification of and response to business impacting events.

Multi-dimensional visualization of: application performance, network security, utilization, and end-user experience — allowing organizations to analyze issues at the site level, application layer, or individual user level.

Replay functionality that significantly improves the enterprise IT/Network team’s capabilities to perform capacity planning, security audits and to pinpoint application performance and network issues that are occurring now — or trace, identify and isolate issues that occurred in the past.

www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing

Copyright © 2017 NTT Communications Security: External Use 3

2 Service Components The SD-WAN service offers a fully bespoke network design, which can be tailored around the

customer application environment. The components include dedicated and internet based access

lines, managed customer premises equipment, VPN enablement as well as application traffic

management.

2.1 NETWORK CONSULTATION

During the discovery process, NTT Com SD-WAN network architects will work with you to identify any

performance pain points in your network. The SD-WAN solution design engineers fully understand

application performance and hybrid network design and will help create an SD-WAN solution to

accelerate the performance of your business applications.

2.2 HYBRID WAN DESIGN

An enterprise location may have a bespoke and unique set of connectivity requirements, which can

also be limited to the type and size of connectivity that is actually available. The hybrid WAN design

provided by NTT Com takes into consideration the onsite enterprise application use cases and

ensures that correct connectivity types are chosen as part of the SD-WAN solution.

2.3 APPLICATION AWARE ROUTING

The SD-WAN service delivers path control for application-aware routing across the WAN. In essence it

provides:

Dynamic selection of the best path for application-based business policies

Application-based load balancing across paths for full utilization of bandwidth with improved

network availability

NTT Com’s SD-WAN management platform monitors application performance on a per-flow basis,

and applies its learnings about application performance to select the best path for that application.

Using smart-probe intelligence, network traffic probes are sent out across the WAN to analyze the

performance of each network path to allow the SD-WAN to adapt to changes and further enhance

efficiency. The management platform effectively load-balances across paths while delivering the best

application-level SLA.

2.4 SD-WAN SUPPORT

Crucial to the SD-WAN service is its integral support function provided by NTT Com’s Global

Operation Center (GOC) which delivers advanced application layer monitoring and troubleshooting to

ensure minimal service interruption to its customers. In the event of an unscheduled problem or

outage with the customer’s service, the GOC will follow an interwoven set of procedures to facilitate

fast resolution. Having full visibility of application performance helps the GOC to identify and mitigate

service affecting problems quickly, tracking traffic trends provides insight into any potential issues that

may arise.

www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing

Copyright © 2017 NTT Communications Security: External Use 4

2.5 CUSTOMER PORTAL

The NTT Com Customer Portal provides a single point of contact for viewing information about your

SD-WAN solution, this includes:

Real-time streaming network analytics – end-to-end transparency and visibility of application traffic

Site-to-site communication

Network metrics, including throughput / delay / jitter / packet loss

Capability to self-deploy network functions

Configure and manage security policies in real time

Ticket and event management

www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing

Copyright © 2017 NTT Communications Security: External Use 5

3 Design Overview

3.1 TRANSPORT-INDEPENDENT WAN DESIGN

Software Defined hybrid networks need to be designed to provide efficient application performance.

As part of our consultation process with you, we will determine the best topology based on your

business requirements. The design will allow us to create application routing policies and also allow

for load balancing of default traffic in order to ensure that all available WAN capacity is fully utilized

and not wasted.

3.2 SITE DESIGN OPTIONS

Depending on your site requirements for service availability and bandwidth, NTT Com is able to

design a solution that incorporates multiple (hybrid connectivity) access types. These can include

dedicated access like Ethernet and Direct Internet Access combined with more cost-effective

connectivity like broadband DSL.

Normally an MPLS service runs in ACTIVE/PASSIVE mode which means that all traffic will travel

down the primary MPLS line. If the MPLS line should fail then the traffic will switch over to the backup

(PASSIVE) line.

With an SD-WAN, multiple access lines work together and are all ACTIVE. This allows for better use

of your connectivity and can increase the available bandwidth.

3.3 ON-PREMISES OR CLOUD-BASED

NTT Com’s delivery options for SD-WAN functions include:

www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing

Copyright © 2017 NTT Communications Security: External Use 6

SD-WAN Edge Device — SD-WAN proprietary hardware installed within branch-office

On-premises uCPE — SD-WAN as virtual network function (VNF) installed within branch-office

virtualized CPE

Cloud-based — network function delivered from NTT Com’s network PoPs which are distributed

globally

3.4 APPLICATION ROUTING POLICIES

To maintain the quality of the network application, routing policies will be created. These policies are

then placed into specific traffic classes:

Real-time (Voice & Video)

Transactional data (Enterprise applications like Citrix, SAP…)

Bulk data (FTP, SMB or other traffic to be offloaded to the internet)

Default (All other traffic not matching one of the other classes)

For each traffic class, the SD-WAN enabled edge devices will continuously monitor the network quality

of both MPLS and internet based links to ensure that it meets the performance requirements that have

been defined in the policy.

www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing

Copyright © 2017 NTT Communications Security: External Use 7

3.5 QUALITY OF SERVICE

SD-WAN uses the packet marking information to place the traffic into its defined Quality of Service

(QoS) traffic class. That means that traffic needs to be correctly identified and marked so that the SD-

WAN edge can ensure for example that VoIP traffic is forwarded over the MPLS network and File

Transfer Protocol (FTP) traffic over the internet.

In order to identify the traffic, each SD-WAN edge has a special function configured, which is able to

inspect the traffic and identify the applications. This means the edge devices can differentiate between

application-A and application-B traffic, even though both are HTTPS traffic going to the internet. In

case of outbound internet congestion, dedicated bandwidth can be allocated to the enterprise critical

traffic, such as important cloud-based applications.

www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing

Copyright © 2017 NTT Communications Security: External Use 8

NTT Europe Ltd. Europe Head Office1 King William Street London EC4N 7AR United Kingdom

TEL: +44 20 7977 1000

NTT Singapore Pte. Ltd.Singapore Head Office20 West Pasir Panjang Road #11-28 mapletree Business City Singapore 117439

TEL: +65 6438 3101

Copyright © 2017 NTT Communications

The rights of third party trade mark owners are acknowledged. Information in this document is correct at time of print and is subject to change without notice.

NTT America, Inc. America Head Office757 Third Avenue, 14th Floor New York, NY 10017 U.S.A.

TEL: +1 212 661 0810

NTT Com ICT Solutions Pty LtdAustralia Head OfficeLevel 19, 321 Kent Street Sydney NSW 2000 Australia

TEL: +61 2 9270 3400

NTT Communications CorporationGlobal Head Office1-1-6 Uchisaiwai, Chiyoda-ku Tokyo 100-8019 Japan

TEL: +81 3 3500 8111

NTT Com Asia Ltd.Hong Kong Head Office6 Chun Kwong Street Tseung Kwan O Industrial Estate Tseung Kwan O Hong Kong

TEL: +852 3793 0288

www.ntt.com

Contact us:

SDWAN062017-4