Cisco IWAN Orchestration

Configuring Cisco IWAN can be a very complex process with multiple features (PFR, AVC, PBR, NBAR, DMVPN etc) and deployment models (HA, Non-HA, Dual Internet, Hybrid etc). Because of configuration complexity, network administrators spend up to months on-boarding new branches or converting existing branches to IWAN. This complexity also results in frequent human errors, which makes the network vulnerable to security attacks.

Existing automation solutions use scripts and tools that are rigid, prescriptive and do not scale. Plus, they use proprietary models that require vendor assistance for every change. On the other hand, Anuta NCX Network Service Orchestrator uses a model driven, layered, abstraction approach that helps in delivering vendor-neutral, extensible, scalable and maintainable services.

By using the best of breed NCX Orchestration platform, you can automate ANY network service ANY technology or architecture including Cisco IWAN, ANY vendor, platform, or device type that uses ANY Southbound Interface.
Unlike scripting, NCX uses industry-standard IETF YANG models and customers and system integrators can easily modify or extend these models to fit business requirements, without requiring vendor assistance.

NCX has out of the box IWAN service model and configures branches as per the Cisco Validated Design (CVD). NCX enables Cisco IWAN customers to on-board hundreds of branches in greenfield and brownfield deployments within days, instead of months.
In addition to IWAN branches, NCX automates branches with traditional physical CPE devices (Non-IWAN) as well as Virtual CPE devices. The same NCX solution orchestrates Data Centers consisting of Multi-Vendor Physical, Virtual and SDN devices.

Once the branches are up-and-running, NCX provides you with a simple, easy-to-use GUI; so that any network operator or MSPs can quickly deploy network policies such as access control lists (ACLs), static routes, QoS policies etc. in a multi-tenant environment without touching thousands of network elements individually.
Branch Service Chaining and Dynamic Services

  • AVC, Performance Routing (PfR), QOS, NAT

  • MPLS L3 VPN, DMVPN over MPLS or Business Internet

  • WAN Optimization - Cisco (v)WAAS or Riverbed (v)Steelhead

  • Security - Zone Based Firewall, Web Security through ScanSafe

  • Port Security, IP DHCP Relay

  • Layer-2 Networks - Traditional STP, Fabric Path, Hybrid Networks

  • Static and Dynamic Routing (RIP, OSPF, BGP etc..)

  • First Hop Redundancy - HSRP, VRRP, GLBP

  • Policy Based Routing, Router Redistribution and Route Filters

  • Site to Site IPSec, Remote Access VPN
  • Day-0 and Other Services

  • PnP, Bulk Configuration

  • Virtual Appliance Deployment

  • Branch Resource Management - Capacity, health and metrics

  • Audit Log

  • Day-1-Day-N Branch MACDs

  • Add/Update/Delete Firewall Zone Rules on all Branches

  • Add/Update/Delete WAN Optimization Policy

  • Add/Update/Delete of Layer2, Layer3, Security and Other configuration