Introduction

Over the past 15 years we've witnessed a gradual change in branch WANs requirements. Whereas most branch offices, more often than not, were connected to the rest of the business through an MPLS circuit or VPN, we are seeing more and more network architectures being updated either by way of increasing more capacity to the existing WAN circuit or by introducing an Internet connection to the branch WAN.

However, even such updates can no longer cope with the demand for more bandwidth because bandwidth hungry network applications and services are becoming commonplace.

Challenges

First of all, content, service and application delivery times are constantly taking up a growing amount of WAN traffic and negatively impacting end user experience and response times because the requested applications and content are run and delivered not only in/from corporate data centers, but also at cloud app providers (SaaS), not to mention that such applications/services/content must also be routed through the corporate data center for security reasons.

Second of all, while adding bandwidth and Internet connections both help mitigate the overall congestion of the WAN, doing so often increases the complexity and cost of ownership as additional resources must be allocated for monitoring and troubleshooting network security and health.

Third of all, businesses today rely on a network system's agility and ease of deployment/troubleshoot for competitive advantages, especially when the said system encounters unexpected events at the branches. Such coveted agility and simplicity are not possible if additional hardware and network capacity upgrades are constantly taking place, not to mention the time delayed and cost required for hiring consultants or integrators to install, configure, integrate and test these hardware devices and software applications.

Requirement

A would-be customer approached Lanner with the following criteria for their hardware needs.

The hardware solution must enable both workload consolidation and timely application deployment. In other words, the resources must be allocated fairly across mission-critical and routine applications, depending on their urgency and priority.

The hardware solution must also efficiently and intelligently allocate resources across computing, storage, security and other network functions; and threshold can be assigned for particular applications as needed so that deployment time of a newly-added service or application can be minimized.

The hardware solution must be built using a Intel® multi-core processor powerful enough for running virtualized applications. The architecture must be open so as to allow the automated and software-defined orchestration that reduces manual provisioning and addresses the challenges of today’s cloud data centers.

Lanner Solution

The NCA-1515 is a desktop network appliance powered by Intel® Atom™ C3758/C3558/C3308 CPU (codenamed Denverton). It features robust performance, Intel’s QuickAssist Technology, Intel® AES-NI, secure boot and support for TPM 2.0, K-lock, offering cryptographic acceleration and commercial-grade LAN functions in a 231mm x 200mm x 44mm (WxDxH) form factor.

Other features include 0~40ºC operating temperature range, up to 32 GB of DDR4 2400/2133/1866 MHz memory, 2x mini-PCIe slots and 1x M.2 2242 slot with dual nano SIM, 1x RJ45 console, 2x USB 2.0, 1x onboard EMMC (8GB), 1x optional 2.5” HDD/SSD bay and one of the following network configurations:

  • 4x GbE RJ45 with 1 pair of Gen3 bypass, 2x GbE SFP w/ LED & 2x GbE RJ45
  • 4x GbE RJ45 with 1 pair of Gen3 bypass & 2x GbE SFP w/ LED
  • 4x GbE RJ45 without bypass

Benefits/Conclusion

1. Cost Incentives

Lanner's open architecture vCPE platforms encourage interoperability with open source software and external systems enabling standardized interface for seamless integration between server, subsystems and software components. IT management staff no longer have to deal with complicated proprietary systems in maintenance. Such vCPE architecture can be easily duplicated in multiple branch offices in just hours, without assistance from vendors.

2. Ease of Deployment

vCPE's software-defined nature not only affords the convenience of easy implementation and duplication of software applications at all branch offices but also realizing the concept of "zero-touch provisioning" meaning On-site personnel and extensive technical assistance are not required at the branch to set the system setup because zero-touch solutions are preconfigured with compatibility for the running of custom VNFs.

3. Security

Lanner's open architecture vCPE platforms not only enable security VNFs consolidation, including embedded firewall, IPSec, VPN and detection mechanism for SD-WAN solution vendors but they also come with encryption and authorization policies in order to provide secure data transfer in end-to-end scenarios.

4. Compatibility

Third-party security VNFs can be run on Lanner's vCPE platforms compatibly because of these appliances' open architecture design; and diverse security policies can be implemented without additional cost and effort.

Featured Product


NCA-1515

Desktop Network Appliance for vCPE/uCPE and Edge Security

CPU Intel® Atom® C3000 (Denverton)
Chipset SoC

Read more