Simple SD-WAN and zero-trust security for distributed WANs
The Challenge
The adoption of Wireless WANs allows fast moving organizations to take advantage of agile connectivity for temporary and fixed sites, vehicles, IoT devices and remote workers. However, as the WAN becomes more distributed and dynamic, a simplified, cellular-centric approach to SD-WAN and security is required.
The Value
Optimized for LTE/5G Wireless WANs, NetCloud SASE and NetCloud Exchange provide the modern SD-WAN and security features to help organizations increase WAN resiliency and quality of experience while also protecting their corporate assets, applications, and users from the threat of an attack.
Key features include:
- Dynamically construct zero trust networks in under 6 minutes to replace VPNs or private APNs.
- Deliver a highly resilient, high-performance WAN with SD-WAN and intelligent bonding.
- Provide secure IoT remote monitoring and maintenance capabilities.
- Apply application aware traffic filtering and IDS/IPS inspection with Hybrid Mesh Firewall.
- Streamline operations with a truly unified solution (one policy engine, one pane of glass and one provisioning experience) that can be deployed on-premises (NetCloud Exchange) or delivered through the cloud (NetCloud SASE).
Available Services
Secure Connect – Offers a simple-to-manage alternative to complex VPN and private APN infrastructures for securely connecting IoT devices, sites, vehicles, and remote workers. As the foundation for all other services, Secure Connect delivers a policy-governed, zero-trust network that can be easily orchestrated.
Zero Trust Network Access (ZTNA) – Provides isolated user-to-resource access for authenticated users. It enables secure remote access for internal employees and third parties to resources (IoT devices and/or applications) on the network through granular user-based access policies.
SD-WAN – A simpler, more secure SD-WAN, optimized for cellular networks. Application-based traffic steering, intelligent bonding, and forward error correction ensure that an elevated level of resiliency and quality of experience is achieved for every user across every location.
Hybrid Mesh Firewall – Enabled with a premium license, hybrid mesh firewall provides application governance, web content filtering and offers continuous inspection of traffic to detect and prevent malicious activity.
Advanced Web Security (Cloud-delivered version only) – Protects users from malicious web activity with simple pre-set web security profiles. It goes beyond allowing and denying websites, to air-gapping high-risk websites with remote browser isolation to prevent malware/ransomware spread to a user’s device.
Flexible Deployment Models
Zero-trust security and SD-WAN services can be consumed through the cloud using NetCloud SASE or deployed in a private data center or private cloud through NetCloud Exchange.
Components of the solution include:
- Ericsson Cradlepoint WAN edge routers/ appliances provide reliable connectivity for IoT devices, vehicles and fixed/ temporary sites.
- NetCloud Client (available for Apple, Microsoft, and Linux devices) enables secure remote access for managed devices to specific resources on the network.
- NetCloud Virtual Edge is a software-based solution that can be easily deployed in a private cloud or an on-premises data center to allow controlled access to customer-hosted applications.
- NetCloud Manager simplifies the deployment, management, and ongoing troubleshooting of the network consolidating 5G, advanced networking and security into a single pane of glass.
- NetCloud Exchange Service Gateway is for on-premises deployments only and is a reliable headend solution that can reside standalone or in an active/standby configuration in a customer’s data center or private cloud.
- NetCloud Exchange Service Gateway (FIPS 140-3) is available for private data center deployments (VMware or KVM) and must be deployed with a FIPS 140-3 certified Ericsson Cradlepoint router and/or a FIPS 140-3 compliant NetCloud Client.
Why NetCloud SASE is Different
Cellular-Centric – Optimized for roaming and mobility with features that preserve bandwidth, enhance performance, and deliver slicing-ready capabilities for 5G standalone networks.
Truly Unified – Single management, control, and data plane with one policy engine and consistent provisioning across all networking and security services.
Built-In Zero Trust – Combines security and networking by creating a foundation that is deny-all by default with obscured IP addresses, dark assets, and explicit access policies.
Secure Access for Unmanaged Devices – Clientless secure access with web application isolation to protect corporate resources from risky third-party devices and malware. Available only through NetCloud SASE.
Common Use Cases
Zero Trust Network Access (ZTNA) for granting internal and third parties secure remote access to IoT devices for maintenance and monitoring.
Hybrid Mesh Firewall for continuous inspection of traffic to detect and prevent malicious activity.
SD-WAN and intelligent bonding for providing increased resiliency, performance, and quality of experience across multiple WAN connections (cellular, satellite, and Wi-Fi as WAN).
ZTNA for secure remote access to corporate applications in the cloud or data center, or to remotely monitor IoT devices.
Hybrid mesh firewall for web filtering, application governance and continuous inspection of traffic.
SD-WAN and intelligent bonding for providing increased resiliency, performance, and quality of experience across multiple WAN connections (wired, cellular and satellite).
ZTNA for secure remote access to corporate applications in the cloud or data center, or to remotely monitor IoT devices.
Hybrid mesh firewall for web filtering, application governance and continuous inspection of traffic.
Advanced web security that provides inspection, applies controls and even isolates web sites to protect users from malicious web activity.
NetCloud Management and Operations
NetCloud SASE and NetCloud Exchange are fully deployed and managed through Ericsson’s powerful cloud management and orchestration platform, NetCloud. With features that include zero-touch deployment, multi-layered dashboards and intuitive troubleshooting tools, NetCloud Manager is a valuable assist to lean IT organizations. Some of the key features include:
- Virtual Expert capabilities – Ericsson’s NetCloud Assistant (ANA) uses Natural Language Processing to assist administrators with everyday queries about the network.
- AI-driven insights – An integrated AIOps dashboard simplifies the ongoing operations of the network by quickly identifying performance-driven anomalies, determining the root cause, pinpointing all affected sites, users, and applications and recommending remediation steps.
- Centralized flow level visibility – NetCloud’s Traffic Monitor dashboard is a powerful tool that lets administrators drill into every flow for detailed traffic analysis and forensic.
NetCloud SASE Services and Specifications
- Secure Connect
- SD-WAN
- Zero Trust Network Access
- Hybrid Mesh Firewall
- AI-Driven Insights
- Advanced Web Security
Notice: All specifications subject to change without notice.
Zero trust VPN / private APN replacement
Secure Connect: Delivers a policy-governed, zero-trust network that can be easily orchestrated from the WAN edge to the cloud.
- Domain name-based routing – Translates complex IP addresses to more intuitive names to hide the network attack surface, simplify provisioning, and to create more intuitive policies.
- Support for overlapping IP addresses at sites – With domain-based routing in place, overlapping IP addresses can easily be accommodated.
- Resource-definition – Applications and assets connecting to the network are “dark” until explicitly defined and an access policy is created.
- Deny-all by default – Rather than broad network access, access is restricted until explicitly defined by policy.
- Blocks east/west traffic by default – Contains breaches to where they occurred by blocking east/west and all incoming traffic to a site, unless enabled by policy.
- Split routing from sites – Enables Direct Internet Access from the edge router. Administrators define all the IP subnets that need to go through the SASE service or Service Gateway; all other traffic goes direct to the internet.
- Configurable options for encryption – Allows administrators to select their desired cipher levels, aligning security configuration with their specific requirements. Selectable cipher levels include:
- Level 1 (the default) – AES 128, SHA2 256, Group 14 (ECP 256)
- Level 2 – AES 128, SHA 2 256, Group 19 (ECP 256)
- Level 3 – AES 256, SHA2 384, Group 20 (ECP 256)
|
PERFORMANCE |
|||
|
Site Routers |
Typical Client Count |
Throughput |
Concurrent Tunnels |
|
IBR600C/IBR650C, IBR900, S400/S450, S700/S750, S700-FIPS/S750-FIPS |
5 |
10 Mbps |
10 |
|
S700-FIPS/S750-FIPS† |
5 |
10 Mbps |
10 |
† FIPS routers are only supported with NetCloud Exchange.NOTE: Secure Connect site performance may vary based on latency conditions.
|
PERFORMANCE |
|||
|
Site Routers |
Typical Client Count |
Throughput |
Concurrent Tunnels |
|
IBR1700 |
30 |
40 Mbps |
20 |
|
R920 |
5 |
30 Mbps |
10 |
|
R980 |
5 |
85 Mbps |
20 |
|
R1900, R2105/R2155 |
100 |
400 Mbps |
20 |
|
IBR1700-FIPS† |
30 |
40 Mbps |
20 |
|
R920-FIPS† |
5 |
30 Mbps |
10 |
|
R1900-FIPS, R2105-FIPS/R2155-FIPS† |
100 |
400 Mbps |
10 |
† FIPS routers are only supported with NetCloud Exchange.NOTE: Secure Connect site performance may vary based on latency conditions.
|
PERFORMANCE |
|||
|
Site Routers |
Typical Client Count |
Throughput |
Concurrent Tunnels |
|
AER2200 |
100 |
40 Mbps |
20 |
|
E100, E102 |
5 |
40 Mbps |
20 |
|
E300 |
50 |
400 Mbps |
20 |
|
E400 |
50 |
270 Mbps |
20 |
|
E3000 |
100 |
400 Mbps |
20 |
|
E300-FIPS† |
50 |
400 Mbps |
20 |
|
E3000-FIPS† |
100 |
400 Mbps |
20 |
† FIPS routers are only supported with NetCloud Exchange.NOTE: Secure Connect site performance may vary based on latency conditions.Secure Connect is not yet supported on the X10 and X20 routers.
SD-WAN enhances WAN resilience and quality of experience (QoE) by optimizing traffic over multiple physical or logical connections including, wired, 5G/LTE, satellite, Wi-Fi as WAN, private APNs, and 5G standalone network slices.
- Zero trust foundation for SD-WAN – While traditional SD-WAN technology leverages encryption and site-based VPN technology to secure traffic over multiple WAN connections, NetCloud SD-WAN leverages a true zero trust foundation that minimizes the attack surface, limits the blast radius, and is deny-all by default.
- Classification of traffic into predefined classes – Through deep packet inspection, administrators can classify their traffic into business critical, real-time, interactive, or best effort.
- Application-based traffic steering – After traffic is classified, policies can be created to ensure business critical and real-time applications are prioritized across the WAN and are always traversing the highest performing WAN connection.
- Traffic steering based on real-time WAN performance – Using in-line traffic, NetCloud SD-WAN measures latency, loss, and available bandwidth across all available WAN connections. If performance degrades beyond the predefined thresholds, traffic is dynamically steered to a better performing connection.
- Direct Internet Access – To enhance performance and reduce the costs of backhauling, NetCloud SD-WAN enables direct internet access capabilities from sites and vehicles.
- Traffic steering across 5G network slices – Select modems can support up to eight 5G SA network slices. Leveraging NetCloud SD-WAN, when a 5G SA network is in place, the ability to steer applications into the most suitable network slide is available. (For example, business-critical traffic can be steered into an ultra-reliable low latency slice.)
- Intelligent Link Bonding – Allows the creation of a bonded interface using multiple WAN interfaces.
- Flow duplication across bonded WAN connections – Provides a highly resilient connection for mission-critical applications by duplicating traffic flows across two diverse connections, increasing availability.
- Weighted flow balancing across bonded WAN connections – Distributes application traffic flows across diverse WAN links according to user-defined weights for improved efficiency and cost savings.
- Bandwidth aggregation across bonded WAN connections – Aggregates two or more WAN links into one logical link providing more bandwidth (especially for uploads) for applications like video and large file transfers.
- Forward Error Correction – Most effective for chatty TCP-based applications, FEC mitigates against lossy connections by adding parity bits to an application flow to prevent application retries, thereby improving application quality of experience.
- Networkwide application-based policies – With NetCloud SD-WAN, a single policy can be applied across heterogenous product types.
|
PERFORMANCE |
||
|
Site Routers |
Typical Client Count |
Throughput |
|
IBR1700 |
30 |
40 Mbps |
|
R920 |
5 |
30 Mbps |
|
R980 |
5 |
85 Mbps |
|
R1900, R2105/R2155 |
100 |
400 Mbps |
The IBR1700, R920, and R980 routers do not yet support the Forward Error Correction (FEC), Intelligent Bonding, or Fast Link Monitoring features. R2105 routers do not yet support the Intelligent Bonding feature. R2155 routers do not yet support FEC or Intelligent Bonding features. Other SD-WAN functionality is supported.
|
PERFORMANCE |
||
|
Site Routers |
Typical Client Count |
Throughput |
|
AER2200 |
100 |
40 Mbps |
|
E100, E102 |
5 |
40 Mbps |
|
E300 |
50 |
400 Mbps |
|
E400 |
50 |
270 Mbps |
|
E3000 |
100 |
400 Mbps |
The AER200 and E102 routers do not yet support the Forward Error Correction (FEC), Intelligent Bonding, or Fast Link Monitoring features. Other SD-WAN functionality is supported. All features are supported when using E100, E300, E400, and E3000 routers.SD-WAN is not yet supported on the X10 and X20 routers.
Secure remote access
Zero Trust Network Access (ZTNA) integrates with an organization’s existing identity provider to provide isolated user-to-resource access for authenticated users.
- Identity verification – Offers integration to any SAML 2.0 compliant Identity Management Platform, preventing identity sprawl.
- Isolated user-to-resource access – Users are directly authenticated to their authorized resources per session.
- Least privilege access – Various levels of access, ranging from visibility only to full configuration, can be granted based on the user’s job function or identity.
- Continuous monitoring for changes in context – Changes in context are monitored, resulting in changes in access privileges if warranted.
- Device posture visibility – Administrators can view details on the device posture (for example, anti-virus installed and running, OS version, and device type) for any device that has the client installed.
- Flexible user authentication – Users can authenticate through an Ericsson Cradlepoint router, a wide range of Windows, Mac, and Linux clients, or a secure web browser enable safe remote connectivity from anywhere.
- NetCloud Client – This software enables secure remote access to an NetCloud Secure Connect network. The NetCloud Client supports Windows and macOS laptops, iOS mobile devices, and Linux devices. The NetCloud Client is available to download with a ZTNA license.
- Clientless ZTNA (NetCloud SASE only) – Allows contractors and third parties to access specific resources without requiring a client. Clientless ZTNA supports HTTP, HTTPS, Virtual Network Computing (VNC), Remote Desktop Protocol (RDP, and Secure Shell (SSH) based access. This unique solution leverages isolation technology and protects company assets from unmanaged devices.
|
SYSTEM REQUIREMENTS |
|
|
Operating System: |
Windows |
|
Version: |
Windows 10 and 11 |
|
Processor: |
Intel x86 |
|
Memory: |
16 GB |
|
Maximum NetCloud Client Count: |
Unlimited (limited by NCX Service Gateway licensed throughput capacity per network) |
|
SYSTEM REQUIREMENTS |
|
|
Operating System: |
macOS |
|
Version: |
Monterey 12.x or later |
|
Processor: |
Intel or Apple M1/M2 CPU |
|
Memory: |
16 GB |
|
Maximum NetCloud Client Count: |
Unlimited (limited by NCX Service Gateway licensed throughput capacity per network) |
|
SYSTEM REQUIREMENTS |
|
|
Operating System: |
iOS |
|
Version: |
iOS 16 or later |
|
Processor: |
ARM64 or Apple Silicon |
|
Memory: |
64 GB |
|
Maximum NetCloud Client Count: |
Unlimited (limited by NCX Service Gateway licensed throughput capacity per network) |
|
SYSTEM REQUIREMENTS |
|
|
Operating System: |
Linux Ubuntu |
|
Version: |
22.04 or 24.04 |
|
Processor: |
|
|
Memory: |
16 GB |
|
Maximum NetCloud Client Count: |
Unlimited (limited by NCX Service Gateway licensed throughput capacity per network) |
(Requires a Premium license)
Hybrid Mesh Firewall (HMF) is a service that can be added to a Secure Connect or SD-WAN network. With application and web filtering plus integrated IDS/IPS, HMF brings in modern firewall features, without the complexity.
- Application visibility and enforcement – Uses policies and deep packet inspection to determine whether to block or allow traffic, including communications to or from an application.
- IDS/IPS – Provides continuous monitoring of all north/south and east/west traffic flows to detect and prevent malicious activity.
- Web filtering – Blocks access to inappropriate web content including high-risk domains that may contain malware.
- Firewall-as-a-Service (NetCloud SASE only) – Simplifies firewall deployment by using cloud firewall capabilities instead of requiring local firewalls in all locations.
|
PERFORMANCE |
|||
|
Site Routers |
Typical Client Count |
Throughput |
Concurrent Tunnels |
|
IBR600C/IBR650C, S700/S750 |
5 |
10 Mbps |
10 |
NOTE: Hybrid Mesh Firewall site performance may vary based on latency conditions.
|
PERFORMANCE |
|||
|
Site Routers |
Typical Client Count |
Throughput |
Concurrent Tunnels |
|
IBR1700 |
30 |
40 Mbps |
20 |
|
R920 |
5 |
10 Mbps |
10 |
|
R1900, R2105/R2155 |
100 |
400 Mbps |
20 |
NOTE: Hybrid Mesh Firewall site performance may vary based on latency conditions.
|
PERFORMANCE |
|||
|
Site Routers |
Typical Client Count |
Throughput |
Concurrent Tunnels |
|
AER2200 |
100 |
40 Mbps |
20 |
|
E100, E102 |
5 |
40 Mbps |
20 |
|
E300 |
50 |
400 Mbps |
20 |
|
E3000 |
100 |
400 Mbps |
20 |
NOTE: Hybrid Mesh Firewall site performance may vary based on latency conditions.
(Requires a Premium license)
- AI-driven insights – An integrated AIOps dashboard detects performance driven anomalies and flags them to the administrator pinpointing the root cause and recommended remediation.
- Virtual Expert capabilities – While Ericsson’s NetCloud Assistant (ANA) is to be available across all NetCloud Manager dashboards, more specialized functionality is only available with a NetCloud SASE Premium license.
(NetCloud SASE only)
- Secure Web Gateway – Ensures web requests align organizational policies. If the request raises any red flags or is linked to a malicious website, the gateway returns a warning or blocks user access.
- Anti-virus – Scans incoming web traffic for known virus signatures, allowing the SWG to detect and block malicious content before it reaches a user's device.
- Cloud Access Security Broker – Acts as an intermediary between end users and the cloud, to control access to cloud-based applications.
- Remote Browser Isolation – Separates users' devices from the act of Internet browsing by hosting and running all browsing activity in a remote, isolated cloud-based container. Only a safe rendering is delivered to the end user.
- Content Disarm and Reconstruct – Protects against known and unknown threats contained in documents by removing executable content before the file is downloaded to the user’s device.
NetCloud SASE Appliances and Specifications
Notice: All specifications subject to change without notice.
NetCloud Virtual Edge is a cost-effective and simple solution for organizations that need to connect to one or more data center or private cloud environments as part of their zero-trust network.
|
PERFORMANCE |
|||
|
Deployment Targets: |
AWS |
Azure |
VMware |
|
Tunnel Throughput to/from NetCloud Exchange: |
300 Mbps |
300 Mbps |
2 Gbps |
|
Instance: |
m5.large |
Standard_D2s_v5 |
VMware ESXi 6.7 U3 hypervisor or newer |
|
vCPUs: |
2 |
2 |
2 |
|
Memory: |
8 GB |
8 GB |
8 GB |
|
Minimum Disk Space: |
2 GB |
2 GB |
2 GB |
|
vNICs: |
2 |
2 |
2 |
(customer-hosted deployment model only)
NetCloud Service Gateway is a services delivery platform (or headend) that can reside standalone or in an active/standby configuration in a customer’s data center or hosted cloud. The Service Gateway aggregates traffic from IoT, vehicle, site, and remote work environments, enforces policy, and provides visibility into every flow.
|
PERFORMANCE |
||
|
Licensed Capacities: |
|
|
|
SYSTEM REQUIREMENTS (ALL CAPACITIES) |
||
|
Deployment: |
AWS |
Azure |
|
Instance: |
c5.2xlarge |
Standard_D8S_v3 |
|
vCPUs: |
8 |
8 |
|
Memory: |
16 GB |
32 GB |
|
Minimum Disk Space: |
16 GB |
16 GB |
|
vNICs: |
3 |
3 |
|
Minimum NetCloud Exchange Service Gateway Release: |
7.23.80 |
7.23.80 |
|
Concurrent Tunnels: |
Up to 4,000 |
Up to 4,000 |
Performance testing was conducted based on requirements as defined in RFC2544 using fixed-frame 1518-byte packets. Throughput results reflect unidirectional. UDP traffic with less than 1% packet loss as tested with wired connections. At the time of release, the number of supported sites and tunnels is a 1:1 ratio. Ericsson Cradlepoint routers support multiple WAN interfaces simultaneously in SD-WAN mode.
|
PERFORMANCE |
||
|
Licensed Capacities: |
|
|
|
SYSTEM REQUIREMENTS (ALL CAPACITIES) |
||
|
Deployment: |
KVM |
VMware |
|
VM Manager Version: |
Proxmox 8.3.x |
|
|
Instance: |
N/A |
N/A |
|
vCPUs: |
8 |
8 |
|
Memory: |
16 GB |
16 GB |
|
Minimum Disk Space: |
16 GB |
16 GB |
|
vNICs: |
3 |
3 |
|
Minimum NetCloud Exchange Service Gateway Release: |
7.23.80 |
7.23.80 |
|
Concurrent Tunnels: |
Up to 4,000 |
Up to 4,000 |
Performance testing was conducted based on requirements as defined in RFC2544 using fixed-frame 1518-byte packets. Throughput results reflect unidirectional. UDP traffic with less than 1% packet loss as tested with wired connections. At the time of release, the number of supported sites and tunnels is a 1:1 ratio. Each Ericsson Cradelpoint router only supports one tunnel on one active WAN interface at a time.
Ordering Guidelines
- Step 1 (required): Select the deployment model NetCloud SASE cloud-hosted or NetCloud Exchange customer-hosted.
- Step 2 (required): Select the NetCloud Service plan(s) for the compatible router(s).
- Step 3 (required NetCloud Exchange only): Select the NetCloud Service Gateway capacity for entire solution (NOTE: Separate part numbers for high availability).
- Step 4 (required): Select the Secure Connect or SD-WAN site (router-based) license(s) in either Standard or Premium for each router. NOTE: Each NetCloud SASE license for mobile or branch routers includes 500 GB for a shared data pool. IoT routers have unlimited data.
- Step 5 (optional): Select the number of ZTNA user licenses.
- Step 6 (optional): Select the NetCloud Virtual Edge in either Standard or Premium per each additional data center or private cloud environment beyond where the NetCloud Service Gateway is located (selection of Standard or Premium must match Step 4). NOTE: Each NetCloud SASE license includes 500 GB for a shared data pool.
- Step 7 (optional NetCloud SASE only for mobile and branch deployments): Select additional 500 GB data credits to add to the shared data pool.
|
REGION |
NetCloud PACKAGE |
DESCRIPTION |
PART NUMBER |
|
All Regions: |
NetCloud SASE Secure Connect |
Standard Premium Premium Add-On |
NCS-0K0x-SCDC NCS-0KPx-SCDC NCS-0NPx-HMFAI |
|
NetCloud Exchange Secure Connect |
Standard Premium Premium Add-On |
NCX-0K0x-SC NCX-0KPx-SC NCX-0NPx-HMFAI |
|
|
NetCloud SASE SD-WAN |
Standard Premium Premium Add-On |
NCS-0L0x-SCDCSD NCS-0LPx-SCDCSD NCS-0B0x-SDWAN |
|
|
NetCloud Exchange SD-WAN |
Standard Premium Premium Add-On |
NCX-0L0x-SCSD NCX-0LPx-SCSD NCX-0B0x-SDWAN |
|
|
NetCloud SASE ZTNA |
Standard (Per User) |
NCS-0E0x-ZTNA |
|
|
NetCloud Exchange ZTNA |
Standard (Per User) |
NCX-0E0x-ZTNA |
|
|
NetCloud SASE Virtual Edge |
NetCloud Standard for Virtual Edge with Secure Connect NetCloud Premium for Virtual Edge with Secure Connect |
NCS-0M0x-VESCDC NCS-0MPx-VESCDC |
|
|
NetCloud Exchange Virtual Edge |
NetCloud Standard for Virtual Edge with Secure Connect NetCloud Premium for Virtual Edge with Secure Connect |
NCX-0M0x-VESC NCX-0MPx-VESC |
|
|
NetCloud SASE Data Credit |
500 GB |
NCS-0D0x-DC |
|
|
Service Gateway |
250 Mbps 500 Mbps 1 Gbps 2 Gbps 4 Gbps |
NCX-000x-SG250MBPS NCX-000x-SG500MBPS NCX-000x-SG1GBPS NCX-000x-SG2GBPS NCX-000x-SG4GBPS |
|
|
Service Gateway High Availability |
Active + Standby 250 Mbps Active + Standby 500 Mbps Active + Standby 1 Gbps Active + Standby 2 Gbps Active + Standby 4 Gbps |
NCX-002x-SGAS250MBPS NCX-002x-SGAS500MBPS NCX-002x-SGAS1GBPS NCX-002x-SGAS2GBPS NCX-002x-SGAS4GBPS |
|
|
All Regions — Renewal: |
NetCloud SASE Secure Connect |
Renewal — Standard Renewal — Premium Renewal — Premium Add-On |
NCS-0K0x-SCDC-R NCS-0KPx-SCDC-R NCS-0NPx-HMFAI-R |
|
NetCloud Exchange Secure Connect |
Renewal — Standard Renewal — Premium Renewal — Premium Add-On |
NCX-0K0x-SC-R NCX-0KPx-SC-R NCX-0NPx-HMFAI-R |
|
|
NetCloud SASE SD-WAN |
Renewal — Standard Renewal — Premium Renewal — Premium Add-On |
NCS-0L0x-SCDCSD-R NCS-0LPx-SCDCSD-R NCS-0B0x-SDWAN-R |
|
|
NetCloud Exchange SD-WAN |
Renewal — Standard Renewal — Premium Renewal — Premium Add-On |
NCX-0L0x-SCSD-R NCX-0LPx-SCSD-R NCS-0B0x-SDWAN-R |
|
|
NetCloud SASE ZTNA |
Renewal — Standard (Per User) |
NCS-0E0x-ZTNA-R |
|
|
NetCloud Exchange ZTNA |
Renewal — Standard (Per User) |
NCX-0E0x-ZTNA-R |
|
|
NetCloud SASE Virtual Edge |
Renewal NetCloud Standard for Virtual Edge — Per Self-Hosted Virtual Appliance Renewal NetCloud Premium for Virtual Edge — Per Self-Hosted Virtual Appliance |
NCS-0M0x-VESCDC-R NCS-0MPx-VESCDC-R |
|
|
NetCloud Exchange Virtual Edge |
Renewal NetCloud Standard for Virtual Edge — Per Self-Hosted Virtual Appliance Renewal NetCloud Premium for Virtual Edge — Per Self-Hosted Virtual Appliance |
NCX-000x-VESC-R NCX-0MPx-VESC-R |
|
|
NetCloud SASE Data Credit |
Renewal — 500 GB |
NCS-0D0x-DC-R |
|
|
Service Gateway |
Renewal — 250 Mbps Renewal — 500 Mbps Renewal — 1 Gbps Renewal — 2 Gbps Renewal — 4 Gbps Renewal Active + Standby — 250 Mbps Renewal Active + Standby — 500 Mbps Renewal Active + Standby — 1 Gbps Renewal Active + Standby — 2 Gbps Renewal Active + Standby — 4 Gbps |
NCX-000x-SG250MBPS-R NCX-000x-SG500MBPS-R NCX-000x-SG1GBPS-R NCX-000x-SG2GBPS-R NCX-000x-SG4GBPS-R NCX-002x-SGAS250MBPS-R NCX-002x-SGAS500MBPS-R NCX-002x-SGAS1GBPS-R NCX-002x-SGAS2GBPS-R NCX-002x-SGAS4GBPS-R |
x= 1, 3, or 5 years
