VMware SD-WAN Software Release 3.4.4

WindstreamEnterprise
WindstreamEnterprise Administrator admin
edited October 2021 in Release Notes

VMware/VeloCloud SD-WAN Release 3.4.4 provides several new feature enhancements for Windstream.

 New Hardware Platforms

The following new hardware devices are also being released:

·        620 (Replaces VCE 520v and 540)

·        640 (Replaces VCE 840)

·        680

These new devices offer better performance with enhanced processors that enable the additional functionally for the Fortinet VNF.  

VCE table 1-321.JPG

With the higher processing power, these new VCE edges are all capable of adding on the Fortinet Unified Threat Management (UTM) firewall features via a Virtual Network Function (VNF). 

This is a big plus as it provides the SD-WAN functions along with the Fortinet UTM in a single customer device.

Additionally, with this 3.4.4 enhancement, the VCE 3800 now has maximum throughput of 5 Gbps, so it can fully replace the VCE 2000.

The VCE 510 will remain available as the entry level VMware Edge.

Stateful Firewall

With the 3.4.4 code update, we also get a Stateful Firewall available in the portal.

This new enhancement is available on all VCE’s that are on the VMware code 3.4.4 with no additional orders or charges applied.

 

Stateful firewalls build a state table and use this table to allow only returning traffic from connections currently listed in the state table. After a connection is removed from the state table, no traffic from the external device of this connection is permitted.

The Stateful firewall feature provides the following benefits:

  • Prevent attacks such as denial of service (DoS) and spoofing
  •  More robust logging
  •  Improved network security   

Current Firewall

Current FW.jpg
stateful.jpg

LAN-Side NAT

Users can now restrict LAN-side source NAT to a specific set of destination subnets and can apply source and destination

NAT to the same packet

 

Conditional Backhaul

For hybrid branches (i.e. those with both public Internet and private MPLS), it is now possible to have internet traffic egress directly to the internet but dynamically failover to backhauling through a Hub over the MPLS link when Internet is down. This feature may be enabled for a and disabled on a VMware SD-WAN Edge per-Business Policy basis.

  DISCLAIMER: There may be features listed here that do not get immediately implemented and may be added based on customer demand in the future. 

This discussion has been closed.


Community Guidelines

The Windstream Enterprise Community is a community of real people who collaborate on answers, solutions, and ideas about the Windstream Enterprise products and services they use. We invite you to become a member, but we do have a few rules. For everyone's sake, we are committed to enforcing these guidelines, as well as our community vendor's Terms of Service.

Be Yourself

People will respect you more, engage with you more often, and treat you like a real person if you use your actual identity here. While not mandatory, it does help us identify accounts when we try to provide answers to specific questions.

Be Honest

We are into transparency, honesty, and truth. Do not misrepresent yourself or lie about your identity, affiliations, or age. Our community is based on the contributions of real people who put their reputations on the line. Be one of them.

Have (Good, Clean) Fun

We encourage the spirit of fun, so long as it does not hurt other people. Please do not use jokes, words or images that come at the expense of others. Be sensitive to other users around you, and do not post profane, sexual, or violent material.

Be Constructive with Your Criticism

The idea here is to foster healthy conversation and debate without ever attacking anyone personally. We take all questions, suggestions, and feedback seriously and will respond accordingly and so should you.

Spread the Wealth

Make our community a richer place by sharing your experience and insight. You may have the perfect answer to someone else's burning question. This is the substance of the Windstream Enterprise Community.

No Hawking!

It is okay to talk up the products or services you love (or sell), but only if it is relevant to the conversation. If you are here to plant a ton of links to your Web site without doing much else, your posts are likely to be removed by a moderator.

Do Not Wrongfully Post Content

Make sure you have the right to publish any content you post to the Windstream Enterprise Community, and do not violate the privacy of others.

Be Fruitful, but Do Not Multiply

Do not create multiple accounts to violate these guidelines, game the system, or harass and deceive other users.

No Trolls!

Trolls are users whose primary goal is to disrupt the community, attack other users, antagonize community managers, and are never interested in a productive outcome. If you engage in troll behavior, we will ask you to leave the Windstream Enterprise Community.

We are Here to Help

If you have questions or issues, we are always available to help you. Please call us at 1-888-600-5050.

Close

Categories