Versa FlexVNF - Versa Networks
Versa FlexVNF
Product Description
The networking industry is undergoing a major
center or central office, or public cloud. Regardless of
transformation. Where the delivery of networking
the packaging and location, all network and security
and security services was the exclusive domain of
components are provisioned and managed centrally
fixed, proprietary hardware appliances, now software
through the Versa Director management platform.
combined with major advances in standard processor
architectures (e.g. Intel) and virtualization have ushered
in a new era in networking. Virtualized network
functions (VNF) software and common off-the-shelf
(COTS) hardware platforms and virtual machines
(VM) are bringing a software-defined approach to
networking. Such solutions can provide L3, L4 and L7
network and security services to enable feature-rich
and high-performance WAN and security deployments.
Using a fully software-based approach, Versa Networks
allow service providers and large enterprises to
transform the WAN and branch network to achieve
unprecedented business advantages. Versa FlexVNF
software provides unmatched agility, cost savings and
flexibility vs. traditional network hardware. For service
providers, Versa enables next-generation managed
Versa FlexVNF includes the broadest set of VNFs in
the industry – from a full set of networking capabilities,
including market-leading SD-WAN functions, to a
wide range of basic and advanced security functions –
making it possible to design rich managed services and
enterprise architectures, and deliver them with agility to
work seamlessly together.
Versa FlexVNF is purpose-built with many carriergrade capabilities, including a distributed control and
data plane fabric with built-in elasticity and capacity
on-demand. Powerful service chaining for both Versa
and third party services, including appliances, enables
providers and large enterprises to easily integrate
multiple network and security functions into complex
managed services and enterprise architectures.
services for software-defined WAN (SD-WAN),
Another key Versa capability for improving operational
software-defined security (SD-Security) and virtual
efficiency and service agility, as well as lowering total
customer premises equipment (vCPE). For enterprises,
costs, is multi-tenancy. Versa FlexVNF, as well as
Versa enables highly scalable and
secure SD-WAN projects.
Versa FlexVNF software covers all
the networking and security needs
of the branch office, hub site and
data center edge node, including full
routing, WAN connectivity, SD-WAN
and network security. Purpose-built
Versa FlexVNF software provides
network operators significant
flexibility in how they can deploy
FlexVNF – onto bare metal, VM and
container environments – as well
where – in the branch office, data
Versa Director, Versa Analytics and Versa Controller, are built from the ground up with full multi-tenancy across
all routing, SD-WAN and security features. Versa’s comprehensive multi-tenancy allows network operators to
share and better leverage underlying resources such as Versa FlexVNF and hardware infrastructure across many
customers or internal organizations, providing more service agility, economy of scale and optimal cost structure for
large deployments.
Versa FlexVNF is operations-ready and supports standard protocols and log formats, including Syslog, IPFIX and
SNMP, making it compatible with existing network management, monitoring, and reporting systems.
The result is carrier-grade VNF-based services and architectures that can scale out / in, on-demand, while
maintaining service continuity and delivery of both Versa and third party network and security functions – all with
significantly reduced hardware costs and better service agility.
Versa FlexVNF Packaging Options
The Versa FlexVNF solution is fundamentally different than proprietary network hardware. Deployed as software on
low-cost Intel-based servers and appliances, and utilizing advances in the latest processors and virtualization, Versa
FlexVNF radically reduces capital expenses and the costly upgrades/refreshes that are common with legacy network
hardware devices.
Versa FlexVNF supports a wide set of deployment options and can be installed in both legacy network and new SDN
environments. Deployment choices include bare metal servers, white box appliances, hypervisor VMs (VMware ESXi &
KVM) and Linux containers. It takes full advantage of multi-socket and multi-core processors and Intel DPDK support
for maximum use of underlying hardware resources, resulting in excellent performance and throughput.
For running in bare metal format, Versa has established a vendor ecosystem with pre-defined device models and
specifications that white box vendors are tested and validated for, ensuring the right configuration at different price
and performance points.
Versa-specified appliance models are directly orderable from approved white box vendor partners and distributors,
and come with a Versa FlexVNF image and encryption certificate pre-loaded from the factory.
Versa works with selected distributors to provide these platforms globally with return-to-factory, next-businessday advanced replacement, same-business-day advanced replacement and other service options. While Versa is a
software company, it has established innovative business and partnership models and a unified support process to
cover all pre-sales and post-sales needs.
Product Features
Form Factor
Bare metal (ISO), Virtual Appliance (OVA, QCOW2)
VMware ESXi 5.1 & above, KVM
802.1Q(VLAN Tagging), Aggregated Ethernet (LACP), CFM (Connectivity and Fault Management)
High Availability with Active-Standby
CLI, Syslog, IPFIX, SNMPv1, SNMPv2, SNMPv3, Packet capture utility
Network & Security Functions
Stateful Firewall
Application Visibility
Client, Relay and Server
Static routing, Bidirectional Forwarding Detection (BFD), VRRP, Routing Instances (VRF), OSPF, BGP, ECMP, PolicyBased Forwarding
Classification, Marking, Rate-Limiting, Scheduling, Queuing, Shaping
Static NAT, Dynamic NAT, NAPT, Destination NAT, Static NAT with Port Translation, Inter-Tenant NAT, ALG support;
Zone-based, Address Objects, Address groups, Rules, Policies, DDoS (TCP/UDP/ICMP Flood), Syn-cookies, Portscans, ALG support; SIP, FTP, PPTP, TFTP, ICMP
Identify more than 2000+ applications and protocols, Application group support, Application filter support,
Application visibility and log support
Application Identity (AppID) based policy rules, IP Blacklisting, Whitelisting, Geo-IP, Customer App-ID signatures,
SSL certificate-based protection, Expired certificates, untrusted CAs, Unsupported cyphers and key lengths
Network/Flow based protection with auto signature updates. HTTP, FTP, SMTP, POP3, IMAP, MAPI support
URL Categorization
& Filtering
URL categories & reputation, including customer-defined, Cloud-based lookups, Policy trigger based on URL
category, URL profile (blacklist, whitelist, category reputation), Captive portal response including customer defined.
Actions include block, inform, ask, justify, and override
Default & customer defined signatures & profiles. Versa & Snort rule formats, L7 DDoS. Security package with
incremental updates. Full, incremental (daily) & real-time threat (every hour)
Secure, zero touch branch provisioning, Template-based policies with parameterization, Centralized route, policy
enforcement, L7 Application SLA enforcement over network link SLAs with QoS, Intelligent path selection – default
and user-defined, load balance across WAN links, providing various overlay, redundant SD-WAN controller, seamless
integration with existing WAN optimization devices and branch routers
Packet Striping for best throughout across bundle of low speed interfaces; Packet Cloning / Decloning for
Advanced SD-WAN
replicating important flows to ensure best performance and availability; Forward Error Correction to restore traffic
in lossy and over-congested links; MOS Based Traffic Steering to measure VoIP flows quality and to steer VoIP flows
to achieve best voice session qualities; Cloud Provider DIA Traffic Optimizations; Probe based, as well as Inline
Traffic Measurements and more
Site-to-Site, Route/Policy based VPN, IKEv2, IKEv1, DPD, PFS Confidentiality algorithms: Tunnel mode ESP with
AES-128, AES-256 Modes: CBC, XCBC, GCM Authentication & Integrity: Pre-shared and PKI Authentication with RSA
certificates, hashing, Diffie Hellman key exchange
Load Balancing
Layer 4 load balancing, monitoring, persistence, Deployment modes; Transparent, Routed and Direct Server Return
SSL Inspection
HTTPS proxy (forward & reverse), SSL v3 & TLS 1.2 proxy, Captive Portal for HTTPS requests
DNS Proxy
DNS Split Proxy
User & Group Level
Active Directory integration using LDAP and Kerberos protocols, Captive Portal Form for LDAP
System Requirements
VMware vSphere 5.5 & 6.0
Hypervisor Supported
KVM – RHEL/CentOS 6.4, Ubuntu 12.04, 14.04
VMware vCloud Director
vCloud Director 5.5 & 6.0
Version Support
OpenStack Version Support
Havana, Icehouse, Juno, Kilo
OpenStack Distro Support
Red Hat, Canonical Ubuntu, Piston CloudOS
Versa-Specified Appliance Configurations
Versa-specified appliance configurations provide a wide range of price and performance points starting from
250 Mbps, going all the way up to 100 Gbps+ to cover diverse business needs.
Desktop network appliance with Intel Atom 2-Core / 4- Core CPU, 4GB / 8GB ECC memory, 6 GbE
Versa-100 / 110
interfaces, integrated Quick Assist, TPM, 64 GB SSD w/ passive or active cooling options, external PS, and
with wireless interface options
1RU appliance with Intel Atom 2-Core / 4- Core / 8-Core CPU, 4GB / 8GB / 16 GB ECC memory, 6 GbE
Versa-500 / 510 / 520
interfaces, integrated Quick Assist, TPM, 64 GB SSD w/ active cooling, internal PS, with wireless interface
options and modularity
1RU network appliance with single Intel Xeon®-D CPU with 6 / 8 CPU cores, 32 GB / 64 GB ECC DRAM,
Versa-800 / 810
128 GB / 256 GB SSD, w/10GE SFP+ interfaces at base, modular NIC slots or fixed form factor with built-in
Ethernet switch, TPM, optional Encryption Acceleration cards, resilient fans, redundant PSU
1RU network appliance with single Intel Xeon® CPU with 14 cores, 64 GB ECC DRAM, 10GE SFP+ interfaces
at base, modular NIC slots or fixed form factor options, TPM, optional Encryption Acceleration cards,
redundant cooling and PSU
Versa-2000 / 2100
Interfaces supported
2RU network appliance with dual Intel Xeon® CPUs with 8 / 14 cores each, 128 GB ECC DRAM, 4 or 8 NIC
slots, 512 GB SSD, TPM, optional Encryption Acceleration cards, redundant cooling and PSU
Copper 10/100/1000 Ethernet and 1/10/40 GE via SFP/SFP+/QSFP modules or built-in fiber Ethernet
interface flavors
Note: Please contact Versa or Versa-approved whitebox appliance vendors to get more details of the approved
appliances and associated modules.
About Versa Networks
Founded by network industry veterans, Versa Networks is an innovative vendor of software-defined WAN (SD-WAN)
and security (SD-Security). Versa provides a unique and carrier-grade SD-WAN and SD-Security solution that is
purely software- and NFV-based, and fully multi-tenant. The solution provides a wide range of virtualized networking
and security functions that can be used to create highly scalable and high-value managed services that run on lowcost white box and x86 hardware. Versa SD-WAN and SD-Security are deployed by Tier 1 and 2 providers around the
world, as well as several large enterprises. The company is backed by premier venture investors Sequoia, Mayfield,
and Verizon Ventures.
Versa Networks, Inc., 2953 Bunker Hill Ln, Suite 210, Santa Clara, CA 95054 | +1 408.385.7660 | |
© 2016 Versa Networks, Inc. All rights reserved. Portions of Versa products are protected under Versa patents, as well as patents pending. Versa Networks and
FlexVNF are trademarks or registered trademarks of Versa Networks, Inc. All other trademarks used or mentioned herein belong to their respective owners.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF