- Description -

SD-Edge allows IT departments at all customer verticals within KA, Large and SME to eliminate the need for multiple network hardware and software, ensure faster deployment of network edge components, and simplify central management of multiple functions and vendors, through a cloud-based centralized platform in STCs data center, an on-premise device, as well as multiple network edge services (VNFs) to add on-demand, so they can cut costs and reduce complexity.


  • SD-E offers Routing, Firewall, Load Balancing, and Wan Optimizing now.
  • Enabling network functions to be added and changed on-demand.
  • Functions to be added and changed on-demand.
  • Pay as you grow.
  • On-demand service.
  • Shared resources.
  • Flexible deployment options.
  • Move functionality between hardware platforms.

Service Benefits:

  • Faster time to deploy new network functionality.
  • Cost and complexity refined - low cost with pay as you grow system.
  • Instant activation on STC marketplace.
  • Large library of 3rd party VNF`s.
  • Improve agility and flexibility.
  • Provide customers with flexible deployment options.
  • Increase availability and scalability.

Terms and Condition

  • It is the Customer's responsibility to keep always a backup of the configuration.
  • For RB Wan Optimizer minimum agreement period is one year.
  • For F5 Load Balancer minimum agreement period is 6months.
  • Customer should read and agree on Cisco Terms-attached.
  • Contract period based on VEP size :
  • Small Vep 6months contract.
  • Med Vep 12months contract.
  • Big Vep 18months contract.

For more information, use our estimation tool with the following link:

SD-Edge Estimator

AVAILABILITY: 99.9% Uptime Guarantee

- Products -


On-prem Virtual Router

FlavorvCPURAMStoragePrice ( Inclusive of VAT )
CSR-10M-AX-M2148SAR 521.8125/Month
CSR-10M-SEC-M2148SAR 474.375/Month
CSR-10M-IPB-M2148SAR 236.9/Month
CSR-50M-AX-M2148SAR 759.0/Month
CSR-50M-SEC-M2148SAR 664.125/Month
CSR-50M-IPB-M2148SAR 379.5/Month
CSR-100M-AX-M2148SAR 1280.8125/Month
CSR-100M-SEC-M2148SAR 1138.5/Month
CSR-100M-IPB-M2148SAR 759.0/Month
CSR-250M-AX-M2148SAR 2277.0/Month
CSR-250M-SEC-M2148SAR 1992.375/Month
CSR-250M-IPB-M2148SAR 1233.95/Month
CSR-500M-AX-M2148SAR 3889.875/Month
CSR-500M-SEC-M2148SAR 3320.625/Month
CSR-500M-IPB-M2148SAR 2277.0/Month
CSR-1G-AX-M2248SAR 4743.75/Month
CSR-1G-SEC-M2148SAR 4269.375/Month
CSR-1G-IPB-M2148SAR 3083.15/Month
CSR-2.5G-AX-M2448SAR 5218.125/Month
CSR-2.5G-SEC-M2148SAR 4743.75/Month
CSR-2.5G-IPB-M2148SAR 3321.2/Month
CSR-5G-AX-M2848SAR 8775.9375/Month
CSR-5G-SEC-M2248SAR 8254.125/Month
CSR-5G-IPB-M2148SAR 4080.2/Month
CSR-10G-IPB-M2248SAR 5123.25/Month

On-prem virtual firewall

FlavorvCPURAMStoragePrice ( Inclusive of VAT )
PAN-VM-50-SP-PREM-BND1-MU24.560SAR 412.85/Month
PAN-VM-50-SP-PREM-BND2-MU24.560SAR 618.7/Month
PAN-VM-100-SP-PREM-BND1-MU26.560SAR 1060.3/Month
PAN-VM-100-SP-PREM-BND2-MU26.560SAR 1590.45/Month
PAN-VM-200-SP-PREM-BND1-MU4960SAR 1590.45/Month
PAN-VM-200-SP-PREM-BND2-MU4960SAR 2386.25/Month
PAN-VM-300-SP-PREM-BND1-MU4960SAR 2121.75/Month
PAN-VM-300-SP-PREM-BND2-MU4960SAR 3182.05/Month
PAN-VM-500-SP-PREM-BND1-MU81660SAR 6009.9/Month
PAN-VM-500-SP-PREM-BND2-MU81660SAR 9014.85/Month
PAN-VM-700-SP-PREM-BND1-MU165660SAR 12845.5/Month
PAN-VM-700-SP-PREM-BND2-MU165660SAR 19267.1/Month
Cisco NGFWV-100M-BASE-M2960SAR 1043.625/Month
Cisco NGFWV-100M-T-M2960SAR 2561.625/Month
Cisco NGFWV-100M-TC-M2960SAR 3073.95/Month
Cisco NGFWV-100M-TM-M2960SAR 4354.7625/Month
Cisco NGFWV-100M-TMC-M2960SAR 5123.25/Month
Cisco NGFWV-500M-BASE-M81660SAR 1992.375/Month
Cisco NGFWV-500M-T-M81660SAR 7590.0/Month
Cisco NGFWV-500M-TC-M81660SAR 9108.0/Month
Cisco NGFWV-500M-TM-M81660SAR 12903.0/Month
Cisco NGFWV-500M-TMC-M81660SAR 15180.0/Month
Cisco NGFWV-1G-BASE-M165660SAR 3605.25/Month
Cisco NGFWV-1G-T-M165660SAR 9392.625/Month
Load Balancer

Load Balancer

FlavorvCPURAMStoragePrice ( Inclusive of VAT )
F5-BIG-LTM-VE-25MV182410SAR 787.75/Month
F5-BIG-LTM-VE200MV182410SAR 1583.55/Month
F5-BIG-LTM-VE-1G-V184810SAR 4217.05/Month
F5-BIG-LTM-VE-3G-V184810SAR 4742.6/Month
F5-BIG-LTM-VE-5G-V184810SAR 5799.45/Month
WAN Optimizer

On-prem virtual WAN Optimizer

FlavorvCPURAMStoragePrice ( Inclusive of VAT )
Riverbed VCX-SUB-0302420SAR 3344.2/Month
Riverbed VCX-SUB-0404420SAR 4602.3/Month
Riverbed VCX-SUB-0504820SAR 6903.45/Month
Riverbed VCX-SUB-604820SAR 10111.95/Month
Riverbed VCX-SUB-7062420SAR 21760.3/Month

SD-Edge License

SD-Edge License

SD-Edge License ( Price is inclusive of VAT )

SAR  1782.5/Month

Installation Fee

Installation Fee

SD-Edge Setup ( Price is inclusive of VAT )

SAR  3565.0/One Time

Answer your business needs and
be ready in seconds.

- How it works -

  • Register

    Register your organization with STC Cloud Cloud Marketplace

  • Add administator

    Add designated system administator

- Service Screenshots -

- Supporting Documents -

cisco_end_user_license_agreementEnglish307.8 KBDownload
cloud termsEnglish119.8 KBDownload
Software_Subscription_SupportEnglish69.8 KBDownload

- Video Guide -

- FAQ's -

Q: What sort of fault information is provided by Ensemble Virtualization Director( CE Platform)?
A: Ensemble Virtualization Director provides a framework to collect faults and alarms from all Ensemble components. Fault information includes: • Dynamic current alarm count display • Current alarm summary table • Powerful alarm filtering/search • Event browser maintains complete history of raise/clear events • Correlation between raise/clear events • Alarm acknowledgment, latching alarms and commenting function • Log browser • Connector Inventory view showing status and configuration details of each instance • Connector status page • Service topology • Northbound API and reporting
Q: What is ZTP and why is it so important.
A: Zero touch provisioning (ZTP) is a set of tools and procedures that enable the automating deployment of remote Ensemble Connector instances across a network with minimal or no user intervention. With ZTP you can: • Apply a completely user-defined static configuration to all MaestrOS components. • Obtain an initial IP address over a defined infrastructure using DHCP. • Use the port query feature to identify available access network options when external cabling or connectivity is unknown. • Access an authentication scheme that uses two-factor authentication and X.509 certificates with a remote authentication server. Exchange of critical customer provisioning data occurs only after a valid certificate is presented to both the authentication server and Ensemble Connector. • Download customer specific day-1 CPE configuration with end-customer, site specific provisioning. • Instantiate 3rd party VNFs or containers and setup target service chains. • When applicable, integrate with external VNF managers to automatically provision dy-1 configuration of VNFs. • Customize the commissioning utility to provide the initial configuration, scripts, and processes. • Invoke your own user-supplied scripts for more customized operations. With Ensemble ZTP, an entire branch site can be deployed (“power to packets”) with little or zero interaction required from either the end customer or a service technician.
Q: How does Ensemble( Cloud Edge Platform) address security requirements for uCPE?
A: Ensemble provides a systematic approach to VNF security by addressing security at multiple levels as shown in the figure. Physical and Network Layer Security • Support virtual networking including E-LAN, E-Tree and multiple secure VRFs: • Separation between tenants is ensured by VLAN isolation • Each VRF is a unique and isolated forwarding entity that uses independent route and ARP tables for isolation • Management network secured by interfacing into standard security gateways using IKE • Management firewall protection allowing firewall profiles to be assigned to all types of physical/logical interfaces • Prevents unwanted VNF data plane connectivity into the carrier management network Virtualization Layer Security • Safeguard against VM escape – protecting one VM from another • Prevention of rogue management system connectivity to hypervisor • Support for VNF attestation via checksum validation to confirm running VNF matches stored image Management Layer Security • Use of HTTPS on APIs and UIs • Support for role-based access across multiple privilege levels controls access to available commands • Root operating system login blocked on Ethernet and serial ports • SSH key-based login options to eliminate password exposure • RADIUS & TACACS+ authentication options Application/Solution Layer Security • Use of two-factor authentication at customer sites • Encryption of management and user tunnels • Encryption of locally stored passwords
Q: What are Golden Images and why are they important?
A: A golden image provides a standard Ensemble Connector ISO that includes enough customer specific configuration information to enable the automated zero touch deployment process. Golden images contain the following key items: • Ensemble Connector software • Embedded Linux OS • Management and datapath applications • OpenStack Containers (if leveraging an OpenStack cloud model) • Customer specific configuration files • Hardware profiles – defines detailed configuration of hardware vendors and models that the operator intends to deploy • Day-0 configuration – defines the pre-deployment configuration parameters • Partition policies – based on specific hardware profiles and • deployment use cases, this will define how the storage resources are configured • Branded splash screen – the splash screen is used during the ZTP process to provide feedback to the end user regarding the status of system initialization • Custom ZTP URL – defines how to access service provider specific management domain • VNFs and RPMs – allows for pre-staging of VNF images as well as ability to execute custom applications or scripts after ZTP is complete Customers must engage ADVA professional services for the creation of Ensemble Connector golden images. Note, typically a customer will only require a single golden image for their network, although there are certain scenarios where more than one golden image will be required.
Q: Are we involved in Day to Day operations in customer site?
A: NO. We will assure platform availability, and the Customer will do day to day operations.
Q: What are the benefits of the Ensemble management and orchestration products (Cloud Edge Components)?
A: Ensemble Orchestrator and Ensemble Virtualization Director provide a perfect option for customers looking for a packaged end-to-end VNF solution. The Ensemble MANO products offer numerous benefits, including: • Zero touch provisioning (ZTP) automation platform • Versatile enough to handle single cloud, multi-cloud automated VNF service turn up • Supports integration with third party orchestration systems • Supports easy integration with VNF managers for building VNF Day-0 config • VNF Service Designer UI • Build VNF service and configure VNF service-chaining • Rich set of VNF onboarding options • Correlation of faults • Built-in troubleshooting tools and service visualization
Q: Is IT/network convergence realistic?
A: IT/network convergence is realistic; it is happening now, and VNF is the path. VNF was invented by service providers to bring the benefits of the cloud to the telco network. VNF is often characterized as being about replacing appliances with software running on COTS servers, but it is much more than that. Here’s what operators are doing to fully realize the benefits of the cloud: • They are moving from single-vendor solutions (whether appliances or single-vendor applications running bare metal) to multi-vendor systems. • They are moving from static configurations to dynamically orchestrated virtual network functions (VNFs) on standard NFV infrastructure, i.e. COTS server, Linux, KVM, OpenStack, Docker, etc. • They are embracing new methods of working, such as agile development and DevOps. This includes partnering with both suppliers and customers to accelerate the development cycle • They are seeking to provide their customers with converged cloud/connectivity solutions. This requires virtualized networking and security solutions. • They are looking to treat the network as a platform with fungible resources so as to enable a new class of dynamic services and new technologies such as 5G and IoT. • They are looking to radically increase automation to reduce time to service and human errors, as well as to enable automatic resolution of most network failures. • The barriers and risks include: • Acquiring the necessary skills through training and/or hiring. • Changing organizations to reflect the new realities of operation, i.e. breaking down internal silos. • Building out new virtual infrastructure while maximizing the use of the existing network. • Driving new revenues quickly to justify the capital outlay. This migration is just getting underway, but operators see it as necessary to support their future strategies and more importantly, their end customers are now demanding these kinds of solutions. Embarking on this technology evolution will enable operators to move much more quickly, drive new services and cut costs. The risks are manageable given leadership and vision.
Q: Can VNF meet telco performance requirements?
A: Yes. With the aid of more efficient VNFs and optimized infrastructure like Ensemble Connector, operators can deploy virtualized systems that meet both performance and cost requirements. Today, the Ensemble Connector datapath replaces standard Open vSwitch (OVS) and delivers improved throughput, latency and jitter leveraging data acceleration technologies such as DPDK. Moving forward, we are expanding our list of supported acceleration technologies to include SR-IOV for north-south traffic through the vSwitch and PCI Passthrough. Additionally, support application level accelerators for thing such as encryption with the enablement of AES-NI and QAT.
Q: What are the benefits of VNF to the end user?
A: End users may not care about NFV, but NFV-based services to bring them benefits. Here are some examples: • VNF can provide consolidation of a stack of appliances down into one server. This saves space and power at the end user location. • Software-centric services can be deployed in real-time under user control. This gives end users control over their telecom services. • VNF allows services to be deployed on white box uCPE devices with ZTP requiring little-to-no end user intervention. This go-to-market model enables the acceleration of service activation with local sourcing/sparing of servers and/or bring-your-own-device models. E.g. – services can be activated almost immediately rather than waiting for days or weeks. • VNF facilitates moving from appliances to software, enabling new applications that were not previously possible.
Q: What is “Cloud Edge”, and why do people want to use it?
A: Cloud Edge is a term that denotes a generic and open computing platform that can be used to run a wide variety of applications – networking or otherwise. Cloud Edge is desirable for the following reasons: • It decouple hardware from software, enabling best-of-breed choices in both • it allow customers to deploy other enterprise applications in the same computing footprint as their telco services • it enable operators to ride the broader hardware innovation curve • it simplify operations in locations that have onerous import restrictions by allowing for local procurement of compatible hardware platforms
Q: Why should I move away from network appliances?
A: Network appliances typically include routers, firewalls, WAN Optimization and SD-WAN endpoints, Wi-Fi controllers, DPI devices, etc. An appliance is characterized by the tight integration between software features delivered on purpose-built hardware from a single supplier. As a result, network appliances are typically closed solutions, such that if a service provider wants to change software vendors, this requires changing out expensive network appliance hardware as well. Additionally, most network appliance vendors will not allow service provides to run “foreign applications” on the device. This type of vendor lock-in encompasses all the attributes that operators are trying to move away from with the push for cloud-centric solutions.
Q: What are NFV and SDN, and what is the difference?
A: Software-defined networking (SDN) got its start on campus networks. As researchers were experimenting with new protocols, they were frustrated by the need to change the software in the network devices each time they wanted to try a new approach. As a result, they came up with the idea to make the network device behavior programmable, allowing them to be controlled by a central element. This led to a formalization of the principle elements that define SDN today: • Separation of control and forwarding functions • Centralization of control • Ability to program the behavior of the network using well-defined interfaces • Network functions virtualization (NFV) is a means to enable telco operators to leverage the benefits of the cloud, including: • Replacing closed appliances with software running on open, commercial-off-the-shelf (COTS) servers as shown below • Reduction of CAPEX, OPEX, and power • Construction of services from interchangeable components provided by an ecosystem of hardware and software suppliers • New commercial models including usage-based and shared-risk/shared-reward • New methods of working such as agile development and DevOps

- Contact Sales -

Please don't hesitate to contact us if you would like to know more about this service.