Skip to main content

Virtual networks orchestration (VNO)

Maximize total network ROI and increase average revenue per branch through virtual networks orchestration across the WAN, SD-WAN, and datacenter.


The Nokia Virtual Networks Orchestration (VNO) solution leverages Nuage Networks delivered SD-WAN services to dynamically connect existing WAN services and new hybrid services to branches faster, and to automate setup for rapid delivery of revenue-generating virtualized cloud services to branch sites.

Nokia VNO automates the setup of SD-WAN overlay services from the datacenter to branch sites across the private cloud of the service provider, or across the public cloud, with security being enabled by using IPsec, for example. Additionally, a broad range of multi-vendor virtualized security and other value-added service (VAS) applications can be enabled through establishing network connectivity through service chains in the datacenter.

This is achieved by enterprise portal-defined and customized services that VNO automates and creates across WAN, the SD-WAN and the datacenter. The scope of automation includes enterprise-customized service chains in the datacenter, as well as the various network connectivity deployment options established all the way from the enterprise branches through the datacenter, as well as across the network equipment supporting the service.

Off-footprint and on-net branches with Nuage-controlled network endpoints, or bridged devices terminated onto a provider-side CPE virtualization application on the Nokia Virtualized Service Router (VSR) become interconnected through automation within the same enterprise private domain.

Multi-vendor VAS applications, such as virtualized firewalls, NAT, Anti-DDoS, access control, WAN optimization, load-balancing, mail-scanners, and even virtualized routing with the Nokia VSR, can be automatically chained into the enterprise private domain through VNO.

With VNO, network providers gain end-to-end network orchestration and the automation needed for the rapid deployment of dynamic enterprise services. What’s more, they get DevOps agility, allowing incremental use cases to be added or updated efficiently with the quickest time to market. Simplicity and flexibility are also assured.

VNO enhances Nuage Virtualized Network Services and Virtualized Cloud Services

Nuage Networks Virtualized Network Services (VNS) is an SD-WAN solution that automates branch site connectivity to help service providers and enterprises reduce operational overhead and launch new services faster.

The Nokia VNO provides further abstraction to third-party, northbound systems integrating with VNS. This significantly reduces API calls, simplifying integration for faster deployment times. The abstraction provided by VNO also enables simplifed customer portal development by separating business-related parameters from the details of network connectivity implementation in the WAN or at the branch. This shields end users from network complexity, improving their user experience and ability to buy services more easily.

The Nuage VNS customer portal, which provides self-service management of customer VPNs and branch offices, is also enhanced by the Nokia VNO solution. In addition, the VNO solution allows further customization during portal development to enable the inclusion of value-added services (VAS) from the datacenter with VPN self-service workflows. The customer portal can act as the starting point for Nokia VNO automation.

Provisioning, configuration, and optimization of the network and security policies is completely automated through the VNS SD-WAN controller.

The Nuage Networks 7850 Network Services Gateway (NSG)  (Product page no longer exists) is the managed network endpoint at the remote WAN site. When the customer bootstraps the NSG at the branch site, the Nokia VNO is triggered into action to orchestrate and automate through integration with VNS and Nuage Networks Virtualized Cloud Services (VCS) (Product page no longer exists).

The VCS solution is the datacenter and cloud networking framework of the Nuage Networks Virtualized Services Platform (VSP).

The Nokia VNO solution adds value to deployments where VCS is used in conjunction with VNS. The VNO delivers further automation that reduces manual setup or the need for development of further automation in northbound systems. It fully automates the configuration needed for network connectivity between the datacenter and wide area network (WAN).


Virtual Networks Orchestration

Example of VNO automation in DC-WAN service deployments

When a branch customer receives and bootstraps a Nuage NSG, the branch customer uses a portal to order new branch connectivity or to add new, value-added services. This VAS tie-in would happen, for example, if anti-DDoS and a firewall were required as part of the service chain to allow for internet break-out out from the private enterprise.

Upon confirmation in the portal, the portal then asks the VNO through its northbound interface to instantiate the service. At this point, the VNO automatically triggers the Nuage VSP to instantiate the network for the VAS applications in the datacenter that the customer has ordered.

Next, the VNO instructs the application management software in the datacenter to install each VAS, then further connects each VAS with the required DC network connection points to create the service chain. The VNO then establishes or updates the branch network connectivity required for each applicable site. This branch connectivity is through the Nuage VNS or, alternatively, through a provider-side CPE virtualization application on the VSR or 7750 SR for bridged devices not under Nuage control. From there, the VNO can update customer service entitlements through the northbound service operations systems integration.

Similarly, branch-to-branch connectivity, hub-and-spoke, as well as Public Cloud Service Provider break-out can be automated. Moreover, other connectivity services can be imagined, given that multiple combinations of virtual applications can be chained-in. This also includes Nokia VSR applications such as secure IPsec VPN gatewayNetwork Address Translation (NAT), and Application Assurance (AA). (See Figure 1 for illustration of this example).

Benefits and features

Achieve faster ROI through an orchestration solution deployed at significantly lower time and cost than comparable solutions.

Improve the end-customer experience with a focus on business needs that hides network complexity.

Enable light-weight professional services, DIY, and outsourced development options.

Avoid vendor lock-in and costly on-going professional services engagements.

Pre-designed workflows and templates enable rapid deployment with best-practices, expert quality.

Enterprise network service-level abstraction allows the automation of the life cycle management of branches and enterprises independently.

Toolkit enables simplicity of implementation.

Open architecture for third-party northbound operations, ETSI MANO components, and VAS software integration.

Technical specifications

VNO development toolkit

  • Enables communication service providers (CSPs) to avoid vendor lock-in and costly on-going professional services engagements through an open framework
  • Allows for flexibility of choice between Nokia ION VNO developer services and/or outsourced or DIY network service design and development models, (whichever is deemed best to achieve goals for most speed or least cost when augmenting or deploying new use cases for service offerings)
  • Delivers best-practices, expert quality deployment at significantly lower time and cost than comparable solutions using a comprehensive toolkit
  • Provides reference templates and examples for use cases, such as for SD-WAN-based dynamic enterprise services.

Open VNO framework

  • Provides the flexibility and openness to fit common NFV/SDN architectures
  • Enables leveraging of open-source and thirdparty ETSI MANO components and VAS software
  • Can be integrated with third-party northbound fulfillment, ordering, assurance, orchestration, billing and operations solutions and portals

Supported third-party VAS software

  • Access control: Positive Technologies
  • Anti-DDoS: Arbor Networks
  • Firewall: Fortinet, Palo Alto Networks
  • Mail-scanner: Fortinet
  • WAN optimization: Riverbed, SilverPeak

VNO components

VNO base license (includes ETSI MANO NFVO/ CloudBand Network Director (CBND) 17.5 license)

Custom developed base components (based on VNO base framework):

  • VNS portal (customer portal)
  • Network Service Descriptors (NSDs)
  • REST API (northbound integration)


  • Nuage Networks VNS and VCS 4.0 R8 or 5.0
  • Virtualized Service Router (VSR) 15.0
  • NSP 17.3


  • OpenStack Liberty
  • CBIS (via CBAM 17.5)
  • Nuage Networks VSD 5.0
  • VMware VCD/NSX (custom)

Ready to talk?