[go: up one dir, main page]
action.skip
Megaport Documentation
Overview
Copy for LLM ▼
Copy Page Content Open in ChatGPT Open in Claude Open in VS Code View Markdown
PDF

MVE Overview

MVE is a globally distributed virtual network service designed to simplify and enhance network connectivity.

By integrating Network Function Virtualization (NFV)Network Function Virtualization (NFV) is a network architecture approach that virtualizes network service such as firewalls, routers, load balancers, and VPNs, which are traditionally run on proprietary hardware. These services are deployed as software-based functions on standard, commodity hardware, allowing for greater flexibility, scalability, and cost efficiency.
 with Megaport’s private software-defined network (SDN), MVE enables virtual network functions including next-generation firewall (NGFW), software-defined wide area network (SD-WAN) gateways, and virtual router via a single and intuitive platform. Megaport MVE supports a number of leading Secure Access Service Edge (SASE)Secure Access Service Edge (SASE) is a security framework combining security and network connectivity technologies into a single cloud-delivered platform to enable secure and fast cloud transformation.
 vendors.

Key benefits of MVE are:

  • Dynamic network extension – Enables flexible and on-demand expansion of network infrastructure.
  • Scalable connectivity – Supports varying and growing traffic demands across different locations.
  • Secure connections – Delivers reliable and protected communication between branches, data centers, and clouds.
  • Hardware reduction – Eliminates the need for physical network hardware and simplifies deployment and management.

MVE Overview - Choice of Overlay

For more information, see Megaport Virtual Edge.

MVE is integrated with these providers:

Virtual Firewall as a Service (FWaaS) with MVE

MVE Firewall as a service (FWaas)Firewall as a Service (FWaaS) is a cloud-based network security solution that delivers firewall capabilities as a virtual service. Unlike traditional firewalls that rely on physical hardware or software installed on-premises, FWaaS shifts the firewall functionality to the cloud, managed by a third-party service provider.
 is a cloud-based security solution that delivers firewall capabilities as a service. You can deploy NGFW using Fortinet, Palo Alto, and Cisco.

MVE FWaaS

Key benefits of MVE FWaaS:

  • Dynamic deployment – Firewalls can be deployed flexibly and strategically.
  • Consistent security – A uniform, distributed security posture across all locations.
  • Secure connectivity – Fast and secure data flow between clouds, branches, and remote sites.
  • Hardware reduction – Eliminates the need for physical firewall appliances.
  • Simplified management – Streamlines firewall, network, and internet management.
  • Flexible licensing – Supports Bring Your Own License (BYOL) for firewalls.
  • Advanced security features – Includes intrusion prevention, deep packet inspection, and secure web filtering.

MVE SDWAN - FWaaS

Use cases of FWaaS with MVE

Cloud and hybrid security:

  • Centralizing firewalls – Centralized firewalls protect multicloud traffic.
  • Reducing license costs – License reduction via centralized cloud firewalls.
  • Optimizing multicloud security – Focus multicloud interconnection security instead of securing each cloud in isolation.

MVE FW Cloud to Cloud

Branch office and remote workforce protection:

  • Secure remote access – Protect traffic originating from remote users and branch offices.
  • Decentralized security – Shift away from on-premises physical firewalls.
  • Improve scalability and flexibility – Distributed firewalls offer scalability and flexibility in managing security across geographically dispersed locations.
  • Hardware reduction – Eliminate the need for physical firewall appliances.

MVE FW Cloud to Cloud

Compliance and data protection:

  • Centralized firewall management – A single point of control for managing firewalls.
  • Consistent global policies – Enforce uniform security policies across all locations.
  • Strategic control point – Position the firewall management system between data centers (DCs), Cloud Service Providers (CSPs), and the internet.

MVE FW to DC

SD-WAN gateways with MVE

MVE enables quick deployment of SD-WAN and other network services without physical hardware. MVE deploys virtual network functions at the edge of the Megaport network, enhancing the speed and security of network traffic to cloud and branch locations.

SD-WAN centralizes and simplifies WAN management by virtualizing networks, allowing for flexible transport, automated routing, and real-time performance monitoring.

Megaport SDN is a global private on-demand network. MVE integrates with Megaport Internet to allow SD-WAN appliances to connect to the Megaport SDN via the internet.

Reliance on the internet is minimized to a few hops. Megaport SDN acts as a bridge to Megaport’s private network and ensures low latency.

In the diagram below, once traffic enters the Megaport SDN through an MVE, it remains within Megaport’s secure and private infrastructure, which optimizes network reliability.

MVE SDWAN Gateways

Key benefits of MVE SD-WAN:

  • Global, flexible connectivity – Global, flexible connectivity without private circuits.

  • Optimized SD-WAN termination – Localized traffic via metro MVE edge points. Connect via Cross Connects, DCs, or the internet.

  • Direct cloud and SaaS access – Direct access to clouds, SaaSSoftware as a Service (SaaS) is a form of cloud computing in which the provider offers the use of application software to a client and manages all the physical and software resources used by the application. SaaS is sometimes referred to as “on-demand software” and is usually priced on a pay-per-use basis or using a subscription fee.
    , data centers, and the Megaport Marketplace.

  • Flexible, pay-as-you-go pricing – Simplified pay-as-you-go cost management including IP address usage, internet access, and a connection to the internet that terminates the tunnel between the MVE and customer-provided equipment at the branch.

  • Enhanced security with SASE – NFV with leading SD-WAN partners for SASE.

  • Fast Portal provisioning – Rapid deployment using the Megaport Portal.

Virtual router with MVE

MVE integrates virtual router capabilities from leading vendors such as Cisco, Fortinet, and 6WIND. It allows you to deploy and manage virtual network functions (VNFs) on demand, offering flexibility and control over network routing, security, and optimization.

MVE Virtual router

Unlike the Megaport Cloud Router (MCR), MVE offers vendor-specific CLI access and advanced features, including VPN, QoS, firewall, NAT, and SD-WAN, enabling consistent functionality across both virtual and physical platforms.

Key benefits of MVE virtual router:

  • Multivendor support – Deploy virtual routers from Cisco, Fortinet, 6WIND, and other providers with their software feature sets.

  • On-demand provisioning – Scale quick virtual network functions in global Megaport locations.

  • Enhanced control – CLI access for direct configuration and advanced routing options beyond what MCR offers.

  • Edge connectivity – Seamless integration with SD-WAN, public clouds, and private networks for optimized traffic flow.

  • Security and performance – Leverage vendor-specific security policies, QoS, and traffic management.

Juniper Session Smart Router (SSR) with MVE

Juniper SSR on MVE transforms SD-WAN deployment by eliminating the complexity of traditional tunnel-based overlays. Using Secure Vector Routing (SVR), Juniper SSR creates dynamic, session-aware, and highly secure connections that simplify network management while improving application performance and security across branch offices, remote sites, and multicloud environments.

The SSR deploys Juniper’s advanced, software-defined routing platform on MVE as a virtual router and SD-WAN gateway, managed through the Juniper Mist platform. By removing the need for VPN tunnels entirely, Juniper SSR reduces operational burden while delivering enhanced security and application performance across Megaport’s global private network.

Key benefits of Juniper SSR on MVE:

  • Secure Vector Routing (SVR) – Eliminates VPN tunnel complexity, replacing traditional overlays with session-aware routing, which reduces operational overhead and improves network reliability.

  • Session-aware routing – Routes traffic based on application sessions rather than network topology, providing dynamic path selection and optimized performance.

  • Application-centric approach – Simplifies network configuration by aligning routing policies with application requirements instead of complex network constructs.

  • Enhanced security – Delivers authenticated, session-based security without the overhead and vulnerabilities of traditional VPN tunnels.

  • Juniper Mist cloud management – Centralized management, automation, and analytics through the Juniper Mist platform for streamlined operations across distributed locations.

  • Seamless multicloud connectivity – Extends consistent policies and secure connectivity across branch offices, remote sites, and cloud environments over Megaport’s private SDN.

Helpful references