Flexible Deployment and Consumption Model

We address one of the key challenges of enterprises by providing flexible deployment and consumption model for enterprises by ruling out the trend of “One Size Fits All”

As we understand that each market segment varies and needs are unique and different in terms of nature of users, the applications that they access at different market segments and even the bandwidth needs are different. Each one of these is a cost center for the enterprise, and the cost points with respect to enterprise Connectivity to each of these locations is different.

As a true software defined network platform, there is a clear separation not just in the control plane and data plane elements but there is a clear separation of the software and associated hardware systems as well which can provide the flexibility to the enterprises in terms of choosing the hardware and software based on the requirements, be it network usage or capacity.

All our hardware variants are primarily COTS appliances, and the true intelligence is in the software. Each of these variants can be physical or virtual or cloud form factor.

With respective platform diversity in terms of catering to different types of enterprise locations, we extend the same concept all the way to the software that runs on the edge platforms as well with 4 variants (Micro, Lite, Turbo and Dynamo) based on the network usage.

Our Control plane elements like CloudStation & CloudStation Insights can be deployed as a


Physical Appliance


Virtual Appliance in
the Data Center


Virtual Appliance in the Public Cloud like (AWS, Azure and Google Cloud, etc.)

The best part in terms of the Control plane deployment is that, it can even be rendered as a service with a multi tenancy in built or as single tenant. All our Data plane & Control Plane is open to integrate with the existing systems – both in case of enterprise as well as service provider deployments like integration with specific NOC and SOC applications like SolarWinds, HP OpenView or even service chaining in the Branches with the SASE vendors.

The whole system is delivered as a software based architecture. The edge software is flexible and independent of the hardware architecture. This means that one does not end up with a solution that cannot fit multiple types of locations within a customer environment. This is not a once size fits all kind of a solution and the hardware can change from one architecture to another to deliver the optimum price performance for a type of location with in a large environment

ScaleAOn is Fit for Purpose SD-WAN solution.

Network as a Service

Along with our Key ScaleAOn -SD-WAN solution we do have one more business vertical which addresses and supports the service provider or Telco Space we named it as Network Connect Service . Networking is offered as a Subscription service which degenerates into financial lease.

We offer this service typically to the service providers and the large enterprises where we address the network uptime, reachability, performance and the security .

Services included in NaaS are

Proactive monitoring of the Wan links terminated to Lavelle SD-EDGE appliance
Configuration and change management
Performance management & custom reporting of the entire network
Helpdesk & fault management 24/7

Appliance in your Data Center

CloudPort Gateway is the Gateway Appliance that is deployed at enterprise data center, in the disaster recovery data center, in the public cloud like AWS, Azure or Google Cloud as the VPC or virtual network default gateway.

These Cloudport Gateway can be a pure physical appliance flavour that is a server class rack mountable appliance or typically a XEON class server with appropriate network interfaces and interface density that is deployed in the DMZ.

It could also be a virtual machine – KVM based, Hyper-V or ESXi based VM that is deployed in a virtualized data center DMZ or as a pure play native cloud format – in AWS, Azure or Google Cloud replacing the default gateway of the VPC or VNET.

The Cloudport Gateways support service chaining with any third party virtual or physical appliance for specific advanced security features with SASE vendors. The firewall in this case is the data center perimeter firewall that can run as a virtual machine on the same appliance and service chains internally on the CloudPort.

At the LAN side, the CloudPort Gateway can peer with an existing router or the core firewall of the data center, depending on the data center architecture. In the public cloud, this virtual appliance becomes the default gateway, and terminates the inbound and outbound traffic to and from the VPC or the virtual network.

Multi-Tenancy Support in CloudStation

CloudStation: Single “MANO” Window-Management, Automation, Networking and Orchestration

Manage and Orchestrate the WAN and the Services using a single window it can even be rendered as a service
with a multi tenancy in built or as single tenant.

Single interface (GUI + REST APIs) to manage, monitor, provision, and orchestrate the application optimized network We support RBAC with
three primary roles to operate or manage or maintain the Cloudstation

Administrator role or user in which the service provider has access and manages and monitors the network and all the CloudPorts in the network. Operator role SaaS provider has access to all the CloudPorts in the SD WAN network responsible to monitor the CloudPorts and also have access to apply policies and rules across the CloudPorts.

User role SaaS consumer administrator at the remote site, can be the partner responsible to monitor the CloudPorts at all the specific customer locations. This user does not perform any active management, can view the CloudPort performance and raise trouble tickets if the service does not meet the agreed SLA.

Intelligent Policy and Application based Traffic routing

In order to bring and offer value added services to end users and applications, we believe that intelligence needs to be migrated away from the edges and into the network in a controlled and traceable manner.

Our approach is to have a policy based management mechanism within the network fabric allowing our CloudPorts to reason over the content and make intelligent decisions regarding the handling of data packets. By deploying our proposed architecture, a network need no longer be viewed as a simple data transport medium but rather as a policy-controlled intelligent packet/stream processor that can offer specialized handling based on application needs.

Our ScaleAOn Solution is purely intent driven policies framework, powered by a completely software based, function oriented data plane.

In ScaleAOn we have an extremely powerful construct called Network Group. Network Group is the fundamental block that provides network segmentation in ScaleAOn architecture, more like VRFs. It’s basically a container of subnets which are allowed to talk to each other.

However, unlike traditional VRFs, Network-Groups are way more powerful in the sense that one can hookup policies, services etc. at a Network-Group Level itself. Once a policy is set at a Network-Group level, all branch devices that are part of the same Network -Group will get the policies. So, on the Lavelle SD-WAN platform, the IT admin will simply go to the Network-Group webpage and will set up a global policy indicating their intent of Internet Breakout. All the branch devices come to know about the policy changes via API communication with the Controller.

ScaleAOn's data plane is also is fully intent aware and functionally capable of interpreting the intent and doing the right thing. The data plane drives this power of consuming intents rather than fixed policies from the fact that the entire data plane has been architected using flexible series of near axiomatic functional blocks. Each functional block derives its own role that should be played, from the overall intent to achieve the final goal. These data plane functions empower Policy control on the Lavelle ScaleAOn platform to become simpler and more intent driven.

Local Internet Breakout for specific SaaS Applications

Local Internet Breakout or DIA is one of the key elements of any SD-WAN solution . Our ScaleAOn solution is evolved to support cloud apps which are distributed across multiple clouds.

We are able to provide better user experience with our QoS with application prioritization and optimal path based on real time WAN QoS metrics . Seamless branch to cloud connectivity having virtual CloudPort support in all the Public clouds.

ScaleAOn SD-WAN allows customers to configure a local internet breakout rather than have a single exit point from the overlay network to the Internet. In the Cloudstation policy framework we can apply or configure a local Internet exit from branch CloudPort . The data-policy is configured from the CloudStation so local Internet exit is managed centrally.

Application based Routing

Applications can be broadly classified in three categories


Private inhouse applications
(Enterprise Applications)


SaaS based Applications
(Office 365, Salesforce, G Suite etc.)


Internet based

Our system has built in intelligence to treat each of them differently, we route the traffic intended for private applications to Data center, while SaaS based applications leverage SaaS breakout directly from branch and finally the internet category can leverage local internet breakout from branch office. This approach helps in saving the MPLS bandwidth and better user experience for the end users.

Abstracting VPN complexity and achieving Network
segmentation using Network Groups

In ScaleAOn we have an extremely powerful construct called Network Group. Network Group is the fundamental block that provides network segmentation in ScaleAOn architecture, more like VRFs. It’s basically a container of subnets that are allowed to talk to each other.

Network Group makes the network planning and expansion is an easy task for IT team Fast and Swift deployment without complex planning to enable business quickly – Customer needs to define the policies (VPN parameters, QoS policies, ACL policies, rate limiter etc.) initially once during the planning phase. Any future additions of Edge locations or changes in WAN connectivity of existing locations does not require even a single change or configuration of Network, VPN, Policies or Tunnels.

Tunnel or Path knowledge is not required – Once Network Group is defined at UI level, all Paths/Tunnels within the network are created automatically without any manual configurations at interface or device level. User does not need to be aware of underlying transport or tunnels complexity

So, on the Lavelle SD-WAN platform, the IT admin will simply go to the Network-Group webpage and will set up a global policy indicating their intent of Internet Breakout. All the branch device come to know about the policy changes via API communication with the Controller

User to Cloud Path Visibility

In ScaleAOn, we consider the health of overlay and underlay paths equally important. An automatic map-out of the visualization of underlay and overlay traffic insights makes ScaleAOn’s a unique SD-WAN solution. ScaleAOn Dashboard provides visibility into the path's health distribution, site connectivity, link utilization along with the flow level visibility per user per endpoint.

ScaleAOn ensures user to application end to end insights. Irrespective of the nature of applications. 69% of SD-WAN users say cloud connectivity undermines their network confidence. We provide an Optimized path between your branch user and cloud applications and help boost the confidence to adopt cloud.

Enterprises which have a phased plan of the rollout of SD-WAN can leverage ScaleAOn analytics and visibility with the transition from tradition and adoption of WAN to SD-WAN throughout the SD-WAN lifecycle.



Case Study Godrej

Download the case study to find out how Godrej transformed their network using Lavelle Networks SD-WAN solution across multiple branches.


Datasheet ScaleAOn SD-WAN 11.0

ScaleAOn SD-WAN is the next generation SD-WAN platform and the most comprehensive portfolio for transforming your enterprise network



Unfold Lavelle Networks revolutionary flagship technology - ScaleAOn - Cloud controlled SD-WAN that simplifies the complex art of creating scalable VPNs.