Colt SD-WAN Netify Review

Colt is a UK-based SD WAN Managed Service Provider leveraging its own global backbone of 158 points of presence. Colt have a European Net Promoter Score of 70+ and are a visionary in Gartner's Magic Quadrant for WAN Edge Infrastructure.

Netify Review

Colt is a good choice for multinational corporations with connectivity needs centered around globally distributed locations. Their solution is strongest in Europe and Asia, and therefore businesses located in these areas requesting connectivity to public and private data centers along with cloud services are recommended. Colt have a strong partnership with Versa networks, offering a granular SD WAN solution with strong uCPE and VNF features, leveraging their global IP backbone with over 158 PoPs worldwide.

Caution is recommended to clients located outside Europe and Asia, as some of Colt’s services are not available beyond these regions. Further, Colt’s SASE offering is somewhat limited, as it comes only as a hybrid solution for remote workers - however there are a number of strong SD WAN security features available, and SASE can be provisioned from a third-party integrator or service provider.

About Colt

Colt (previously City of London Telecommunications) was founded in 1992 with its headquarters currently based in London, United Kingdom. The company offers over 900 data centers and 52 offices globally. In 2019, Colt was named a Visionary in Gartner’s Magic Quadrant for WAN Edge Infrastructure. They also offer a Net Promoter Score of 71 in Europe and 46 in Asia as of July 2021. Colt’s SD WAN offering leverages a key supplier partnership with Versa Networks. The company also offers 158+ cloud PoPs and deployed services in over 185 countries. The company was named a Strong Performer in the Forrester Wave SD WAN Services Q4 2020 and a Leader in the ISG Provider Lens, Network - Software Defined Solution and Partners, Germany 2020.

What are the Pros & Cons of Colt SD WAN & SASE Cybersecurity?

List of the pros and cons associated with Colt SD WAN and SASE security.

Colt Managed CyberSecurity

wdt_ID	wdt_created_by	wdt_created_at	wdt_last_edited_by	wdt_last_edited_at	Pros	Cons
1	hyelland	01/11/2024 04:34 PM	hyelland	01/11/2024 04:34 PM	Caters to customers of all sizes	No support for South America or parts of the Middle East
2	hyelland	01/11/2024 04:34 PM	hyelland	01/11/2024 04:34 PM	Good proactive monitoring and support	Long lead times on support cases
3	hyelland	01/11/2024 04:34 PM	hyelland	01/11/2024 04:34 PM	Extensive Pan-European service coverage
					Pros	Cons

Comparison: Colt vs BT vs Verizon SD WAN & security

Consider the points below to compare Colt vs BT vs Verizon SD WAN and SASE security.

Colt vs BT vs Verizon Comparison

wdt_ID	wdt_created_by	wdt_created_at	wdt_last_edited_by	wdt_last_edited_at	Colt	BT	Verizon
1	hyelland	05/11/2024 11:08 AM	hyelland	05/11/2024 11:08 AM	Good choice for multinational corporations with connectivity needs centered around globally distributed locations.	BT is a suitable choice for Small Medium Enterprises (SMEs) and larger companies based in the UK. However, their global services are typically more suited to large multinational corporations.	Verizon is a good choice for mid-market multinational enterprises with a number of locations worldwide. However, they are also suitable for companies with no pre-existing architecture.
2	hyelland	05/11/2024 11:08 AM	hyelland	05/11/2024 11:08 AM	Global IP backbone with over 158 Points of Presence (PoPs) worldwide.	BT operates a global backbone with Points of Presence (PoPs) situated in 198 countries worldwide.	Verizon operates a Tier-1 global IP backbone with support for direct Ethernet connectivity worldwide.
3	hyelland	05/11/2024 11:08 AM	hyelland	05/11/2024 11:08 AM	Strong partnership with Versa Networks, offering a granular SD WAN solution with strong uCPE (Universal Customer Premises Equipment) and VNF (Virtual Network Function) features.	Strong fully managed SD WAN offering based on a number of vendors, with managed security services.	Verizon offers fully managed SD WAN, SASE, and security services, supported by Network and Security Operations Centers (NOC and SOC).
					Colt	BT	Verizon

What is the Colt SD WAN Solution?

Colt’s SD WAN as a service solution is based on Versa Networks with 10 network-based SD WAN gateways (to learn more about Versa Networks, see our review here), and leverages the Colt IQ network, a global IP backbone with Colt-owned infrastructure in 32 countries, spanning 4 continents with over 158 PoPs worldwide. The service is NFV-based with fully automated setup and configuration, combining SD WAN with open and scalable hardware. The service is available with zero-touch provisioning and supports VoIP, SIP trunking and IPv6 (Internet protocol version 6).

Configuration-Based Key Features:

Access Connection Types: Colt offers clients multiple access connection types which customers can combine. These include internet, MPLS and 3G/4G LTE.
Colt On Demand: This allows clients to connect to remote locations situated away from Colt’s fibernetwork using third-party access. This is an NOD service for internet, Ethernet and MPLS services, including cloud connectivity.
Wholesale: Colt offer wholesale SD WAN solutions based on Versa Networks, for resellers to sell to their clients. The solution is capable of offering customizable branding, portal and further systems, hierarchy levels and processes modification. End customers can benefit from high quality SD WAN services with no reference to Colt - as if wholesale customers were buying directly.
uCPE: Delivers 3pp unmanaged VNF hosting functionalities such as Checkpoint with Firewall offered as an additional VNF. This is available as Versa FlexVNF and can be deployed either on a Colt uCPE box, or a Versa verified whitebox appliance - both options are installed on customer premises.
Internet Breakout: SD WAN sites local internet connection is utilized by to and from traffic as opposed to going through a center network gateway.
IP Address Management: Colt’s SD WAN service treats IP addresses as relevant only to their customer VPN - this means customer IP addresses may be public or private.
Routing: Routing is available between Colt managed CPE and customer LAN - and dynamic and static routing are both supported on SD WAN, enabling routing towards customer LAN.
Network Configuration Options: Available with hub and spoke or fully meshed network configuration options, with SD WAN allowing for connectivity between SD WAN and non-SD WAN (such as traditional IPVPN) sites.
On-Net Presence: Colt’s IQ Network is a large fiber network, which currently offers connectivity to networks in 51 metropolitan areas, 212 cities and more than 29,000 buildings, providing low latency and high performance and security. The service comes with constant operational management, and a single view of service performance and activity in line with SLAs.

Security-Based Key Features:

SD WAN Gateways: Transit gateways that sit between encrypted SD WAN VPN and a normal IP VPN. Is also capable of acting as a hub for connecting various SD WAN sites on disjoint networks. This service is implemented on a regional basis, with application aware connectivity and encryption.
Next Generation Firewall (NGFW): NGFW offers clients protection against modern internet-based security threats such as targeted attacks, malware attacks and application-layer attacks.
Direct Denial of Service (DDoS) Protection: Available with SD WAN services, DDoS attack protection services protect client DMZ or LAN that may be exposed to the internet - for example via web or mail services.
IPsec Encryption: Designed to ensure that client’s proprietary data is fully protected during transit and remains inaccessible beyond intended destination and origination points.
L4 Stateful Firewall: Provided via VersaFlex VNF stateful firewall feature on CPE, L4 stateful firewall is fully managed by the customer, once the CPE is shipped Colt is no longer responsible.

Performance-Based Key Features:

Load-Balancing: Clients can optimize their bandwidth using load-balancing over broadband with multiple internet uplinks, 3G/4G LTE with Ethernet handoff, all in addition to MPLS connections.
NetFlow and IPFIX: Collects and monitors network data and analyzes it to ascertain where traffic is traveling to and from, and how much traffic is being generated.
Dynamic Multipath Traffic Steering: Allows clients to utilize internet and MPLS uplinks in a redundant or load-sharing configuration, with options to route traffic through protocol, IP address and/or port (socket) numbers. Clients can route specific application traffic based on several parameters. A number of traffic policies (MPLS vs internet) are also set up when the service is deployed - these are based on basic business rule settings which can be changed at any time via the self-service portal (see, What Reporting and Management is Available Via the Colt Portal?). The settings include protocol and/or port numbers, IP address/subnet and/or pre-loaded applications.

What is the Colt SASE security solution?

Colt do not offer a direct SASE solution as such, however they offer SD WAN Remote Access, a SASE-enabled hybrid solution powered by Versa Networks SASE. The solution secures connections between remote workers and business applications and data, regardless of physical location. The service is available with management from a single pane of glass. Further SASE may be available from Versa Networks via an integrator or service provider.

How does Colt access cloud vendors?

Colt offer multi-cloud connectivity that connects branch sites directly to cloud-based SaaS and IaaS, managing the solution from the Colt SD WAN portal (see, What Reporting and Management is Available Via the Colt Portal?). Direct connectivity into multiple cloud environments is available with Layer 3 connectivity and/or MPLS into multiple different cloud providers in one comprehensive solution. Backed with end-to-end security, analytics and performance SLAs (see, What is the Colt SLA?).

Colt’s multi-cloud solution includes Colt network-hosted gateways that offer dedicated connectivity to the cloud via AWS DirectConnect, Google Cloud Interconnect and Azure ExpressRoute. Currently the Colt multi-cloud solution is only available in Europe, but there are plans to extend the service in the future.

Does Colt offer WAN acceleration and optimisation?

Colt uses WAN acceleration and optimisation to improve site network reliability and performance over multiple WAN links, enriching the user experience. WAN optimization and acceleration reduces network congestion and maximizes bandwidth utilization by nullifying the effects of latency. TCP retransmission problems such as bit errors, handoff errors and errors caused by delays are curtailed through the use of intelligent traffic flow management. See below for the WAN acceleration and optimization features offered by Colt:

Packet Cloning: Provides packet replication across two or more paths, delivering a mirrored packet to the destination if one is lost.
Forward Error Correction (FEC): Recreates lost data packets at the destination without any additional jitter or latency.

How does Colt support remote users?

To meet the needs of contemporary network issues such as SASE transition, digital transformation and anywhere network usage, Colt uses Versa Secure Access as an SD WAN feature. This distributed solution connects teleworkers to enterprise applications across public or private clouds as well as enterprise data centers. See below to find out what components make up the Secure Access Solution:

Remote Access Client:

The Remote Access Client is a software agent that runs on client devices and extends the SD WAN. This creates an encrypted, safe connection to the Versa Cloud Gateway from remote devices running the client.

Remote Access Portal:

Allows enterprise admins to leverage big database analytics platform for historical and real time reporting at a user, application and network level as well as service monitoring.

Remote Access Gateways:

Secures the enterprise network from external threats, allows application access authorisation and user authentication. Gateways are globally distributed, based on the FlexVNF/VOS Platform, provisioning access to enterprise applications as a secure on-ramp.

What is the Colt managed, co-managed and DIY services solution?

Colt offer a managed SD WAN solution either directly or through a carrier. The solution may also be co-managed depending on the service provider chosen.

What Reporting and Management is available via the Colt Portal?

The Colt customer self-service portal provides network management that delivers on customer needs and is available for both end users and carriers. The portal features traffic data reporting, visibility, policy control and both carriers and end users are provided with portal customization options through their wholesale service. The portal enables on demand, real time orchestration, use and modification of network services such as mapping applications to specific WAN uplinks or choosing when applications should be switched to a secondary path.

The portal offers the features as listed in the table below:

Portal Pages
Page Details
Dashboard
Gives an overview of all provisioned sites on a geographically accurate map.
Dashboard allows regularly used graphs or reports to be pinned to the Dashboard view.
Status of Pending orders are listed.
Policy Management
Per site traffic steering policy rules.
Per site add, delete, edit and back-up traffic policies.
Map traffic to WAN uplinks on multiple parameters like source and destination IP address, source and destination port/socket, protocol and applications. (More than 2,500 applications supported.)
Define policy to switch between WAN links based on latency, jitter, packet loss, traffic Rx/Tx thresholds.
Multiple metrics per policy can be added.
Bulk copy pushes policies to multiple sites by single button click.
Firewall Management
Per site firewall rules overview.
Per site add, delete, edit and back-up firewall policies.
Policies applied to Internet and SD WAN for both inbound and outbound traffic.
Create firewall rules based on multiple parameter like source and destination IP address, source and destination port/socket.
Create Application layer inbound and outbound Firewall policies with source/destination IP addressing.
Create DNAT for LAN and DMZ zone rules by IP address and port number.
Bulk copy pushes policies to multiple sites by single button click.
Default policy deny all.
Firewall Analytics
Lists all active firewall rules.
Top 10 (or more) applications with sessions, traffic Tx/Rx and bandwidth used.
Historical view by day, week, month or custom time frame.
Interface Analytics
Delay, jitter, loss ratio, traffic in/out and number of sessions on per interface basis.
Historical view by day, week, month or custom time frame.
Application Analytics
Application bi-directional bandwidth utilization.
Top application information pertaining to sessions, and traffic utilization (Rx/Tx).
Application view can be filtered or selected per application.
Historical view by day, week, month or custom time frame.
DDoS
Create DDoS attack profiles and suspend actions.
Historical view by day, week, month or custom time frame of DDoS attack analytics associated with attack profiles.
Device
Detailed CPE hardware information.
Self CPE diagnostics, including ping and traceroute.
Data synchronization icon to re-synchronize the Portal and SD WAN bases.
WAN interface details including MAC, status, IP address, speed, traffic Rx/Tx and QoS policies.
LAN interface details including MAC, ARP information, IP address, speed and routing policies.
Colt Portal Features, Colt SD WAN External Service Guide (Colt, 2021).

What is the Colt SLA?

The Colt Service Level Agreement (SLA) uses their global fiber network to offer a 99.99% annual service availability. If Colt do not meet agreed SLA targets, clients will be paid a compensation fee. More SLA details are available by contacting a Colt Account Executive.