Discover Cradlepoint near you

We have dedicated teams in regions the world over. We’re here to answer your questions and connect you with the perfect Wireless WAN solution for your unique business needs.

Asia-Pacific
North America
Latin America
Africa
Europe

For a full list of where our solutions are available, please visit our Availability Page.

DOWNLOAD PAGE TO PDF

Data Sheet:

NetCloud Exchange

2023 - 09 - 05

NetCloud Exchange (NCX) is a unified WAN networking and security architecture that brings cellular, SD-WAN, and security into a tightly integrated solution, uniquely designed for lean IT.  

 

NetCloud Exchange enables customers to:

  • Connect from anywhere using LTE/5G
  • Provide inherent Wireless WAN security by creating a locked-down, zero-trust network
  • Deliver application assurance across highly distributed cellular and hybrid WANs through cellular-optimized SD-WAN
  • Streamline operations through cloud-based orchestration and intuitive policy management

 

NetCloud Exchange architecture components:

 

NetCloud Exchange Service Gateway is a scalable and reliable services delivery platform (or headend) that can reside standalone or in an active/standby configuration in a customer’s data center or hosted cloud. The NCX Service Gateway aggregates traffic from IoT, vehicle, site, and remote work environments, enforces policy, and provides visibility into every flow. 

 

Cradlepoint WAN edge routers for providing persistent, reliable cellular or hybrid connectivity for IoT devices, vehicles, sites, or remote work. The NCX Service Gateway is compatible across Cradlepoint’s primary WAN solutions (excluding standalone adapters), augmenting them with advanced security and SD-WAN services.

 

NetCloud Manager to simplify the deployment, management, and ongoing troubleshooting of the NetCloud Exchange architecture. It enables scalable end-to-end WAN orchestration, the bulk provisioning of policies across multiple device types, and provides intuitive health dashboards, intelligent insights into faults, and comprehensive reporting and alerts.

 

Optional components:

 

NetCloud Exchange Virtual Edge is a software-based solution that can be easily deployed in an AWS Virtual Private Cloud (VPC) to extend the NCX Secure Connect zero-trust network to resources in the AWS.

 

NetCloud Exchange Client for enabling secure remote access to a NCX Secure Connect network. The NetCloud Exchange Client supports Windows and macOS laptops today and is available with the NCX Zero-Trust Network Access license.

NetCloud Exchange Network Diagram

Common Use Cases

IoT Deployments NCX Secure Connect for zero-trust connectivity between IoT devices and their hosts, replacing complex VPN architectures.

NCX SD-WAN for improving the quality of experience of real-time applications over low-speed links (for example implementing FEC over for a video transfer over a lossy link.

NCX Zero-Trust Network Access for granting internal and third parties secure remote access to IoT devices on the WAN for maintenance and monitoring.
Vehicle Deployments NCX Secure Connect for zero-trust connectivity between vehicle-based technology and their hosts, replacing complex VPN architectures.

NCX SD-WAN for traffic steering and providing resiliency between multiple modems/service providers, satellite links, or Wi-Fi as WAN connections.

NCX ZTNA for secure remote access to corporate applications in the cloud or data center, or IoT devices on the WAN.
Branch Deployments NCX Secure Connect for zero-trust connectivity between branches and corporate data centers and clouds, replacing complex VPN architectures.

NCX SD-WAN for traffic steering and providing resiliency between wired and cellular connections.

ZTNA for secure remote access to corporate applications in the cloud or data center, or IoT devices on the WAN.

Notice: All specifications subject to change without notice.

NCX Service Gateway Specifications

NetCloud Exchange Service Gateway is the foundation of the NetCloud Exchange architecture enabling organizations to take advantage of fully integrated zero-trust security and SD-WAN as part of their Cradlepoint wireless or hybrid WAN.  The NetCloud Exchange Service Gateway aggregates traffic, enforces policy, and provides deep visibility into traffic flows.

NCX Service Gateway benefits:

  • Compatible with Cradlepoint IoT, vehicle, site and remote work routers.   
  • Designed from the ground up to meet zero-trust principles. 
  • Flexible deployment in a customer-hosted data center or cloud or downloaded on a physical server. 
  • Optional redundancy with active / standby configuration 

PERFORMANCE

Licensed Capacities:
  • 250 Mbps
  • 500 Mbps
  • 1 Gbps
  • 2 Gbps
  • 4 Gbps

SYSTEM REQUIREMENTS (ALL CAPACITIES)

Deployment:

AWS

Azure

Software Version:

Ubuntu 18.04

Ubuntu 18.04

Instance:

c5.2xlarge

Standard_D8S_v3

vCPUs:

8

8

Memory:

16 GB

32 GB

Minimum Disk Space:

16 GB

16 GB

vNICs:

3

3

Minimum NCX Service Gateway Release:

7.22.70

7.22.70

Concurrent Tunnels:

Up to 4,000

Up to 4,000

Performance testing was conducted based on requirements as defined in RFC2544 using fixed-frame 1518-byte packets. Throughput results reflect unidirectional. UDP traffic with less than 1% packet loss as tested with wired connections. At the time of release, the number of supported sites and tunnels is a 1:1 ratio. NCX-enabled routers support multiple WAN interfaces simultaneously in NCX SD-WAN mode.

PERFORMANCE

Licensed Capacities:
  • 250 Mbps
  • 500 Mbps
  • 1 Gbps
  • 2 Gbps
  • 4 Gbps

SYSTEM REQUIREMENTS (ALL CAPACITIES)

Deployment:

KVM

VMware

Software Version:

Ubuntu 18.04

ESXi 6.7 or newer

Instance:

N/A

N/A

vCPUs:

8

8

Memory:

16 GB

16 GB

Minimum Disk Space:

16 GB

16 GB

vNICs:

3

3

Minimum NCX Service Gateway Release:

7.22.70

7.22.70

Concurrent Tunnels:

Up to 4,000

Up to 4,000

Performance testing was conducted based on requirements as defined in RFC2544 using fixed-frame 1518 byte packets. Throughput results reflect unidirectional. UDP traffic with less than 1% packet loss as tested with wired connections. At the time of release, the number of supported sites and tunnels is a 1:1 ratio. Each NetCloud Edge router will only support one tunnel on one active WAN interface at a time.

NCX Secure Connect Site Specifications

NCX Secure Connect offers a simple-to-manage alternative to complex VPN infrastructures for securely connecting IoT devices, sites, vehicles, and remote workers. As the foundation for all other NCX services, NCX Secure Connect delivers a policy-governed, zero-trust network that can be easily orchestrated to enable highly secure communications from the WAN edge to the cloud.

NCX Secure Connect benefits:

  • Dynamic orchestration of zero-trust tunnels at scale.
  • Simplified WAN deployments with support for overlapping IP addresses through name-based routing.
  • Reduces the network attack surface by hiding network resources, encrypting traffic, and obscuring all public IP addresses.
  • Delivers enhanced security by being deny-all by default, with access only enabled through policy.
  • Provides containment of breaches and malware by restricting all east/west traffic by default.

 

PERFORMANCE

Site Routers

Typical Client Count

Throughput

Concurrent Tunnels

IBR650B, IBR600C/IBR650C, IBR900, R920, S700/S750

5

10 Mbps

10

R500-PLTE

5

20 Mbps

10

PERFORMANCE

Site Routers

Typical Client Count

Throughput

Concurrent Tunnels

E100, E102

5

40 Mbps

20

IBR1700

30

40 Mbps

20

PERFORMANCE

Site Routers

Typical Client Count

Throughput

Concurrent Tunnels

AER2200

100

40 Mbps

20

E300

50

400 Mbps

20

PERFORMANCE

Site Routers

Typical Client Count

Throughput

Concurrent Tunnels

E3000, R1900, R2105/R2155

100

400 Mbps

20
NCX SD-WAN Site Specifications

NCX SD-WAN is a cellular-optimized network service based on a zero-trust foundation that enhances WAN resilience and quality of experience (QoE) by optimizing traffic over multiple physical or logical connections including, wired, 5G/LTE, satellite, Wi-Fi as WAN, private APNs, and 5G standalone network slices.

NCX SD-WAN benefits:

  • Designed based on a simple modern zero-trust foundation rather than legacy VPNs.
  • Supports traffic optimization over physical and logical connections, including being the first SD-WAN solution to support 5G network slicing.
  • Implementation of application-based policies network-wide in a few simple steps.
  • Efficient and cost-effective operation over cellular by considering cellular-specific attributes when steering traffic (for example, signal strength) in addition to latency, loss, and jitter.
  • Preserves bandwidth by using inline traffic rather than artificial traffic to measure WAN performance.
  • Offers enhanced QoE over lossy links through forward error correction (FEC).

 

PERFORMANCE

Site Routers

Typical Client Count

Throughput

IBR650B, IBR600C/IBR650C, IBR900, R920, S700/S750

5

10 Mbps

R500-PLTE

5

20 Mbps

PERFORMANCE

Site Routers

Typical Client Count

Throughput

E100, E102

5

40 Mbps

IBR1700

30

40 Mbps

PERFORMANCE

Site Routers

Typical Client Count

Throughput

AER2200

100

40 Mbps

E300

50

400 Mbps

PERFORMANCE

Site Routers

Typical Client Count

Throughput

E3000, R1900, R2105/R2155

100

400 Mbps
NCX ZTNA Specifications

NCX Zero Trust Network Access (ZTNA) is a security service that integrates with an organization’s existing identity provider to provide isolated user-to-resource access for authenticated users. It enables secure remote access for internal employees and third parties to resources (IoT devices and/or applications) on the Cradlepoint WAN through granular user-based access policies.

NCX ZTNA benefits:

  • Simple and safe remote access to required resources on the WAN for internal employees and third parties.
  • Flexible authentication to the network through a client (Windows or macOS) or through a Cradlepoint router.
  • Enhanced security with granular user-based access policies leveraging SAML-based attributes and context.
  • Integration with any SAML 2.0 compliant identity provider.

 

    SYSTEM REQUIREMENTS

    Operating System:

    Windows

    macOS

    Version:

    Windows 10 and 11

    Monterey 12.x or later

    Processor:

    Intel x86

    Intel or Apple M1/M2 CPU

    Memory:

    16 GB

    16 GB

    Maximum ZTNA Client Count:

    Unlimited (limited by NCX Service Gateway licensed throughput capacity per network)

    Unlimited (limited by NCX Service Gateway licensed throughput capacity per network)
    NCX Virtual Edge Specifications

    NetCloud Exchange Virtual Edge enables a simple extension of the NCX Secure Connect zero-trust network to applications that reside in an Amazon Virtual Private Cloud (Amazon VPC).

    NCX Virtual Edge benefits:

    • Push button deployment to an Amazon VPC from NetCloud Manager.
    • Cost-effective and simple solution for organizations that need to connect to one or more Amazon VPCs.
    • Extension of NCX Secure Connect zero-trust network to the cloud to control access to and from cloud-based applications.

      PERFORMANCE

      Tunnel Throughput to/from NetCloud Exchange:

      300 Mbps

      DEPLOYMENT TARGETS — AWS

      Instance:

      m4.large

      vCPUs:

      2

      Memory:

      8 GB

      vNICs:

      2
      Ordering Guide

      The NetCloud Exchange Service Gateway is a required component to implementing NetCloud Exchange services (Secure Connect, SD-WAN and ZTNA). These services can be purchased as an add-on to any compatible router with a NetCloud Branch, Mobile or IoT service plan, while the NCX Service Gateway is purchased based on required network capacity.

      For ordering details, see the following:

      • Step 1 (required): Select NetCloud Service plan(s) 
      • Step 2 (required): Select NCX Service Gateway capacity for entire solution (separate part number for high availability)
      • Step 3 (required): Select NCX Secure Connect site license(s) for supported routers 
      • Step 4 (optional): Select NCX SD-WAN site license(s) for supported routers (selection must match Step 3)
      • Step 5 (optional): Select NCX ZTNA Client per user license(s)
      • Step 6 (optional): Select NCX Virtual Edge per each Amazon VPC

        NETCLOUD SERVICE PLAN

        SITE LICENSE

        CAPACITY

        NetCloud Service for Branch

        NetCloud Service for Mobile

        NetCloud Service for IoT

        NetCloud Service for SOHO

        Micro Site

        Small Site

        Medium Site

        Large Site

        250 Mbps — up to 4,000 tunnels

        500 Mbps — up to 4,000 tunnels

        1 Gbps — up to 4,000 tunnels

        2 Gbps — up to 4,000 tunnels

        4 Gbps — up to 4,000 tunnels
        NetCloud Add-Ons

          REGION

          NCX PACKAGE

          DESCRIPTION

          PART NUMBER

          All Regions:

          Service Gateway

          PROMO — 250 Mbps

          PROMO — 500 Mbps

          PROMO — 1 Gbps

          PROMO — 2 Gbps

          PROMO — 4 Gbps

          NCX-000y-SG250MBPS

          NCX-000y-SG500MBPS

          NCX-000y-SG1GBPS

          NCX-000y-SG2GBPS

          NCX-000y-SG4GBPS

          Service Gateway High Availability

          PROMO — Active + Standby 250 Mbps

          PROMO — Active + Standby 500 Mbps

          PROMO — Active + Standby 1 Gbps

          PROMO — Active + Standby 2 Gbps

          PROMO — Active + Standby 4 Gbps

          NCX-002y-SGAS250MBPS

          NCX-002y-SGAS500MBPS

          NCX-002y-SGAS1GBPS

          NCX-002y-SGAS2GBPS

          NCX-002y-SGAS4GBPS

          Secure Connect

          PROMO — Micro Site

          PROMO — Small Site

          PROMO — Medium Site

          PROMO — Large Site

          NCX-000y-SCMICRO

          NCX-000y-SCS

          NCX-000y-SCM

          NCX-000y-SCL

          SD-WAN

          PROMO — Micro Site

          PROMO — Small Site

          PROMO — Medium Site

          PROMO — Large Site

          NCX-000y-SDWANMICRO

          NCX-000y-SDWANS

          NCX-000y-SDWANM

          NCX-000y-SDWANL

          ZTNA

          PROMO NCX ZTNA — Per User

          NCX-00Ay-ZTNA

           

          Virtual Edge

          NetCloud Essentials for Virtual Edge with NCX Secure Connect

          NCX-000x-VESC

          All Regions — Renewal:

          Service Gateway

          Renewal — 250 Mbps

          Renewal — 500 Mbps

          Renewal Active + Standby — 250 Mbps

          Renewal Active + Standby — 500 Mbps

          NCX-000x-SG250MBPS-R

          NCX-000x-SG500MBPS-R

          NCX-002x-SGAS250MBPS-R

          NCX-002x-SGAS500MBPS-R

          Secure Connect

          Renewal — Micro Site

          Renewal — Small Site

          Renewal — Medium Site

          Renewal — Large Site

          NCX-000x-SCMICRO-R

          NCX-000x-SCS-R

          NCX-000x-SCM-R

          NCX-000x-SCL-R

          SD-WAN

          Renewal — Micro Site

          Renewal — Small Site

          Renewal — Medium Site

          Renewal — Large Site

          NCX-000x-SDWANMICRO-R

          NCX-000x-SDWANS-R

          NCX-000x-SDWANM-R

          NCX-000x-SDWANL-R

          ZTNA

          Renewal NCX ZTNA — Per User

          NCX-00Ax-ZTNA-R

          Virtual Edge

          Renewal NetCloud Essentials for Virtual Edge — Per Self-Hosted Virtual Appliance

          NCX-000x-VESC-R

          x= 1, 3, or 5 years
          y= 2, 4, or 6 years