Edge Management feature allows you to configure general settings, authentication, and encryption for an Edge. It allows you to activate or deactivate configuration updates for an Edge. You can also select a default Software & Firmware Image.

  1. In the Operator portal, on the Monitor Customers screen, click on a Customer name.
  2. From the top menu, click Service Settings, and then from the left menu, click Edge Management.
  3. You can configure the following options and click Save Changes.
Option Description
General Edge Settings
Edge Link Down Limit You can set this value for each Edge by selecting the Customize check box. This overrides the value set through the system property edge.link.show.limit.sec.
Number of days Enter a value in the range 1 to 365. The default value is 1.
Edge Authentication
Default Certificate Choose the default option to authenticate the Edges associated to the Customer.
  • Certificate Acquire: This option instructs the Edge to acquire a certificate from the certificate authority of the SASE Orchestrator, by generating a key pair and sending a certificate signing request to the Orchestrator. Once acquired, the Edge uses the certificate for authentication to the SASE Orchestrator and for the establishment of VCMP tunnels.
    Note: Only after acquiring the certificate, the option can be updated to Certificate Required.
  • Certificate Deactivated: This option instructs the Edge to use a pre-shared key mode of authentication.
  • Certificate Required: This option is selected by default, and it instructs the Edge to use the PKI certificate. Operators can change the certificate renewal time window for Edges using system properties. For more information, contact your Operator.
Note: On clicking Save Changes, you are asked to confirm if the selected Edge authentication setting is applicable to all the impacted Edges or only the new Edges. By default, Apply to all Edges check box is selected.
Edge Authentication Click the Activate Secure Edge Access button to allow the user to access Edges using Password-based or Key-based authentication. You can activate this option only once. But you can switch to either Password-based or Key-based authentication any number of times. For more details, see Configure User Account details.
Device Secret Encryption
Enable Encrypt Device Secrets Click the Enable For All Edges button to activate device secret encryption for all the Edges in the current Enterprise. This action causes restart of all the Edges. However, Edges which already have this feature activated are not affected.
Note: You can activate this option for individual Edges at the time of creating a new Edge. For more information, see the topic Provision a New Edge in the VMware SD-WAN Administration Guide.
Configuration Updates
Disable Edge Configuration Updates By default, this option is activated. This option allows you to actively push the configuration updates to Edges. Slide the toggle button to turn it Off.
Enable Configuration Updates Post-Upgrade By default, this option is deactivated. This option allows you to control when post-Orchestrator upgrade configuration changes are applied to their Edges. Slide the toggle button to turn it On.

Software & Firmware Images

To view this section, an Operator user must follow the below steps:
  1. Navigate to the Global Settings service of the Enterprise portal.
  2. Go to Customer Configuration > SD-WAN Configuration.
  3. Select the Allow Customer to manage software check box.
Note: Only an Operator user can add, delete, or edit an image.

For more information, see the topics Platform and Modem Firmware and Factory Images and Software Images.