Deployment Guide - SD-WAN

The following document provides information on how an SD-WAN company deployed Netify-enabled gateways. Please keep in mind that there are other workflows and subscriptions options available, this is just an example.

To keep the focus on just deployment, we are going to skip over authentication and other API concepts described in the Netify Informatics API. Please take a quick look at the Getting Started Guide if you are not already familiar with it.


TheBestLink is a regional ISP that has integrated Netify into their SD-WAN offering. Unlike other deployment scenarios (e.g. IoT Gateway), only one Netify agent is deployed per site.

TheBestLink deployed new SD-WAN Gateways for RetailCo - a retailer with 12 locations. As part of the workflow, each of the Netify-enabled SD-WAN devices was provisioned with a hardware serial number before being shipped to the retail location.


    • Provisioning before shipping
    • Custom serial number
    • 1 agent per site
    • 3-tier subscription plan


Since there is only 1 Netify Agent per Netify Site for TheBestLink's SD-WAN solution, these two Netify concepts (Sites+Agents) are essentially collapsed into one. TheBestLink needed to translate these Netify concepts into their own online account system:

Netify Asset TheBestLink Equivalent Database Example
Organization User Account user.organization_uuid
Site+Agent SD-WAN Gateway gateway.site_uuid

The workflow for deploying the SD-WAN gateways to the RetailCo retailers was the following:

CRM Netify Deployment
RetailCo created a user account IT@RetailCo. The Netify Organization was created and mapped to the IT@RetailCo user.
TheBestLink prepped the hardware from inventory. The Agent for the SD-WAN was pre-provisioned using the hardware serial number.
SD-WAN equipment was installed on site. The Netify Agent called home and was automatically activated. No action was required for this step.

Netify Asset API

Let's take a look at each step from the perspective of the Netify Asset API. Please reference the Assets section in the API Reference Guide for details.

Creating the Organization

TheBestSecurity needed to create a Netify Organization after a user account had been created. The only required field for creating an organization was the label (RetailCo).


In the API response, you can find the Organization UUID that was created.

"data": {
    "uuid": "a01ff7e1_8745_4f3e_98ee_c3177c749f65",
    "label": "RetailCo",

This UUID was saved inside the TheBestLink account system.

Creating Sites

In the case of TheBestLink SD-WAN, there will always be one agent per site. For this reason, the Agent and Site are created in one step (described in the next section) instead of two distinct steps.

Preparing Agents

TheBestLink was now ready to take an SD-WAN device out of inventory and prepare it for deployment in the field. Instead of using the auto-generated Netify agent UUID (AA-BB-CC-DD), the hardware serial number on the SD-WAN device was used: SERIAL-123-456. Here is an example of what was used to create a Netify Agent entry with this information:


The API response looked similar to the following:

"data": {
    "uuid": "-",
    "serial": "SERIAL-123-456",
    "activated": false,
    "provisioned": false,

TheBestLink already stored the serial number in their database, so nothing needed to be saved from the Netify API response. However, please take note of the activated and provisioned flags. At this stage, the Netify agent was not activated (i.e. not calling home) and was not provisioned.

Provisioning Agents

Before shipping the SD-WAN device to the customer, the Netify Agent needed to be provisioned. The Organization UUID in the earlier step was needed to provision the agent/site under the RetailCo deployment. Since this was a "1 site, 1 agent" deployment, the provision mode was set to "standalone". This means that both the site and agent assets were created in one API call. Lastly, the agent/site label and plan_id were also required:


Please take note of the plan_id in the API request. TheBestLink had three different subscription plans: Bronze, Silver and Gold. Each plan not only had some SD-WAN differentiators, but also some Netify feature differentiators:

  • Bronze: 1 month of forensic archives
  • Silver: 6 months of forensic archives
  • Gold: 12 months of forensic archives

If you require some Netify differentiators, we can customize the plans to meet your needs.

In the API response, you can find the Site UUID that was created.

"data": {
    "uuid": "-",
    "serial": "SERIAL-123-456",
    "label": "LocationA",
    "activated": false,
    "provisioned": true,
    "site": {
        "uuid": "7b1e27ec_9d15_4fc3_8d81_88311af874b3",

The Site UUID returned in the API payload was saved in the TheBestLink online system. Alternatively, they could have used the Netify Assets API to later retrieve the Site UUID using the hardware serial number.

At this stage, the SD-WAN device was ready, but not yet activated. When the SD-WAN gateway made a connection to the Internet, the Netify agent automatically called home and the agent status changed to activated. At that point, Netify data and analytics started to flow.


This is just one example on how a company integrated Netify into their product workflow. We can certainly help with integrating your workflows, so please do not hesitate to contact us for more information.

Integration and Custom Solutions

Do you have any questions about integration, APIs or custom development?

Contact Us