Data Exchange

New
  • Updated on Oct 23, 2025
  • Published on Oct 22, 2025
  • 13 minute(s) read
  • KD
 Prev Next

What is Data Exchange?

Graphiant’s Data Exchange securely connects your customers to your services .

With Data Exchange, you can pick and choose any of your inventory of services to be available by private invitation only to any of your inventory of customers.

Whether your business is looking to share knowledge, collaborate on projects, or explore partnerships that will lead to mutual growth and new opportunities, Data Exchange is here to connect you!

Locating Data Exchange in the Graphiant Portal

From the Graphiant Portal Landing Page, click ‘Services’ in the sidebar;  select ‘Data Exchange’.

Dashboard overview displaying services, usage statistics, and quickstart options for users.

This will open the Data Exchange Landing Page.

From here, you can publish and edit your services.

Interface for managing data exchange services with options for active, paused, and inactive services.

Creating a Data Exchange Service

To add to your inventory of Data Exchange services, click ‘Create Service’ in the middle of the screen, above the table.

Interface for managing data exchange services with a prominent 'Create Service' button.

Select ‘Peering Service’;  click ‘Next’.

Select the Peering Service option to establish network-level routing and segmentation.

You will now see the configuration page for creating your Data Exchange service.

Form for creating a service profile with fields for details and site selection.

Service Details

This section includes all of the information regarding the name and location of your service.

Enter the following information:

Service Name

  • Service Name: The unique name you are assigning to the data exchange service

  • Service Description (optional):  Information for your reference

Prefix Location:

  • LAN Segment: The LAN segment to share with the customer

    • You can also create a new LAN segment right from here

    • For information on LAN segments, click here

LAN Segments:

Must be selected before Site Selection.

Site Selection

  • Site Type:  Choose either to enter your sites individually, or by site lists.

    • Site:  You may enter up to 10 sites

    • Site List:  Can contain as many sites as are in the list(s)

      • You can also create a new Site List right from here

      • For information on Site Lists, click here

Site / Site List options:

Are dependent on the LAN segment chosen;  the Sites / Site Lists that contain the selected LAN segment will be the only ones offered in the dropdown.

Form fields for entering service name, LAN segment, and site selection options.

Prefix Details

This will contain all of your prefixes that you want to be a part of this service.

For each prefix, enter the following:

  • Prefix:  Enter in a.b.c.d/n format

  • Tag (optional):  Any internal terminology you would like for quick reference later

Input fields for prefix and tag details in a user interface layout.

Outbound Routing Policy (optional)

If you would like to add a routing policy to your service, you can do so here.

By default, no routing policy is present.

To add one, click ‘Add Routing Policy’.

Button to add an outbound routing policy in the settings interface.

  • Select a routing filter.

    • You can also create a new routing filter right from here.

    • For information on routing filters, click here.

  • Select the Edges to which this policy will be applied.

Select routing filter option in the outbound routing policy interface.

When all information has been entered, click ‘Next’.

Form for creating a new service profile with various configuration options displayed.

Preview & Publish

Review your selections.

Once you have ensured that everything is correct, click ‘Create Service’.

Preview of service creation with details like service name, prefix, and routing policy.

You will receive a confirmation that your service was created!

From here, you can either:

Confirmation message indicating the service is live and options for next steps.

Exiting to Data Exchange Services

If you exit to the Data Exchange Services page, you will see your new Service listed in the table.

Overview of Data Exchange services management interface with active and paused service counts.

To later add a customer, click on the ‘Customers’ tab.

Then follow the instructions to create a customer.

Overview of Data Exchange services with highlighted Customers tab and service details.

Creating a Customer

Now it is time to add to your customer inventory, from which you can select to permit access to your services.

When you start the process of creating a customer, you can choose to connect to:

Select customer type: Graphiant or Non Graphiant for new customer setup.

Creating a Graphiant Customer

To begin the process of adding a customer who is also on the Graphiant network, select Customer Type of ‘Graphiant’;  click ‘Next’.

Select customer type between Graphiant and Non Graphiant for new customer setup.

Enter the following information:

  • Customer Name:  Unique name for this customer

  • Email(s):  Admin contact email(s)

  • Max # of Sites:  Limited number of sites you will allow this customer to onboard

Click ‘Next’.

Form for creating a new customer profile with required fields highlighted.

Review your selections.

Once you have ensured that everything is correct, click ‘Create Customer’.

Creating a new customer profile with details and action button highlighted.

You will receive a confirmation that your customer was created!

From here, you can either:

Confirmation message for newly created customer with next action options displayed.

Creating a Non-Graphiant Customer

To begin the process of adding a customer who has an unmanaged or third-party edge device, select Customer Type of ‘Non-Graphiant’;  click ‘Next’.

Select customer type between Graphiant and Non Graphiant for new customer setup.

Enter the following information:

  • Customer Name:  Unique name for this customer

  • Email(s):  Admin contact email(s)

  • Max # of Sites:  Limited number of sites you will allow this customer to onboard

Note:

Non-Graphiant customers will be connected via Site-to-Site VPN Connection

Click ‘Next’.

Form for creating a new customer profile with required fields highlighted.

Review your selections.

Once you have ensured that everything is correct, click ‘Create Customer’.

Form for creating a new customer profile with connection method options.

You will receive a confirmation that your customer was created!

From here, you can either:

Confirmation message for newly created customer with next action options displayed.

Exiting to Data Exchange Customers

If you exit to the Data Exchange Customers page, you will see your new Customer listed in the table.

Interface for managing data exchange customers with options to create and configure services.

To later match a service to this customer, click the ellipses to the right of that customer;  select ‘Match Services’.

Then follow the instructions to publish a service to a customer.

Manage Data Exchange customers, view details, and create new customer entries.

Publishing Your Service with Your Customer

Now that you have inventories of both services and customers, you can match up which service(s) you would like to offer to your customers.

This process is done one customer at a time, to ensure individual secure access.

Depending on your end customer, follow the steps accordingly for:

The processes are different for each type of customer:

Ensure that you are following the indicated instructions for the customer that you need.

Publishing Your Service to a Customer on the Graphiant Network

Under the “Define Match” page, fill out each section as described.

Each step here will be marked with a green check mark when completed.

Customer service assignment interface showing customer details and service selection options.

Service Name

From the dropdown, select the service from your inventory to which you will allow the customer access.

The Service Name you select:

Will determine the prefixes and settings available below.

Dropdown menu displaying the service name 'EastCoast-Peering' for selection.

Consumer Prefixes

These are the prefixes that your customer has given you, so that you may grant them access to your service.

  • Host Prefix:  Enter the customer’s prefix;  more can be added as necessary

  • NAT’d Prefix (Optional):  If they have provided NAT translation, enter it here

To add more prefixes, click the [+] icon at the top of this section

Caution:

Any traffic that doesn’t have one of these prefixes associated with it will be dropped.

Input fields for Host Prefix and NAT'd Prefix in a consumer prefixes section.

Service Prefixes

These are all of the prefixes that are available for you to advertise with this particular service (entered when creating the service).

Select the prefixes that you would like this customer to be able to utilize.

Table displaying service prefixes and corresponding service tags for network management.

Once all sections are completed and marked with a green checkmark, confirm that all entered information is correct.

Click ‘Assign Services’.

Customer service assignment interface showing service prefixes and options to assign services.

The customer will receive an email invitation to connect to your Graphiant Data Exchange Service.

They can follow these instructions on how to accept the invitation to connect to your Data Exchange Service.

Email invitation to connect with Graphiant Data Exchange Service and accept invitation.

Publishing Your Service to a Customer with a Third-Party Edge Device

Under the “Define Match” page, fill out each section as described.

Each step here will be marked with a green check mark when completed.

Customer service assignment interface showing customer details and service selection options.

Service Name

From the dropdown, select the service from your inventory to which you will allow the customer access.

The Service Name you select:

Will determine the prefixes and settings available below.

Dropdown menu displaying the service name 'EastCoast-Peering' for selection.

Consumer Prefixes

These are the prefixes that your customer has given you, so that you may grant them access to your service.

  • Host Prefix:  Enter the customer’s prefix;  more can be added as necessary

  • NAT’d Prefix (Optional):  If they have provided NAT translation, enter it here

To add more prefixes, click the [+] icon at the top of this section

Caution:

Any traffic that doesn’t have one of these prefixes associated with it will be dropped.

Input fields for Host Prefix and NAT'd Prefix in a consumer prefixes section.

Service Prefixes

These are all of the prefixes that are available for you to advertise with this particular service (entered when creating the service).

Select the prefixes that you would like this customer to be able to utilize.

Table displaying service prefixes and corresponding service tags for network management.

Once all sections are completed and marked with a green checkmark, confirm that all entered information is correct.

Click ‘Assign Services’.

Customer service assignment interface showing service prefixes and options to assign services.

A customer who is not on the Graphiant network will not have access to the Graphiant Portal directly.

You will receive an email invitation to setup your intermediary configuration within the portal for them to connect.

Click ‘Accept Invitation’ to begin the process.

Invitation email to connect with Graphiant Data Exchange Service, featuring an 'Accept Invitation' button.

Setting Up the Data Exchange Connection for Your End Customer on a Third-Party Edge Device

You will be acting as a proxy tenant for your end customer:

This tenant will be the location where the service will land for any of your end customers who will use third-party edge devices.

Fill out all information below from the perspective of you being the customer.

After logging in to the Graphiant Portal, you will be landed on the Peering Service Overview page for Step 1.

Step 1:  Peering Service Overview

Verify that the information regarding the service and the inviting organization is correct.

Click ‘Next’.

Overview of peering service details with service name and contact information displayed.

Step 2:  Review Prefixes

Now you will be able to confirm the information regarding the prefixes for both sides of the connection.

  • Producer Prefixes:  Prefixes that will be advertised from the service

    • Translated Prefix (Editable and optional):  Should you prefer to use different values to ensure no conflicts within your own routing domain, enter the translated prefixes here

  • Consumer Prefixes:  Prefixes that will be allowed access to the service

Verify that the information is correct;  click ‘Next’.

Review prefixes for data exchange service, highlighting translated prefixes and service tags.

Step 3:  Prefix Location

This is the configuration page for where this Data Exchange Service will be accessible within your network.

Interface for accepting data exchange service with consumer prefix location options.

Complete the following sections:

Prefix Location:

  • LAN Segment:  The LAN segment where this service will be available.

LAN Segments:

Must be selected before Site Selection.

Site Selection

  • Site Type:  Choose either to enter the sites individually, or by site lists.

    • Site:  You may enter up to 15 sites

    • Site List:  Can contain as many sites as are in the list(s)

Site / Site List options:

Are dependent on the LAN segment chosen;  the Sites / Site Lists that contain the selected LAN segment will be the only ones offered in the dropdown.

Form fields for selecting LAN segment and site type in a network configuration interface.

Routing Policy

  • Select a routing policy.

    • You can also create a new routing policy right from here.

    • For information on routing policies, click here.

  • Select which Edges will receive this policy.

Select routing policy options for graphiant routing configuration in the interface.

Once you have verified that all of the information is correct, click ‘Next’.

Form for accepting data exchange service with site and routing policy options.

Step 4:  Service Profile

This page contains the detailed configuration of how your end customer will connect to your Data Exchange Service using Site-to-Site VPN.

Site-to-site VPN configuration settings including routing and advanced options for secure connections.

Complete the information for the following sections:

General

  • Email(s): Network administrator for your end customer that will need access to this subscription

  • Primary Destination IP Address:  IP Address that will be allowed access to the service

Form fields for entering name, email, and primary destination IP address.

Routing

In the routing section, you have a choice of Static or BGP routes.

Static Routes

The default Routing Type is “Static”.

For Static routes:

Although it’s not required to include a return route to your Graphiant LAN network, if you need such a route, be sure to include one under ‘Subnet’.

  • Subnet (optional):  Enter the remote subnet(s) that your devices on the prior selected Graphiant LAN Segment will need to reach via the VPN

Routing settings showing options for Static and BGP with a prompt for prefixes.

BGP Routes

Should you choose to utilize BGP routes for your VPN connection, the “Routing” section will expand to include the fields shown below.

Click the toggle to turn on ‘BGP’.

Enter the AS Number from the 3rd party device’s BGP setting.

The remaining fields are optional, and if left blank will be populated with default values.

  • Hold Timer:  The period of time to wait for messages from the BGP neighbor before considering that neighbor unreachable;  default is 90 seconds.

  • Keep Alive Timer:  The interval at which messages to the neighbor are sent to maintain the BGP session and check that the neighbor is reachable.

  • MD5 Password:  The shared password for authentication between the BGP neighbors.

  • Send Community:  Specifies that the router should support sending BGP communities to that neighbor.  Sending Communities is 'Off' by default.

  • Inbound Filters:  Control what routes you accept from a neighbor

  • Outbound Filters:  Control what routes you advertise to a neighbor

Configuration settings for BGP routing type and remote AS number input.

Advanced Settings

The fields are as follows, and if left blank will be populated with default values.

  • TCP MSS:  Maximum TCP segment size allowed through the VPN to prevent fragmentation

  • IP MTU:  Largest IP packet size (including headers) that can be transmitted without fragmentation

  • IKE Remote ID (Optional):  Identifier for the remote VPN device used during IKE authentication

  • IKE Initiation Mode:  Determines whether this gateway starts the VPN negotiation (Initiator) or waits for the remote side (Responder)

  • ID Local End Point (Optional):  Identifier for the local VPN device used in IKE authentication

  • Inside Subnets (Auto-generated if left empty):  The internal network behind this VPN endpoint that should be reachable over the tunnel

  • Preshared Key (Auto-generated if left empty):  Shared secret used to authenticate both ends of the VPN tunnel

  • System VPN Profile:  The VPN Profile that best matches your encryption needs.

Note:

The System VPN Profile will be prefilled with the default profile, but you can also:

  • Select any profile you have created by using the drop-down menu.

  • Create a new profile by clicking ‘Create New +’.  This will open a modal to configure a new VPN profile.  For more information regarding creating VPN Profiles, click here.


Advanced VPN settings including encryption algorithms and tunnel configurations for secure connections.


Ensure that all of the fields are correct;  click ‘Next’.

Configuration settings for Site to Site VPN, including routing and advanced options.

Step 5:  Preview & Publish

This is the final step before the invitation will be sent for your end customer to subscribe to the Graphiant Data Exchange Service.

Ensure that all information is correct in this summary page.

Click ‘Accept & Connect’.

Overview of data exchange service with details on prefixes and VPN configuration.

The customer will receive an email invitation to download their private security profile for their device that will connect them to your Graphiant Data Exchange Service.

They can follow these instructions on how to accept the invitation to connect to your Data Exchange Service.

Email notification for setting up a Graphiant Data Exchange service with security profile download.

Accepting an Invitation to Connect to a Graphiant Data Exchange Service

You are able to connect to a publisher’s Data Exchange Service, independent of whether you are currently a Graphiant customer, or are using a third-party device for your networking needs.

Simply follow the appropriate instructions on accepting the invitation from a Graphiant Data Exchange Service publisher:

Accepting an Invitation to Connect to a Data Exchange Service Using Your Graphiant Edge

When a publisher of a Graphiant Data Exchange Service invites you to connect with that service, you will receive an email invitation.

Click ‘Accept Invitation’ to begin the process.

Email invitation to connect with Graphiant Data Exchange Service, featuring an 'Accept Invitation' button.

You will be directed to the Graphiant Portal, where we will walk you through the steps you need to start your service.

Click ‘Get Started’.

Invitation to join a data exchange peering service with a prominent 'Get Started' button.

Subscribing to Your Data Exchange Connection Using Your Graphiant Edge

After logging in to the Graphiant Portal, you will be landed on the Peering Service Overview page for Step 1.

Step 1:  Peering Service Overview

Verify that the information regarding the service and the inviting organization is correct.

Click ‘Next’.

Overview of peering service details and connection setup process for data exchange.

Step 2:  Review Prefixes

Now you will be able to confirm the information regarding the prefixes for both sides of the connection.

  • Producer Prefixes:  Prefixes that you will see from the service

    • Translated Prefix (Editable and optional):  Should you prefer to use different values to ensure no conflicts within your own routing domain, enter the translated prefixes here

  • Consumer Prefixes:  Your prefixes that will be allowed access to the service

Verify that the information is correct;  click ‘Next’.

Review prefixes for data exchange service, including producer and consumer prefixes.

Step 3:  Prefix Location

This is the configuration page for where this Data Exchange Service will be accessible within your network.

Interface for accepting data exchange service with site selection and routing policy options.

Complete the following sections:

Prefix Location:

  • LAN Segment: The LAN segment where this service will be available

LAN Segments:

Must be selected before Site Selection.

Site Selection

  • Site Type:  Choose either to enter your sites individually, or by site lists.

    • Site:  You may enter up to 15 sites

    • Site List:  Can contain as many sites as are in the list(s)

Site / Site List options:

Are dependent on the LAN segment chosen;  the Sites / Site Lists that contain the selected LAN segment will be the only ones offered in the dropdown.

Form fields for selecting LAN segment and site type in a network configuration interface.

Routing Policy

  • Select a routing policy.

    • You can also create a new routing policy right from here.

    • For information on routing policies, click here.

  • Select which Edges will receive this policy.

Select routing policy options for graphiant routing configuration in the interface.

Once you have verified that all of the information is correct, click ‘Next’.

Data exchange service setup with routing policies and site selection options displayed.

Step 4:  Preview & Publish

This is the final step before connecting and subscribing to the Graphiant Data Exchange Service.

Ensure that all information is correct in this summary page.

Click ‘Accept & Connect’.

Overview of data exchange service with details on prefixes and VPN configuration.

You will receive a confirmation that your Data Exchange Service has been accepted.

To view and manage your service, click ‘Go to My Services’.

Confirmation of peering service acceptance with a button to access services.

Here you can monitor and manage any services to which you have subscribed.

Dashboard for managing data exchange services with service status and configuration options.

Accepting an Invitation to Connect to a Data Exchange Service Using Your Third-Party Edge Device

When a publisher of a Graphiant Data Exchange Service invites you to connect with that service, you will receive an email invitation to download the security profile that has been provisioned for you.

You will then have all of the information to configure your third-party edge device so that it may connect you to the subscription service using a 3rd party VPN.

Click ‘Download Security Profile’ to begin the process.

You will be provided a temporary password:

Take note of this password as you will need it to log in to your Graphiant Portal.

Email notification for setting up a Graphiant Data Exchange service with security profile download.

Login using the email to which the invitation was sent, and the temporary password provided to you there.

Click ‘Sign In’.

Login screen for Graphiant corporate network with email and password fields.

Click ‘Download’ to receive your personalized security profile for your Data Exchange Service subscription.

Welcome message with instructions to download the security profile and key rotation date.

You can now configure your third-party device to connect to the service that is ready for you!

Related articles