MTN StarEdge Horizon: Private Layer 2 LEO Networking for Enterprises
MTN has launched StarEdge Horizon, a Layer 2 service over SpaceX’s Starlink designed to move enterprise traffic on a private path to MTN points of presence (PoPs), bypassing the public internet and reducing latency, jitter, and operational complexity.
Key features and rollout
The service extends a private Layer 2 domain from remote sites over Starlink into MTN regional PoPs, where enterprises can centralize internet egress, security, and policy. It adds static IP/subnet allocation, network segmentation, and QoS prioritization so mission-critical applications retain bandwidth during contention. StarEdge Horizon also supports secondary underlays—OneWeb, LTE/5G, and VSAT—for automatic failover. Where available, MTN offers private on-ramps to major clouds (AWS, Microsoft Azure, Google Cloud) to keep cloud-bound traffic off the open internet. Early rollouts target land-based sectors such as energy, construction, and logistics, with maritime availability planned for Q1 2026.
Why it matters for enterprise and OT connectivity
Enterprises are accelerating LEO adoption but face hurdles with public-internet routing, CGNAT, and inconsistent performance that complicate security centralization and operational technology (OT) use cases.
LEO beyond best-effort internet
LEO links provide fiber-like latency but are often consumed as broadband, forcing over-the-top VPNs, dynamic addressing, and distributed security stacks that add overhead and variability. A private Layer 2 approach creates a predictable underlay that looks and behaves like a corporate LAN extension, enabling centralized security and deterministic application performance for SCADA, video surveillance, and industrial control systems.
Strategic impact on WAN architectures
Horizon positions LEO as a true WAN transport alternative, not a backup internet link. For organizations migrating from MPLS to internet and SD-WAN, it reintroduces private-circuit characteristics—stable addressing, consistent QoS, and controlled egress—over satellite, helping standardize operations across remote, temporary, and hard-to-reach sites.
StarEdge Horizon architecture
Horizon sets up a private path over Starlink from remote sites into MTN PoPs so sites can be treated as if they are on the same Layer 2 network segment.
Private Layer 2 path over Starlink
By avoiding public internet routing and over-the-top tunneling for long-haul flows, Horizon reduces encapsulation overhead and unpredictable handoffs that drive latency and jitter. Enterprises can anchor security policies and internet breakout at MTN PoPs or their own data centers and clouds, gaining uniform visibility and control across sites.
Stable addressing, segmentation, and QoS
Static IPs and subnet allocations give each location a stable identity for monitoring, allow-listing, remote management, and access control. Layer 2 segmentation and QoS enable traffic classes for OT control, video, and best-effort data, maintaining operations during congestion or weather-related capacity shifts.
Benefits and validation checklist
The design promises lower latency, simpler WAN integration, and better security posture, but enterprises should validate implementation details and operational guardrails.
Advantages for performance and security
Centralized egress shrinks the security attack surface and simplifies compliance. A Layer 2 underlay streamlines SD-WAN, zero trust, and SASE/SSE integrations by presenting consistent addressing and policy points. QoS and segmentation protect prioritized traffic, while multi-link redundancy reduces site-level downtime risks.
Technical due diligence questions
Ask MTN about encryption at rest and in transit across the private path; broadcast/multicast containment and loop prevention; MTU handling with encapsulation; packet loss/jitter targets under satellite handoffs; SLA constructs; IPv6 support; and how QoS classes map across Starlink and alternate underlays. Confirm visibility (telemetry, APIs) for NOC workflows and integration with existing SD-WAN or firewall vendors.
Multi-orbit redundancy and private cloud on-ramps
Horizon’s value increases with path diversity and private cloud connectivity that limit exposure to the open internet.
Path diversity across LEO, 5G/LTE, and VSAT
Enterprises can combine Starlink with OneWeb, terrestrial LTE/5G, or VSAT to balance performance and coverage. Automated failover preserves sessions for critical apps and mitigates weather or congestion events, a key requirement for safety systems, back-office applications, and real-time telemetry.
Private on-ramps to AWS, Azure, and Google Cloud
Private on-ramps to AWS, Azure, and Google Cloud cut internet traversal for SaaS and IaaS workloads, reducing attack surface and stabilizing latency. Validate region availability, throughput ceilings, route exchange options, and cost models (including cloud egress) to avoid surprises.
Target industries and use cases
Horizon focuses on industries where remote operations, mobility, and safety demand predictable connectivity.
Land deployments now; maritime in Q1 2026
Energy, construction, and logistics sites can use Horizon for OT control, video analytics, worker safety systems, and mobile command centers without deploying full security stacks at the edge. Maritime is slated for Q1 2026, creating options for vessels that need consistent policy enforcement and cloud access across oceans.
Example enterprise OT scenarios
Remote wellheads with SCADA backhaul; temporary construction sites needing corporate WAN access and surveillance; distribution yards with high-definition video and WMS; and cross-border operations that benefit from centralized egress, uniform policy, and stable addressing.
What to evaluate and next steps
Enterprises should treat Horizon as a WAN architecture decision and run structured pilots tied to application SLOs and security outcomes.
Vendor questions to ask
What are the committed SLAs for latency, jitter, and availability across primary and failover paths? How is QoS enforced end to end? Which cloud regions support private on-ramps today? How are static IPs and subnet allocations managed at scale? What telemetry and APIs are available? How does Horizon integrate with your SD-WAN, SSE, and identity providers? What are antenna, power, and install requirements per site, and how are regulatory and lawful intercept handled in each geography?
Actions for pilots and rollout
Classify applications into QoS tiers; define centralized egress and security policy; pilot multi-orbit redundancy across representative sites; validate cloud on-ramp performance and costs; and update runbooks for incident response, failover testing, and compliance reporting. Align procurement with phased rollout plans, including maritime timelines if relevant.
Bottom line: LEO as enterprise transport
By bringing a private Layer 2 architecture to Starlink, MTN’s StarEdge Horizon turns LEO from best-effort internet into a controllable enterprise transport with centralized security, deterministic performance, and multi-orbit resilience—provided organizations validate the operational model, SLAs, and integrations that matter to their WAN and OT strategies.
