SD-WAN allows enterprises to connect branch offices to their data centers and SaaS/IaaS applications with direct connectivity. It automates traffic steering in an application-driven manner, enables resiliency and improves network security.
IT teams can deploy SD-WAN independently or with a managed service provider (MSP). An MSP can provide a fully-managed DIY model or a co-managed solution where the organization is responsible for some deployment and management aspects.
Network Architecture
The basics of SD-WAN include using software-defined networking (SDN) principles to connect locations. This approach separates the control plane from the data plane, allowing IT staff to configure network policies without dealing with proprietary hardware connections.
Traditionally, routers connected branch offices to cloud-hosted applications via private WAN links like Multiprotocol Label Switching (MPLS). But many businesses need to expand their WAN connectivity due to increasing application performance and security needs.
With an SD-WAN, you can use low-cost commercial internet options like broadband or 4G cellular as primary and backup WAN links for boosting performance, redundancy and cost. This allows you to eliminate backhauling, which can decrease performance and lead to expensive latency issues.
SD-WAN takes WAN optimization and traffic steering a step further by allowing you to prioritize network bandwidth for the most important applications. This means high-priority business apps travel over the most reliable and performant WAN link, while lower-priority data goes over less expensive and slower connections.
Before deployment, technology teams should evaluate their organizational goals and how they align with SD-WAN capabilities. This can help IT teams determine whether an SD-WAN solution is the right fit and, if not, what additional solutions might be needed. This pre-purchase research can help organizations decide whether to invest in hardware-based appliances or virtual server software.
Deployment
Traditional WANs use command line interface (CLI) routers driven and can be complex to manage. SD-WAN enables network professionals to optimize and secure connectivity using a software-based approach. SD-WAN software running on CPE (customer premises equipment) monitors traffic and network conditions in real-time and determines how to route data depending on the specific situation. For example, the SD-WAN may route voice-over-IP (VoIP) traffic over MPLS VPN services if those circuits are available and performing well. But if those circuits become congested, the SD-WAN will switch VoIP traffic to another link, such as broadband Internet or 4G LTE wireless connections.
With SD-WAN, IT teams can improve application performance and security by delivering a high-quality user experience and eliminating application latency. They can also gain a clearer picture of all the cloud and IaaS applications that are being used across their global WAN.
As enterprises continue to move mission-critical workloads to the cloud, it’s important to ensure that users have a good user experience and can access those applications reliably. SD-WAN can help achieve this by directly connecting to trusted SaaS and IaaS providers.
The SD-WAN’s dynamic routing and network visibility capabilities also make it a valuable tool for supporting secure remote access strategies. For instance, the SD-WAN can detect WAN link failures and automatically redirect workers to other sites or mobile devices when issues occur.
Security
As with all networking solutions, security is always a concern. However, SD-WAN’s architecture can mitigate many of the common problems.
For example, traditional network architectures backhaul all traffic from branches to headquarters. This can introduce latency and hinder application performance, which impacts productivity and user experience. SD-WAN enables companies to avoid this by allowing components to connect directly to the internet, a more cost-effective solution for businesses.
Additionally, because data flows between sites without passing through a centralized security inspection point like in traditional networks, it’s important to implement the right SD-WAN technologies to maintain a secure environment. This can include load balancing, WAN optimization and virtual overlays that make it easier for teams to change site policies from a central management console.
To ensure the security of their network, organizations should look for an SD-WAN solution that unifies firewall, segmentation, routing and WAN optimization functionality in one platform. Additionally, they should choose a solution that can seamlessly handle a total transport outage and provide sub-second failover to prevent applications from being interrupted. Some pure-play SD-WAN vendors also partner with traditional security partners to offer integrated solutions. This allows organizations to deploy their preferred hardware at each location while handing over implementation, ongoing maintenance and security functions to a managed service provider.
Management
With traditional networking approaches like MPLS, traffic created in a branch is backhauled to the central data center. This adds latency to applications, which impacts productivity and the customer experience. SD-WAN eliminates this costly backhauling, allowing application traffic to be routed locally.
An SD-WAN solution uses a policy-driven framework to automatically direct traffic to the best link based on application requirements and underlying network link quality. The result is a significant improvement in application performance, cost savings, and agility.
In addition, an SD-WAN solution improves business continuity and reduces risk. It can connect with Internet data services (fiber, xDSL, cable, 4G/LTE) and MPLS. This makes it much easier to ensure high redundancy, so locations can continue to work even during a transport outage.
Before deploying an SD-WAN, technology teams should consider the needs of their organization and its business goals. They should also recognize if the network can support an SD-WAN deployment, and if not, prepare to make upgrades. They may also want to explore managed SD-WAN options, which can help them avoid the expense of acquiring and configuring network equipment at each site. These managed solutions are also a great fit for in-house organizations with limited IT technical expertise since most offer zero-touch/plug-and-play installations and configurations. They can also speed up the deployment of new sites.