What are the benefits of SD WAN?
The adoption of SD WAN using public Internet is experiencing significant traction within the UK, US and Global regions. The predominant leading reason is often be based on cost savings associated with using best fit ISP connectivity vs your locations. Outside of lower pricing, public Cloud application access (AWS, Azure, Google), Next Generation Firewall & Security, Reporting and dynamic path selection are all driving the desire to several Software-WAN capability.
Consider your proposed SD WAN Architecture
How SD WAN is architected depends on whether the solution is based on NFV (Network Function Virtualisation), WAN Edge or Gateway access where intelligence is centrally located. In general terms, there’s the actual vendor layered over connectivity provision which is typically Internet based in relation to ‘true SD WAN’.
The reality for most Enterprise businesses is that SD WAN is generally split across the vendor capability and the connectivity provider. If we consider traditional legacy networks, the majority of solutions were based around a carrier with managed services creating a single billing and support environment.
Software-WAN is changing this dynamic to the point where the market is split into:
• Channel only vendors (Silver Peak is a good example) where services must be procured via a Reseller
• Vendor capability with their own private backbone requiring VPN into the local PoP
• Vendor only with an agnostic view of connectivity
In many ways, the architecture is also driven by Cloud access and how services such as AWS (Amazon Web Services), Microsoft Azure and Google. Whether or not the vendor or providers offers direct back to back, gateway or requires an appliance to be provisioned often dictates the topology.
SD WAN differs from traditional layer:
3 MPLS And layer 2 VPLS network capability in respect of real time and predetermined path selection. Where IP packets suffer poor latency, jitter, packet loss or an outage, other paths are selected for the duration of the issue. Outside of network performance issues, Cloud and application path selection can be used to make the most of available bandwidth across all circuit types.
What are 5 features Netify considers when evaluating SD WAN vendors?
Next Generation Security
The vendor landscape is split between capability that offers basic Firewall and Software-WAN solutions with next generation Firewall security. The consideration is whether your business requires a single device (or virtualised device) to deliver your WAN and Security is the option of involving Security partners. There’s often a good reason to involve a 3rd party, perhaps there is an existing relationship, or the SD WAN vendor features align well across all aspects other than security. Next generation security includes application awareness, identity awareness, centralised management with logging and reporting, stateful inspection, deep packet inspection and integrated IPS (Intrusion Protection).
Internet and MPLS
Certain SD WAN vendors consider SD WAN as an Internet only Wide Area Network (Cisco Meraki is a good example) whereas other solutions support private WAN services including MPLS & VPLS. The typical WAN today often consists of Internet for branch sites with MPLS connecting HQ and larger offices. There is a shift toward the Internet as the primary for HQ and branch-sites as Enterprise businesses become more confident in the capability of the Internet. It is worth noting that certain SD WAN providers offer Global private backbones with local ISP connectivity.
Support for Global connectivity
If your business consists of International sites, careful analysis of the vendors in-country staff is required to ensure delivery and support elements are sufficiently capable. We note certain vendors are marketing global capability but their footprint remains heavily focussed on the primary country of origin. Where SD WAN providers are considered across Global backbone capability there is a need to understand where the local PoP is located to determine distance impact vs network latency.
SD WAN is the enabler to more bandwidth, either via per-session of per-packet load balancing/sharing. With cellular technologies such as 4G/5G offering good diversity together with bandwidth often in excess of 100Mbps, SD WAN is making it possible to offload less important traffic to lower cost circuits. The routing off traffic is based on user profile or application with the ability to re-route traffic in the event of an outage, packet loss or high latency.
WAN edge vs NFV vs White Box
SD WAN functionality and solutions will revolve around three options.
1. WAN Edge - essentially familiar WAN deployments (think Cisco, Juniper) where the intelligence exists on a traditional edge device.
2.NFV (Network Function Virtualisation) - virtualised SD WAN within the Cloud or Data Centre environment.
3. White Box - the white box concept essentially consists of a PC (x86) and is loaded with the required SD WAN features as required. The white box concept is most aligned to the concept of SD WAN.
While SD WAN has firmly arrived as next generation WAN technology, aligning your specific business requirements to the right solution requires careful analysis. In particular, migrating from technologies such as MPLS to an Internet based VPN may well appear viable in respect of application performance, there needs to be thought given to support SLA agreements for every day uptime needs.