The premise of software-defined WAN, or SD-WAN, is fairly straightforward. The technology eases the management of multiple WAN links, improves performance and enhances security control – just what most organizations ask for in their network infrastructure, according to Mike Fratto, senior research analyst of applied infrastructure and DevOps at 451 Research.
A minimalist route
The arrival of SD-WAN inadvertently prepared the world for the abrupt shift to remote working in the wake of the COVID-19 pandemic. It was preceded by the dark ages, when companies had to navigate complicated border gateway protocols and work with network service providers to install WAN links at branch locations.
SD-WAN changes the game with real-time path selection between two or more WAN links through a closed feedback loop. This allows branch networking to be managed at scale across multiple locations, with the SD-WAN gateway replacing the border router or a border firewall in the branch location. The SD-WAN gateway will sit in the datacenter or a perimeter network similar to a VPN gateway at the central site.
The SD-WAN gateway requires just an IP connection, and is compatible with any WAN technology, including DSL, business broadband, MPLS, LTE, 5G or satellites.
In terms of security, companies can set up the SD-WAN network in either a full or partial mesh between locations with limited access. SD-WAN gateways can also be designed to direct traffic to SaaS over the internet while applications that are hosted in internal datacenters traverse the SD-WAN.
On cloud nine
Meanwhile, growing cloud adoption among companies creates more use-case scenarios for SD-WAN. Cloud on-ramp capabilities can be built when an SD-WAN vendor, MSP or SASE (secure access service edge) provider puts an SD-WAN gateway in the same datacenter as cloud services, while connectivity is facilitated by high-speed network at the datacenter. The benefits are multifold – users enjoy the operational efficiency of SD-WAN and the low-latency datacenter network.
At the same time, most SD-WAN products are equipped with virtual gateways, which can be applied on-premises or in an IaaS cloud service. As a result, branch-to-cloud connectivity is simplified, making it easier for organizations to have better control of network performance and security.
SD-WAN is a prevalent part of the cloud infrastructure, as it addresses the growing need for interconnection. Some enterprises are using the technology for cloud-to-cloud and datacenter-cloud interconnection as an alternative to the interconnection capabilities of traditional WAN technologies and cloud services.
SD-WAN to SASE
While the industry thinks that SD-WAN technology is already mature, vendors are working on integrating it with security functions to be delivered as part of managed cloud services. Some SD-WAN vendors integrate with SASE services by sending branch traffic to the SASE service for security processing via a virtual private network. However, the benefits of SD-WAN will be lost, albeit for the price of better security.
SD-WAN is also a launching pad for SASE products and services, but vendors do support third-party services for customers that have already committed to other SASE vendors.
Some SD-WAN products offer extra capabilities like integrated WAN optimization or optimization for real-time voice and video. Others may offer functions such as recovery of lost packets through the ‘forward error correction’ process, which can be effective for up to 10% of packet loss. The benefits are attractive, but not as compelling as the network simplification that SD-WAN promises.
Want insights on cloud computing trends delivered to your inbox? Join the 451 Alliance.