SD-WAN technology is touted as a means to reduce costs and ease management of branch offices and remote sites. Here we discuss where the technology has evolved to today.
Enterprise IT departments are constantly on the hunt for ways to boost application performance for users. That’s partly out of altruism—users are happy when they are able to work productively without sluggish apps. It's partly out of selfishness—IT’s job is much easier when users are happy and productive.
So it's been no surprise that SD-WAN technology has been such a popular choice over the past several years.
Software-defined wide area network (SD-WAN) technology enables branch offices to connect to a central network at corporate headquarters or to connect multiple data center locations over large geographic distances. Where these types of WAN connections typically require significant hardware investment, SD-WAN abstracts much of the network connectivity and management into the software layer.
Myriad benefits flow from this approach, including greater flexibility and management of network connections, better enablement of mobile technologies and, in certain cases, lower costs.
According to some estimates, three-quarters of companies are considering SD-WAN technology for various reasons, including better management of WAN and cost reduction.
Further, a Futuriom 2018 Growth Outlook report shows that SD-WAN continues to receive “broad market acceptance as enterprises see direct return-on-investment (ROI) in implementing cloud-managed WAN.” Yet, despite SD-WAN being capable of a quick ROI, the technology is far from reaching a state of maturity. Indeed, according to some survey data, two of the major obstacles to adopting SD-WAN technology are lack of understanding about SD-WAN technology and scarcity of qualified personnel to implement it, at 60% and 58%, respectively.
In 2018, SD-WAN deployments are deployed in three distinct areas of an overall enterprise network: at the remote office WAN edge, between private data centers and connecting private data centers to public clouds. Let’s briefly look at each use-case scenario in terms of ease-of-deployment and benefits gained.
Most organizations have gained exposure to SD-WAN by providing improved packet-forwarding intelligence between a corporate LAN and remote offices. This is a popular starting point for two reasons.
First, integrating SD-WAN within an existing WAN edge computing framework—which provides users at geographically dispersed sites with access to the same rich network services as users at the main site—doesn’t require a great deal of effort. Legacy remote sites are often built with high-performance Multiprotocol Label Switching (MPLS) or Metro Ethernet as the primary link with a site-to-site virtual private network (VPN) over broadband Internet as the backup. SD-WAN can use this physical data carrying structure—while adding active-active packet routing intelligence across both connectivity methods. Thus, an SD-WAN deployment at the WAN edge does not require a major re-architecture to accomplish.
Second, most IT departments start an SD-WAN journey at the WAN edge because of the immediate benefits. The intelligence of SD-WAN enables the network to identify mission-critical data flows to ensure they take the most efficient path at any given time, resulting in increased performance. The ability to exploit both WAN links also reduces the need to increase throughput of expensive private WAN links and offers the possibility of using cheaper broadband alternatives. SD-WAN vendors have zeroed in on the fact that customers want quick ROI. In fact, if you do a simple Google search on “SD-WAN ROI,” you’ll see plenty of tips and ROI calculators that can help estimate how long it might take to gain that return.
Once network administrators gain exposure in how SD-WAN can efficiently manage throughput and latency for critical apps, they may opt to forgo carrier-grade WAN connections completely in favor of two or more Internet broadband links. This is despite the fact that latency and quality of service (QoS) is far less guaranteed over broadband compared with private carrier connections. Yet, in many situations, SD-WAN can sufficiently handle the added risk to the point where private WAN links are no longer needed. At this point, the true cost-savings of SD-WAN can be gained.
There are some drawbacks to pursuing SD-WAN for the sole purpose of cost savings, however. If you attempt to rein in leased-line WAN link spending and opt to connect remote sites using Internet broadband only, SD-WAN is only as good as the quality of the broadband it works with. Carrier Ethernet has service-level agreements regarding latency and jitter, but broadband does not. If, in the future, your remote sites begin using latency-sensitive applications, even the most advanced SD-WAN technologies may not be able to provide the necessary connectivity over broadband.
Another popular use is to connect the SD-WAN of two or more private data centers. Because there are more opportunities to identify and prioritize mission-critical data flows in the data center, these deployments take better advantage of SD-WAN's artificial intelligence (AI) capabilities. Still, implementing SD-WAN as a data center interconnect is more complex than as a connection between remote sites. It’s more difficult to coordinate distributed computing data flows with the requirements of critical applications. Network administrators deploy this scenario after they have had ample time to understand SD-WAN’s capabilities at the remote site WAN edge.
Connecting private data centers generates bandwidth efficiencies by balancing data flows across multiple links. It also provides reliable connectivity for remote backups and distributed computing, where applications reside in multiple data centers. This creates additional network resiliency, increased inter-data center responsiveness and improved business continuity and disaster recovery (BCDR) robustness.
Companies that use SD-WAN in this regard can lay claim to better network performance as well as solid disaster recovery processes.
There are some drawbacks to using SD-WAN between private data center interconnects, including increased complexity when implementing and troubleshooting issues between locations. While this can be remedied with proper training of IT administrators, it must be factored in as a risk. Additionally, network architects must continuously reevaluate what is considered “critical” between data center locations. As applications come online, adjustments need to be made so SD-WAN artificial intelligence treats data flows appropriately as they cross the WAN.
Thanks to the increasing movement toward public cloud computing, enterprise IT departments have begun to deploy SD-WAN in their infrastructure as a service (IaaS) public clouds. In this scenario, virtualized SD-WAN routers are deployed on a virtual machine (VM) within a public cloud that sits on the Internet or dedicated cloud connectivity WAN edge.
Despite the fact that the entire IaaS is virtualized, SD-WAN architecture operates the same way. In some cases, an IaaS provider may offer a marketplace with pre-built virtual machines for the SD-WAN platform you deploy. In other situations, you may have to configure your own VM to act as the public cloud SD-WAN router. Regardless of how an SD-WAN VM is deployed, its purpose is to provide network administrators the ability to extend their software-defined WAN architecture into clouds that are managed by third-party providers.
Configuring SD-WAN within the public cloud also helps to mask architecture differences between private and public clouds in a hybrid environment. By extending an SD-WAN overlay, the underlying IaaS network infrastructure is effectively hidden from a routing perspective.
Thus, data flow and security policies on the entire WAN are built identically. Additionally, some SD-WAN platforms can centrally manage policies from a single location. Thus, whether the WAN link is to connect a remote office, a private data center or a public cloud, they’re all controlled from a single, unified management plane.
Keep in mind that adding SD-WAN to exiting hybrid architectures can be complicated. Because the public cloud deployment likely uses the communications service provider’s built-in virtual networking services, it will have to be revamped to take advantage of the SD-WAN overlay. Doing so will likely require outages to make the necessary changes. In many cases, those outages may not be acceptable. Thus, it’s usually better to start from scratch when implementing SD-WAN in a hybrid architecture and migrate production applications, data and services once the overlay is ready to go.
As noted previously, the SD-WAN market is far from mature. Despite the three scenarios highlighted in this article, most enterprise deployments of today will be considered rudimentary in just a few short years. The continued advancement of artificial intelligence within SD-WAN combined with advancements in WAN connectivity options and multicloud environments will revolutionize how WANs are deployed and managed. That is not to say, however, that businesses should press the pause button on their SD-WAN deployment ambitions. The opposite is true.
By deploying SD-WAN within a remote site edge as well as between public and private clouds, you create the necessary framework with which more advanced WAN policies can be applied. Since software is the key component of software-defined technologies—and if the overall architecture is sound—all it takes is a software update to gain the more advanced services that SD-WAN will provide in the near future.
Andrew Froelhich is the president of West Gate Networks, an IT consultancy and services provider. He has been involved in enterprise IT for more than 15 years. His primary focus is Cisco wired and wireless, voice-network design, implementation and support as well as network security. Froehlich has experience with network infrastructure upgrades and new buildouts. He's also been heavily involved in data center architectures designed to provide fault-tolerant enterprise applications and services to thousands of users.