Summary:
In this article, we’ll review what SD-WAN is, its history and development, as well as the key benefits and limitations of SD-WAN deployment. You’ll learn the difference between SD-WAN and WAN, VPNs, MPLS, and SDN, and how the different services and solutions compare.
What Is an SD-WAN?
The rise of cloud adoption, remote work, and mobile devices has prompted increasing bandwidth and security requirements that outdate previous network strategies. A Wide Area Network (WAN) is a collection of local area networks (LANs) that communicate with one another—a network of networks, such as interconnected office locations.
WANs have traditionally connected these smaller networks through routers and virtual private networks (VPNs). This framework is rigid and inefficient, especially within cloud environments. Scaling a traditional WAN network is time- and resource-intensive, requiring circuit delivery and equipment provisioning to initiate a complicated change management process.
WANs have traditionally connected these smaller networks through routers and virtual private networks (VPNs). This framework is rigid and inefficient, especially within cloud environments. Scaling a traditional WAN network is time- and resource-intensive, requiring circuit delivery and equipment provisioning to initiate a complicated change management process.
Software-defined Wide Area Networks (SD-WANs) are software-based solutions that offer easier deployment, improved connectivity, and central control. This innovative solution enables the WAN to be programmatically configured and managed through virtualization technology.
Unlike traditional WAN, SD-WAN is a more flexible and scalable solution that supports an increasingly remote and mobile workforce.
How Does SD-WAN Work?
SD-WAN is an overlay to the existing network delivered through the cloud that uses tunneling technology to differentiate the physical and logical planes.
A network of SD-WAN appliances connected by encrypted tunnels monitors the availability and performance of each service within a network in real time. When traffic flows to an SD-WAN appliance, it is classified by application and prioritized based on centrally-managed policies so it can be sent out over the best available network link.
SD-WAN allows security functionality to be applied at the network edge, eliminating the need for traffic to be routed through the data center hub, which reduces latency and increases performance across the network.
By bringing networking and security capabilities together, SD-WAN helps enterprises provide secure, high-performance networking with centralized control and high visibility.
A network of SD-WAN appliances connected by encrypted tunnels monitors the availability and performance of each service within a network in real time. When traffic flows to an SD-WAN appliance, it is classified by application and prioritized based on centrally-managed policies so it can be sent out over the best available network link.
SD-WAN allows security functionality to be applied at the network edge, eliminating the need for traffic to be routed through the data center hub, which reduces latency and increases performance across the network.
By bringing networking and security capabilities together, SD-WAN helps enterprises provide secure, high-performance networking with centralized control and high visibility.
History of SD-WAN
Traditional WAN architectures follow a hub-and-spoke model, where traffic flows from a remote location (the spoke) to the central network hub via individual VPN connections. Organizations typically use leased lines from service providers to connect their users at the branch to applications hosted on servers at the data center.
In the 1980s and 1990s, these WAN connections were maintained through point-to-point (PPP) leased lines and Frame Relay services—which used the same lines as PPP to connect cloud environments to the service provider.
By the 2000s, Frame Relay was replaced by Multiprotocol Label Switching (MPLS)—an IP-based WAN connection that routes network traffic based on predetermined labels, essentially sending the data on the best path to its destination. When a packet enters the network, it is assigned a forwarding class of service (CoS) and labeled accordingly. These labels classify traffic based on business priority, such as real-time, mission-critical, and best-effort. MPLS is typically an outsourced service managed by service providers that guarantee performance, quality, and availability—but not without cost.
And then cloud computing changed everything.
As cloud computing exploded in popularity, applications became widely available outside of the traditionally centralized hubs. Instead of accessing business applications via the central data center, users were now going through the cloud—and traditional WAN architectures still had to backhaul all that data through the data center when accessing cloud applications.
Backhauling data is inefficient and costly. With the rise of cloud computing driving up bandwidth demands, these legacy WAN architectures that rely on privately-sourced MPLS have become harder to manage and expensive to provision, upgrade, and scale.
SD-WAN simplifies WAN management, providing a lower-cost, scalable networking solution without sacrificing the ability to use quality networking services like MPLS.
In the 1980s and 1990s, these WAN connections were maintained through point-to-point (PPP) leased lines and Frame Relay services—which used the same lines as PPP to connect cloud environments to the service provider.
By the 2000s, Frame Relay was replaced by Multiprotocol Label Switching (MPLS)—an IP-based WAN connection that routes network traffic based on predetermined labels, essentially sending the data on the best path to its destination. When a packet enters the network, it is assigned a forwarding class of service (CoS) and labeled accordingly. These labels classify traffic based on business priority, such as real-time, mission-critical, and best-effort. MPLS is typically an outsourced service managed by service providers that guarantee performance, quality, and availability—but not without cost.
And then cloud computing changed everything.
As cloud computing exploded in popularity, applications became widely available outside of the traditionally centralized hubs. Instead of accessing business applications via the central data center, users were now going through the cloud—and traditional WAN architectures still had to backhaul all that data through the data center when accessing cloud applications.
Backhauling data is inefficient and costly. With the rise of cloud computing driving up bandwidth demands, these legacy WAN architectures that rely on privately-sourced MPLS have become harder to manage and expensive to provision, upgrade, and scale.
SD-WAN simplifies WAN management, providing a lower-cost, scalable networking solution without sacrificing the ability to use quality networking services like MPLS.
SD-WAN Benefits
SD-WAN has become one of the most widely used networking technologies. In fact, Telegeography reports that 43 percent of enterprises had installed SD-WAN by 2020. Market research predicts that MPLS will continue to fade in popularity over time due to the overwhelming advantages of SD-WAN over traditional networking strategies.
Reduces costs by managing multiple networks
One of the main advantages of SD-WAN is that it increases operational bandwidth while reducing overall costs. MPLS bandwidth is expensive and incurs higher costs for deployment than other transport types. SD-WAN enables organizations to create a single network infrastructure with a variety of connection types, including MPLS, LTE, and broadband internet. This enables companies to route less sensitive data across cheaper public connections and thereby reduce their reliance on costly, private MPLS links.
Speeds up performance through dynamic path selection
With MPLS-enabled WAN, internet-bound traffic must be backhauled to a corporate data center and sent through the data center again on its way to its destination. This is known as the trombone effect, and it represents a key inefficiency of MPLS networking. Backhauling traffic creates a drag on performance, which can impact modern services like videoconferencing.
SD-WAN solves this issue through policy-based routing, which forwards and routes data in real time based on defined policies configured by system administrators. SD-WAN evaluates metrics such as load, data loss, and latency to automatically route traffic over the best path without backhauling data. Real-time path monitoring then ensures business-critical applications are efficiently routed across any available connection that meets the policy definition. This strategic load balancing allows for a more flexible performance at a lower cost than solely relying on the default MLPS connections in a WAN configuration.
SD-WAN solves this issue through policy-based routing, which forwards and routes data in real time based on defined policies configured by system administrators. SD-WAN evaluates metrics such as load, data loss, and latency to automatically route traffic over the best path without backhauling data. Real-time path monitoring then ensures business-critical applications are efficiently routed across any available connection that meets the policy definition. This strategic load balancing allows for a more flexible performance at a lower cost than solely relying on the default MLPS connections in a WAN configuration.
Tightens security with built-in redundancies and secures traffic at the network edge
MPLS is known for reliability, however, ensuring redundancy at the MPLS-provider level is often cost-prohibitive. SD-WAN has built-in redundancies through its application of policy-based routing and choice of multiple connections. By leveraging different transport methods, SD-WAN reduces single points of failure and enables high-availability configurations.
Additionally, SD-WAN’s overlay network across the WAN provides network segmentation with centralized management and complete visibility into each network segment. This also helps to provide organizations with a stronger security posture.
Additionally, SD-WAN’s overlay network across the WAN provides network segmentation with centralized management and complete visibility into each network segment. This also helps to provide organizations with a stronger security posture.
