The Wide Area Network (WAN) connects corporate networks, branch offices and data centres even over long distances. In order to meet the high demands of cloud applications, IoT and digitalisation, more and more companies are turning to SD-WAN (Software Defined WAN). SD-WAN promises easy management and secure and reliable access to a low-cost Internet bandwidth with high quality of service.
Company IT teams are facing great challenges: growing use of cloud applications, an increasingly mobile workforce, more video files and the trend towards networked Internet of Things (IoT) devices are placing new demands on network bandwidths. Those responsible must guarantee secure, reliable access to applications with a high quality of service (QoS) at all times, and traditional WANs quickly reach their limits.
They usually consist of a variety of manufacturer-specific physical hardware devices such as routers, controllers and firewalls, which are often installed, configured and maintained manually. Moreover, many WANs are complex and expensive. Companies use a broadband connection to connect to the Internet; high-performance and stable MPLS (Multi-Protocol Label Switching) connections with high QoS to connect business-critical sites; and VPNs or private lines for internal data traffic. Sometimes, expensive backup lines that are rarely used are added as well.
The problem is that the configuration of such hybrid WAN approaches is complicated, and maintenance is complex and costly. This can be remedied with SD-WAN, a special Software Defined Networking (SDN) application for WAN connections.
SD-WAN with high automation
SDN separates the software from the hardware in a network – thereby applying virtualisation in the network as well. A controller thus enables central control of the network components and automated, dynamic routing of data streams. Unlike traditional WAN, which requires proprietary hardware, SD WAN uses standard hardware such as x86 servers as physical appliances.
As with SDN, the planes for network data analysis and control of the network configuration (control plane) and for data transport in the network (data plane) are separated from each other. The controller runs on a cloud-based or local machine. It manages all device profiles (routers, switches, etc.) and the corresponding configurations and provides an overview of the WAN and the associated devices. The data layer consists of the edge devices for the WAN, which process the data traffic at the locations.
This creates an agile, programmable network that is easy to control and where deployment is largely automated. Thanks to virtualisation, new functions can be added quickly, as needed.
In the meantime, many companies have recognised the advantages of SD-WAN. According to a study by Barracuda Networks, around 68 percent of large companies in the DACH region (Germany, Austria, Switzerland) are already using SD WAN solutions or are in the implementation phase (20 percent). According to the study, they benefit from the following advantages:
Increased network security with better protection against malware and other threats (including end-to-end encryption)
Better overall connectivity
Higher performance at application level
More flexible and agile network
Simplified network management through central control and increased automation. Even non-professionals can connect new hardware via “Zero Touch Provisioning”.
Decreasing costs: Companies save on money for hardware such as network security appliances, routers and WAN optimisation appliances, as well as for broadband connections and MPLS services. According to the Barracuda study, German companies already using SD-WAN saved an average of 1.24 million euros in MPLS and network costs in one year.
With a hybrid SD-WAN, companies can also handle the huge amounts of data and bandwidth requirements that arise from applications such as IoT, augmented and virtual reality and big data with machine learning. Via SD-WAN, companies can analyse the data traffic and, depending on the application, send the data flexibly over different connections. It is possible to route lower priority applications over the Internet, for example, leaving the private MPLS network free for strictly confidential data and company-critical applications.
SD-WAN also offers many advantages for the branch office networks of banks or retailers, for example. The central administration in the SD-WAN enables companies to provide network functions at their various locations quickly and without manual effort. An SD WAN identifies devices and applications, and applies policies to ensure the appropriate quality of service. Central monitoring and control also makes it easier to enforce data protection measures and configure network functions securely and dynamically.
Another area of application is the control and integration of several network providers worldwide. With an SD WAN, companies can consolidate all their network services and orchestrate policies for the network centrally.
In a second article we describe the challenges and solutions involved in company implementation of SD-WAN.