Software-Defined WAN: What Can It Do for You?
SD-WAN solutions can improve network performance, simplify management, enhance security and reduce costs to help organizations meet the ever-growing demands they face.
- by Will Kerr
- Technical architect for CDW's networking team |
The workplace has changed immensely over the past decade. Employees travel extensively, work remotely and maintain productivity on a variety of devices (everything from smartphones to tablets to laptops) using applications hosted in a corporate data center, on public and private clouds, and by Software as a Service (SaaS) providers.
While mobility, cloud computing and the Internet of Things have brought unprecedented levels of efficiency and new opportunities to the workplace, they’ve created something of a morass when it comes to the networks that support them. As the demands on WANs grow, so do performance issues and costs. Network management has also become increasingly complex as organizations face more steady and sophisticated security threats while producing growing volumes of data that move between branches, data centers and the cloud.
SD-WAN solutions were created with these challenges in mind. They can improve network performance, simplify management, enhance security and, over time, reduce WAN costs while enabling networks to scale with the ever-growing demands they face.
Addressing the Need for a Better WAN
With traditional WANs, the data and control planes are housed within routers in branch offices, which communicate with each other to direct traffic throughout the network, device to device. To make changes to the WAN, administrators have to manually configure each router, which can be time-consuming and error-prone. A 2018 report by Enterprise Management Associates found that 86 percent of businesses that use manual policy inspection have problems in more than 10 percent of the devices.
One of the key tenets of SD-WAN is to separate the control and data planes and centralize control so that administrators can set policies and manage the entire WAN from a single tool. This unified tool effectively makes an SD-WAN operate as a single system, which allows network operators to increase agility and efficiency while reducing manual errors.
In addition to simplifying management, SD-WANs can improve network performance because they more efficiently use multiple transports. Traditional WANs typically route data through primary and backup or failover paths, such as a service provider–based multiprotocol label-switching primary path and an internet VPN backup. In contrast, SD-WANs agnostically and simultaneously use different forms of transport, including MPLS, broadband internet and 4G or 5G networks, to more efficiently move traffic through the network based on application and performance policies.
The move to SD-WAN can also lower costs for some organizations. Ultimately, however, it generally takes a few years for an organization to reduce its costs with an SD-WAN solution. The hardware, software and implementation expenses for a new SD-WAN system are higher than traditional WANs. But generally after 18 to 24 months, organizations can begin to avoid cost increases by more efficiently routing traffic over less expensive internet circuits and, in turn, avoiding increasing their overall MPLS contracts with service providers.
Top Target: A Better Network
The primary business driver of an SD-WAN, however, is its ability to improve user experience, regardless of where those users are — in the office, at home or on the road. Central management and multiple transport capabilities enable administrators to define service-level agreements for applications, including voice, video and real-time traffic, and choose the path that best meets each application SLA. So, they can prioritize more mission-critical applications over other traffic.
The other main business driver is that SD-WANs change the operational paradigm for administrators. A key tenet of traditional WANs is that they operate each device independently, hop by hop, as one-off locations. The network has no unified control plane, so it can be challenging to steer traffic or make improvements.
Service providers have created homegrown systems to orchestrate these complexities on the backside, but SD-WAN puts the power in administrators’ hands, enabling them to manage a WAN far more simply and orchestrate it centrally. Thus, an administrator in an organization with 500 branches doesn’t have to reconfigure 500 routers to make a change to the network. He or she can implement policies at the system level and push them down to those 500 sites. And because SD-WAN uses a central management tool instead of relying on a device-by-device architecture, it can route traffic more efficiently and along better performing paths between the data center, branches and multiple clouds.
Security is another motivator for companies considering SD-WANs. Organizations used to house all their applications centrally in their secure data centers, where they could inspect traffic accessing them. As employees use more cloud-based applications, security has grown increasingly complex.
SD-WANs embed security directly in the routers at branches. Some security features, such as Layer 3 and Layer 4 firewalls, authenticating SD-WAN appliances and encryption over insecure mediums, such as the internet, are table stakes. Most SD-WAN solutions can integrate with external, cloud-based firewall systems to provide advanced branch security use cases such as intrusion prevention systems, next-generation firewalling and URL filtering. Some SD-WAN solutions can embed those advanced security use cases directly into the SD-WAN appliance, without the need for external services.
Much of the technology that’s built into SD-WANs is not new, but the way it’s consumed is new. Service providers or organizations with large, highly skilled IT staffs have been able to offer many of the capabilities of SD-WANs, but now organizations can more easily manage networks through a software platform.
SD-WAN is on the cusp of becoming mainstream. The industry is still in its infancy, but the promise of the technology has been clear for years. As many as 60 vendors began crowding the market with SD-WAN offerings, but most businesses have been waiting for the market to shake out. That was a wise choice, as some vendors have already gone out of business. There are only about two dozen serious players in the SD-WAN space now, a few of which are clearly ahead of the pack, including Cisco, Citrix, Silver Peak and Riverbed. As the market matures, more businesses are putting their SD-WAN plans into motion.
To learn more about the benefits of SD-WAN, read the CDW white paper "A Software-Defined Upgrade to Wide Area Networks."