What is SD-WAN? | SD-WAN Defined & How it Works
SD-WAN definition: What is SD-WAN?
SD-WAN, in a nutshell, is the application of software-defined networking (SDN) technology to wide area network (WAN) connections.
SD-WAN improves on traditional WAN by managing the networking hardware with a software based controller, which can be hosted in the cloud. This makes it simpler to manage and operate the network, as equipment can be controlled and configured from afar through software – without the need to send engineers onto the site.
It opens up the possibility for businesses to use low-cost Internet connectivity to partially – or entirely replace their existing MPLS connections.
Background: LANs, WANs and VPNs
To understand the context for the boom in SD-WAN, it’s helpful to provide a refresh on corporate networks and the technologies that underlie them.
Corporate networks are made up of local area networks (LANs) linking computers and servers inside buildings over dedicated wiring, and wide area networks (WANs) which connect different sites and offices across the “wide” area.
WANs usually involve telco or service provider (SP) infrastructure of some sort, as enterprises don’t generally own long-distance cables or radio networks. For many years, the fundamental building block was a “leased line” or “private circuit”, provided by telcos to corporate customers on a rented basis. Despite transiting the public network, these connections are still referred to as “private networks”, as the users own or control the network boxes that sit at the ends of WAN connection.
Virtual private networks (VPNs) are modern variants, that look as though they have dedicated links from place to place, but actually share the underlying Internet protocol (IP) infrastructure by “tunnelling” across it. VPNs can either transit the public Internet, or can be dedicated services provided by telcos/MSPs that use a shared core network, with local access links (“tail circuits”) that connect the VPN to each location. A technology called Multi-Protocol Layer Switching (MPLS) is a prominent form of VPN service offered by telcos.
Most larger businesses now use a mix of different WAN and VPN technologies depending on the requirements for each site of link.
For telcos, the WAN market has always been a good source of both revenue and profitability, even while it has attracted many new entrants intent on cherry-picking customers, by deploying fibre in business districts or long haul between key cities. The constant need for orders-of-magnitude more bandwidth has created its own ecosystem of vendors, standards and channels.
SD-WAN use-cases: what is SD-WAN for?
The are many different use-cases for SD-WAN. The relative importance of these varies hugely by organisation type and size, the applications used, and the extent to which those companies rely on telcos/SPs to manage the network, rather than relying on internal skills.
Some examples of SD-WAN use cases include:
- Connecting major offices & HQs to each other, or central data-centres
- Connecting data-centres to each other
- Connecting branch sites to HQ or a data-centre
- Connecting smaller regional or international offices into the corporate network
- Connecting to the Internet, either via a central gateway, or with multiple connections into a number of sites
- Direct connections to public cloud or hosted services
- Direct connections to partners or industry-wide networks
- Remote access for home-workers and mobile users
- SD-WAN architecture: How SD-WAN works
While there are numerous approaches to SD-WAN, the over-riding characteristic is that it can connect sites using multiple connections from different providers or different types over the public Internet, as well as (or instead of) private connections like MPLS. This allows “dynamic traffic routing”, as shown in the diagram below:
Customer premises equipment (CPE) deployed at each site is connected to a centralised control system, which enables management and provisioning via web portals, direct connections to major external cloud services, and analytics tools.
CPE provided as part of an SD-WAN solution varies widely in capability and sophistication. At a minimum, they are essentially hybrids of routers and WAN optimisers, with in-built VPN capability and some sort of policy management. They may be able to support multiple Internet connections, cellular or even satellite links. Some can host extra security or other applications – which may well be billed as “virtual network functions (VNFs)”, even though they might not conform to the telco world’s definitions and standards.
More information can be found in our report Flavours of SD-WAN: What’s on offer, and which work?
Business benefits of SD-WAN for enterprises: Why SD-WAN?
Enterprises throughout the world are rapidly digitising their operations. Increasingly, the digital strategies they are adopting include the transition of business tools, applications and processes to a ‘multicloud’ environment: involving a hybrid combination of applications and data hosted in one or more public clouds alongside the company’s own private data centres. Digital enterprises require secure access to their applications and data from any location, at any time, via any device and over any network.
Traditional WAN architecture models often do not provide the scale, flexibility or agility required to support this transition. Consequently, these businesses need to look for a new, simplified and automated approach to managing and transforming their WAN.
SD-WAN offers a range of benefits for enterprises that address this problem. In particular, it enables enterprises to:
Other benefits of SD-WAN include:
- Use cheap Internet access to work alongside private/MPLS WAN connections, typically for less- sensitive applications.
- Get connectivity from multiple suppliers, using multiple physical connections, to remove single points of failure.
- Short-circuit the path from branch sites to the Internet or public-cloud SaaS services, while maintaining good levels of security and scrutiny, reported centrally.
- Prioritise certain applications, send them down different paths, monitor performance (e.g. voice-call MoS scores), apply differential security policies and so forth.
- Monitor the quality / congestion of the various connections in real-time, and dynamically choose which path to select.
- Send the same data down multiple connections to the far end, and then use the packets from whichever arrives first, to reduce average latency.
- Allow load-balancing or bonding of private and public connections, either to give extra theoretical capacity, or to provide backup and resiliency.
- Host security functions, either built-in or downloaded as “virtual appliances”.
- Provision or modify connections in a “zero-touch” fashion.
- Get new, remote or temporary sites up-and-running immediately using LTE, while waiting for MPLS or Internet to be provisioned.
- Support future IoT connectivity requirements across the WAN, both on the device/industrial side, and on the IoT platform / cloud side.
Future of SD-WAN: Where next?
At STL Partners, we believe that SD-WAN under its current definition is not an end in itself. All indications are that enterprises are becoming increasingly cloud-centric, and we see no sign of this trend reversing. SD-WAN will no doubt be a key component of the multicloud ecosystem – but it will require an evolution beyond the confines of what is currently being packaged and sold.
In short, existing SD-WAN offerings are just the first step on a longer journey towards integrated, software-driven WAN operations and networking on a broader scale. Enterprises and vendors planning SD-WAN rollout would do well to consider how that evolution could unfold.
As with any new technology, there are multiple pathways that this evolution could follow – none of which are yet well-understood. STL Partners has identified three emerging evolution pathways, which we explain in detail below. The options are:
- SD-WAN used as the first step towards SD-Branch: SD-WAN is deployed as a stepping stone technology towards more advanced, integrated management of enterprises’ LANs and branches alongside the WAN.
- SD-WAN sold “as a Service”: SD-WAN starts to be offered as a more fully cloud-based software service, free from vendor or hardware-based constraints
- SD-WAN used as an enabling component of edge/IoT platforms: SD-WAN features and infrastructure are integrated with service providers’ edge computing and Internet of Things (IoT) platforms, with sales focus on enterprise automation and process optimisation, rather than the SD-WAN component itself
More information can be found in our recent report, Predicting the future: where next for SD-WAN?
Telco vs. non-telco SD-WAN: What’s the difference?
Enterprises have two options when adopting SD-WAN: telco providers or non-telco vendors. This article explores the benefits of each option.
What is SASE?
SASE is a cloud-based networking platform designed to secure decentralised networks that connect users, applications & devices from anywhere.
8 Leading SD-WAN Providers: A Comprehensive Analysis
With several, complex SD-WAN offerings available and different players able to provide on-demand SD-WAN and multi-cloud networking capabilities, the SD-WAN ecosystem and market is becoming an increasingly interesting area and a potential battleground. This article provides an overview of the leading SD-WAN providers.