SD-WAN has been in the news a lot lately. Some say it’s the future of networking. Others mention the multitude of vendors offering this technology. SD-WAN, of course, stands for software-defined wide-area network, which is a mouthful for many business decision-makers to get a handle on. But if you’re not already familiar with what SD-WAN technology is and how it works and why so many businesses are implementing it, this short article on our site will walk you through the basics.
But like all products and services that vendors try to sell, if the customer doesn’t need it, they won’t want to buy it. So, it all boils down to the question of need. What do customers need to help them build and manage a wide-area network? What needs do large enterprises have that SD-WAN can satisfy? To help get a handle on these important questions I talked recently with Damon Ennis the senior vice president of products at Silver Peak. Damon is responsible for the global product organization at Silver Peak including product management, engineering, manufacturing, and supply-chain operations.
MITCH: What kinds of difficulties do large-scale global enterprises often experience when they try to deploy basic and router-centric SD-WAN technology?
DAMON: Basic and router-centric SD-WAN solutions require manual device-by-device configuration often using an arcane CLI (command-line interface). Changes in network conditions, application requirements, or physical locations are handled with further manual tweaking.
These approaches may be augmented by using simple templates, but the architecture remains static and error-prone, forcing the applications to conform to the network rather than the network dynamically adapting to the application’s needs. As branch WAN networks eclipse thousands or tens-of-thousands of locations, the traditional approach is untenable.
In contrast, a top-down, business intent-driven SD-WAN solution is designed to automate the entire lifecycle such that the network conforms to the needs of the business and the applications “just work.”
MITCH: Why are such enterprises even considering SD-WAN deployment? What kinds of business benefits are they hoping to achieve by doing this?
DAMON: Initially, enterprises looked to SD-WAN to save cost by leveraging the economics of shared Internet and SAAS applications vs. traditional applications deployed in the datacenter and accessed over private MPLS networks. Today, enterprises are realizing the benefits of a truly automated, business-driven network. Globally distributed businesses are benefiting from a WAN that automatically adapts to changes in network conditions and application behavior. Enterprises that are seeking to expand their business either organically or via acquisition benefit greatly from the ability to immediately and automatically onboard additional locations into their network; realizing the benefits of their expansion in a much shorter time. And, ultimately, enterprises are better equipped to advance digital transformation and cloud initiatives, often achieving a multiplier effect from those investments.
Initially, enterprises looked to SD-WAN to save cost by leveraging the economics of shared Internet and SAAS applications vs. traditional applications deployed in the datacenter and accessed over private MPLS networks. Today, enterprises are realizing the benefits of a truly automated, business-driven network.
MITCH: What kinds of advancements in automation and virtual routing and forwarding (VRF) are needed to make it easier for enterprises to implement and manage SD-WAN technology for their environments?
DAMON: Automation needs to be applied to networking in the same manner it is being applied to self-driving vehicles. With self-driving vehicles, you don’t decide which turns to make and when to accelerate or slow down. Rather, you simply tell the car your destination and the automation takes over from there.
Over time, the “SD” in SD-WAN will shift from software-defined to self-driving. Rather than telling the network which links or paths it should use for a specific application, you describe, at a high level, the emergent application behavior and security posture you wish to achieve, and then automation takes over. The automation should deliver on your desired application behavior regardless of changes in underlying network conditions, application definitions and physical infrastructure. The automation ensures that the IT team sleeps at night because users can always access their applications without manual IT intervention.
Automation needs to be applied to networking in the same manner it is being applied to self-driving vehicles. With self-driving vehicles, you don’t decide which turns to make and when to accelerate or slow down. Rather, you simply tell the car your destination and the automation takes over from there.
Virtual routing and forwarding (VRF) have traditionally been used to solve problems with overlapping subnets and IP addressing in complex networks. The quintessential use-case is mergers and acquisitions (M&A). When one large bank acquires another, subnets and IP addresses clash all over the network. Traditional VRF solves this problem by having separate routing planes for each bank. The challenge is that this has traditionally been configured manually, router-by-router. This is time-consuming and error-prone. The challenge is exacerbated as networks scale to thousands or tens of thousands of sites.
MITCH: How has Silver Peak been trying to address these needs through their SD-WAN technology offerings?
DAMON: Today, enterprises are faced with huge complexity when trying to implement VRFs, firewalls, and network address translation (NAT) policies in a consistent manner to meet the ever-increasing demands of their lines of business.
Silver Peak provides comprehensive segmentation capabilities that solve the problems that are addressed with legacy VRF solutions such as M&A expansion and enterprise access to partner ecosystems.
Unlike traditional, manually configured VRFs, Silver Peak delivers advanced segmentation in a fully automated, top-down, GUI-driven solution. Our segmentation solution is fully integrated with our stateful zone-based firewall and NAT, overcoming the problems that network architects struggle with when trying to implement traditional VRFs.
MITCH: Anything else you’d like to add on this subject?
DAMON: SD-WAN has gone mainstream. The use-cases are expanding beyond traditional enterprise branches and retail stores to ATMs, cruise ships, trains, and even first-responder backpacks. Because of these new use cases, we are now seeing global enterprises scaling deployments to tens of thousands of locations or things rather than the thousands of physical locations of 2019.
MITCH: Damon, thanks very much for giving us some of your valuable time!
DAMON: Thank you!
Featured image: Shutterstock
