Introducing a Software-Defined WAN.
Software Defined WAN (SD-WAN) is a modern approach to building and operating Wide Area Networks. SD-WAN is the logical extension of virtualization in the data center and Software Defined Networking in those data centers. Augmenting your existing WAN infrastructure with SD-WAN functionality reduces WAN cost, improves availability and application performance while also simplifying management and reducing Service Provider dependence.
Infradata’s networking, cloud and SD-WAN experts can help you choose and design the best solution for your organization, either as a managed service or as a solution that you operate yourself.
Improve network and application performance.
Traditional WANs rely on a single link or path between locations. Forwarding decisions are made purely based on the destination and the “best” path to that destination. “Best” is usually a function of the number of hops that need to be traversed and the speed of the WAN-links. It doesn’t consider whether or not the link is congested, has high latency or is suffering brownouts. It also doesn’t consider whether the path is economical or expensive. High-availability in the WAN is achieved by provisioning a back-up link that is activated when the primary link fails completely. SD-WAN routes the traffic based on the quality of a path and the SLA requirements defined for the applications and destinations. SD-WAN routers have a real-time view of the current state of all available paths, end-to-end. All available paths can be used in parallel, maximizing the available amount of bandwidth. Applications, such as VoIP, that suffer from line quality impairments (loss, latency and jitter) can be sent across paths with the highest quality. Some SD-WAN solutions can bond paths together to compensate for imperfections and improve end-to-end quality. Traffic that isn’t impacted by quality imperfections can be sent along low-cost paths to avoid impact on prioritised traffic.
Traditional architectures where traffic is first consolidated into a data centre before it is sent (via a security infrastructure) to the Internet do not scale for the needs of today’s cloud applications. The traditional approach limits the performance of cloud applications, resulting in complaints from users that “they get better application performance from home”. A well-designed SD-WAN solution offers the flexibility to break out SaaS, PaaS and IaaS traffic directly through a local Internet connection without sacrificing security.
Talk with an Expert
Speak with a solutions expert or architect. Give us a call or leave a message. Our team is ready for your business.
Lower WAN costs.
Studies show that up to 40% of total IT expenditure is spent on recurring costs from WAN service providers. Further costs are incurred to manage the infrastructure. WAN downtime and brownouts result in additional costs for an organization.
SD-WAN introduces a virtual network layer that allows organizations to transparently combine cost effective IPVPN services with traditional (and more expensive) private links, without incurring penalties for increased complexity or decreased user experience. Adding extra bandwidth capacity is as easy as adding an extra link and connecting it to the SD-WAN router. Replacing a provider is just as easy, giving you more leverage over existing suppliers to consistently provide value for money.
Increased flexibility and faster provisioning.
IT departments are under increasing pressure to deliver fast connectivity at minimal cost. Traditionally provisioning a private connection takes weeks or even months. SD-WAN networks will use whatever is provisioned first (i.e. a 4G mobile internet connection) while other links can be connected as they become available without a negative impact to operations.
Reduced management complexity.
An SD-WAN is managed through an Orchestrator that is the central point for network status visibility and configuration management. Application SLA requirements and policies are defined in the Orchestrator and pushed as configuration changes to the individual devices. Per device configuration is a thing of the past. The Orchestrator builds and manages the overlay topology as needed for applications. The complexities of traditional routing protocols in the WAN such as BGP and OSPF are pushed down to the providers of the different WAN-links, limiting them to the core of the network.
Link switchovers no longer require manual intervention and service changes no longer require many hours of CLI-based configuration and testing. They are reduced to a few mouse-clicks in the Orchestrator GUI.
Provisioning new sites is no longer a complex task requiring multiple operational and procedural steps. SD-WAN routers (as a requirement) support Zero Touch Provisioning (ZTP). ZTP allows an appliance with a factory default configuration to be installed on-site and find the Orchestrator, at which point it will be given its configuration. Once configured it will become part of the SD-WAN fabric and provide connectivity to all sites in the SD-WAN.
ZTP also makes it easy to replace a defective appliance with on-site or in-region spares, shortening the Mean Time To Repair (MTTR) incident cost and having little or no impact on stress levels within the organisation.
As the traditional IT architecture is replaced with elastic computing and Software as a Service (SaaS) the network is struggling to keep up with the changing traffic patterns. Resources and applications can move on a daily basis. Connections over public infrastructures are difficult to manage and provide no SLA guarantees. Direct connections between locations and cloud datacenters can provides these guarantees but are subject to similar cost, flexibility and complexity issues as existing MPLS connections. A well-designed SD-WAN solution can provide SLA guarantees without sacrificing the flexibility and cost benefits of the public Internet.
Using public networks to augment and expand the existing WAN has serious implications for the security footprint. SD-WAN addresses this by only using encrypted VPN tunnels across public networks. Use of the Internet connection for local break-out can be denied and eliminate the need of adding a local firewall. Application Intelligence allows SD-WAN routers to distinguish explicitly sanctioned applications from those which are not, and permits traffic to break-out with limited or no Firewall inspection while sending other traffic to the traditional security infrastructure in the data center, Firewalls in region or cloud-based security services.
Security can be streamlined with SD-WAN by allowing traffic to trusted destinations and applications to bypass in-depth scanning and analysis equipment, freeing it up to inspect suspicious traffic. SD-WAN therefore significantly improves the efficiency of existing security infrastructures.