As a technology, software-defined wide area networking (SD-WAN) is not very well understood, but it is getting more buzz in tech circles lately. This is one technology that may be on more organizations’ radars over the coming years. But what is it exactly?
To understand this new tech, it is essential to first look at two complementary technologies: Software Defined Networking (SDN) and Network Function Virtualization (NFV.)
Software-defined networking (SDN)
SDN is a network architecture where the forwarding functions of network devices such as switches and routers are decoupled from the control logic. The control logic is shifted to a centralized controller which accesses and manages the devices through software. The controller may be located in the cloud or at another location that is physically removed from the devices under its control.
That sounds complex, but the concept of SDN can be explained with a simplistic example from the consumer realm.
Take a typical home that has many components such as plugs, switches, thermostats, bulbs, TVs and media players connected through electrical wiring. Typically, each of these elements is controlled individually by physically turning on or off the switch.
Now, swap each one of these components with a Wi-Fi-enabled smart version and suddenly, you can control each device through a centralized home automation hub such as Google Home or Amazon Echo. The control of these devices is now software-based.
In the same way, SDN does with routers and switches what Google Home does with a connected smart home. The SDN approach makes it easier for administrators to directly program and optimize the network without physically accessing the devices.
Network function virtualization (NFV)
NFV builds on the concept of SDN. While SDN virtualizes the network through software, NFV virtualizes the functions (applications) that run on the devices.
Examples of functions that run on network devices could include applications such as routing, firewalls and load balancers.
Virtualized software versions of these functions are referred to as virtual network functions (VNF). VNFs can run on commercially-off-the-shelf (COTS) servers, eliminating the need for proprietary appliances at every remote network location. For instance, a centrally managed firewall VNF can be applied to multiple locations resulting in substantial hardware cost reduction.
Software-defined wide area network (SD-WAN)
SD-WAN takes the concept of SDN and applies it to a network that is geographically spread out, making it possible for it to dynamically connect and optimize traffic across data centres, branches and cloud-based services.
Similar to the connected home example discussed above, SD-WAN uses smart universal customer premise equipment (uCPE) — or virtual CPE (vCPE) — at branch locations to enable enhanced manageability of the network. Centrally managed uCPEs can be used to prioritize traffic based on software-programmable policies and rules dynamically.
SD-WAN accommodates hybrid networks such as MPLS, Internet and LTE at the branches to enable path selection based on the cost of the network or criticality of the applications.
VNFs are added to the uCPE to provide required functionality such as routing, firewalling, WAN optimization and others.
How SD-WAN is delivered
At a high level, there are two approaches to how providers deliver SD-WAN.
In one option, a CPE-based solution focuses on adding uCPEs at the edges of the network to virtualize it and control it from the cloud. The underlying physical network and the responsibility to manage it is left to the customer. Moves, adds and changes at the physical network level are deferred to the service provider.
In the second option, a fully managed SD-WAN solution includes the management of the uCPE and the underlying network over which the software-based network rides. Subscription-based SD-WAN-as-a-Service offerings have also generated interest among enterprise customers looking for WAN alternatives.
A potential third option is for enterprise organizations, with access to skilled resources, to purchase the required hardware and implement an SD-WAN of their own.
The benefits of SD-WAN
SD-WAN can deliver various benefits to organizations:
- Centralized network administration and policy implementation help avoid manual configurations and the associated operational overhead.
- Support for hybrid networks allows for optimized path selection and WAN cost containment.
- Local connectivity at branches improves direct access to cloud-based services while providing disaster recovery and business continuity.
- Ability to dynamically prioritize traffic over the network enhances the performance of critical applications.
- Consolidation of services at the edge allows for the removal/reduction of hardware appliances and related costs.
- Uniform application of policies and rules ensure improved end-to-end network security.
…and the challenges of SD-WAN
SD-WAN has its share of challenges, which are primarily centred around transition costs and the question of “who does what?”
For example, existing network edge devices have to be swapped out or augmented to achieve virtualization capabilities. Multiple active-active access circuits have to be installed to enable hybrid networking which incurs ongoing costs. The promise of bandwidth-on-demand is limited by the bandwidth pre-provisioned on the underlying network by the carrier. In addition, if the SD-WAN provider is not the carrier, network augments will require planning and lead-time akin to traditional networks.
So SD-WAN is an evolving technology, but the network visibility, control and flexibility that it provides administrators can be invaluable. As more and more services move to the cloud, a flexible network such as the SD-WAN could become key to a business’s agility.