The business wide area network (WAN) provides private connectivity between sites in a multi-location enterprise. As you can imagine, the technology has evolved substantially over the last few decades from basic point to point private line services to meshed network topologies. SD-WAN Explained will cover the latest in WAN transformation and describe the characteristics of Software Defined Wide Area Networks.
Evolution to SD-WAN
The evolutionary path up to today’s SD-WAN incudes:
- Private Line (point to point)
- Frame Relay and ATM
- VPN and Network-Based VPN
The traditional WAN would enable users at a remote office to access applications hosted at a corporate data center. Simple point to point networks were often the go-to in this type of environment, but they could not scale to connect users for larger enterprises. Frame Relay and ATM packet-switched networking offered greater economies as a “host port” at a data center could serve as the on-ramp for all the remote offices and the hub for most application flows. In this legacy design, generally the data center would be the single gateway to the internet for all corporate users. Learn more about networking in our article entitled LAN vs WAN
As internet service providers expanded their presence and the number of global internet endpoints grew exponentially (Internet Growth Stats) business IT leaders and network service providers began to design and deploy WAN solutions using IPsec VPN tunnels across the internet. VPNs enable more dynamic private networks at a lower net cost than traditional private network solutions and can be highly secure due to inherent authentication and encryption capabilities.
MPLS (Multi Protocol Label Switching) is a packet-switched network technology that generally took over the market for frame relay and ATM networks and allowed many service providers to decommission their frame and ATM core switches. MPLS is now a common carrier core technology as it allows carriers to encapsulate and easily route other types of traffic, hence the name “multiprotocol”. The global market for MPLS is still strong and many large enterprises continue to buy and renew MPLS nodes, especially for site in geographies where internet service routes are questionable or security is of high concern.
SD-WAN or Software Defined Networking is the latest trend in enterprise networking. Macronet Services defines SD-WAN as an application-aware WAN technology that uses policy-driven decision making to direct flows of network traffic over underlying network links. SD-WAN solutions include the SD-WAN edge (physical or virtual), network transport, and an Orchestration layer, which controls the policies and simplifies management of the network by providing a source for detailed reporting.
The SD-WAN Marketplace
The market for SD-WAN is growing rapidly and is expected to surpass $6B in 2023 as enterprises adopt SD-WAN as their primary technology for connecting their locations and cloud services. The decisions to move to SD-WAN is typically driven by the IT leaders focus on the “end user experience” and the need to enable secure high-performance connectivity directly to cloud-based business applications. Further, SD-WAN can layer on a full stack of security feature and functions to combine into what is now called a Secure Access Service Edge, or SASE. SASE architectures may now incorporate next generation security features such as:
- Secure Web Gateways
- DDOS Mitigation
A Summary of SD-WAN Characteristics Includes:
- Network Agnostic – SD-WAN can leverage multiple types of network links at a single site
- Meshing – all sites can be fully meshed if desired
- Secure – Security can include a full stack of firewall functions and encryption
- Application Control – packet forwarding decisions based on policies
- Automation – centralized management enables simplified automation
- Visibility – centralized viewing of routing and applications specific performance
- Reporting – detailed reporting across the WAN
- Availability – uptime enhanced by multiple links and High Availability (HA) designs
- Efficiency – fully utilize bandwidth and direct applications to specific link types
Procuring the right SD-WAN solution for your enterprise might seem like an overwhelming task due to the ever-expanding list of available solutions. Macronet represents hundred of suppliers and the team at Macronet Services can help you define the ideal architecture and efficiently navigate the options. In the discovery process, we will use our tools and experience to help you consider:
- Data Applications
- Real-Time Applications
- Disaster Recovery
- Wireless Access Points
- Reporting & Analytics
- Current Inventory and Other WAN Environments
- Business Considerations
At Macronet Services, we see various sourcing trends that are driven by factors that are very specific to each of our clients. SD-WAN procurement models generally include:
- Customer Managed
- Carrier Integrated
- Managed Service Provider Overlay
Some clients are highly sophisticated and have the ability deploy and support SD-WAN edge and Orchestration solutions on their own, but most businesses do not have the desire to invest in the depth of resources for a Customer Managed model.
Carrier Integrated solutions are very common globally since many network service providers have built the SD-WAN orchestration layer and network-based security into their network and most carriers already have experienced managed services operations teams. In this model, you can source both network circuits and the SD-WAN edge from your network service provider. Carriers generally align with several SD-WAN technology partners such as VMWare Velocloud, Versa Networks, Cisco Viptela, Silverpeak, or other leaders.
Managed Service Provider Overlay networks can be sourced from a growing number of MSPs who focus specifically on designing, deploying, and implementing SD-WAN solutions for businesses. These solutions can be deployed over-the-top of existing WANs and typically provide 24x7x365 monitoring and support. Some MSPs have developed sophisticated internal tools to manage deployments and to integrate with enterprise ticketing systems. Each has their own strengths and the Macronet Services team can quickly help identify a short list of viable options for your business.
Network Based SD-WAN solutions are continuing to gain market share and are a great fit for certain enterprise users. In this model, the SD-WAN service provider has built out a global network of PoPs using various Tier 1 carriers and can offer SLAs across their core network. Enterprises connect to the network using IPsec VPN or may deploy an appliance at the customer edge. The SD-WAN core typically includes a list of enhanced security features and options such as remote access.
Looking Ahead in SD-WAN
As noted in this article, the SD-WAN market will continue to grow rapidly and the total number of options will continue to expand as service providers and technology vendors integrate more capabilities into their products. The movement towards the co-managed SASE SD-WAN model will increase in velocity as attack surfaces increase due to cloud and remote networking initiatives.
Regarding the WAN component, the SD-WAN architecture will include more 5G and LEO satellite links as performance metrics improve for these services and enterprises demand rapid deployment of secure high-bandwidth solutions. IOT adoptions will drive the need for highly granular segmentation based on the device class and the required security posture of each class.
Managed SD-WAN service providers will work to maintain an edge by developing and enhancing their own Intelligent Process Automation and AIOps (AI for IT Operations) solutions. Some will build their own SIEM/SOC product offerings to service clients who need to outsource security operations.
Enterprise users will benefit greatly by selecting MSPs who can align best with their needs and serve as a seamless and cost-effective extension of their IT operations. Contact Us at Macronet Services to have a conversation about how we can help your team design, source, and govern your WAN in partnership with your IT team.