In the networking world, a term buzzing around a lot lately is SD-WAN or Software-Defined Wide Area Network. I know what you are thinking: here we go, yet another acronym, but don’t let that scare you off.
What is SD-WAN, Anyway?
SD-WAN is a traffic controller for your data. It directs the flow intelligently, ensuring each piece reaches its destination, no matter its route.
The “Software-Defined” part means this is done automatically instead of manually engineering the path. SD-WAN uses analytics to make real-time decisions, ensuring your data takes the most efficient routes across the network. SD-WAN achieves this by combining several common engineering techniques, but the key is that it is all automated, and the management is abstracted from the implementation.
So what’s the fuss all about?
Let’s set the scene.
I live in Australia, a pretty big country, but unlike other big countries, Australia’s main cities are concentrated on the coastline. So, where do you think all the network infrastructure is built? This creates a different problem for Australia’s many more regional towns and villages.
Options for connectivity to regional areas are sparse and comparatively more expensive as service providers need to build the underlying infrastructure; therefore, the operating costs for a traditional network with traditional connectivity, such as MPLS, are prohibitive.
This is where SD-WAN can help remove some barriers to operating in these more remote areas.
SD-WAN can save you $$ (sometimes)
SD-WAN can be very cost-efficient. With its ability to make the most out of different network connections, you won’t need to invest in high-end, expensive dedicated lines for every branch. All you need at a branch is an Internet connection. This could be as simple as a relatively cheap broadband connection from your favourite Internet Service Provider (ISP) or a cellular connection such as 4G or 5G.
Using cheap and cheerful Internet is just one of the benefits of SD-WAN. However, this benefit is only realised if multiple Internet links are utilised. SD-WAN is very powerful if it has multiple paths to work its magic. When dealing with Internet connections from your favourite Internet Service Provider (ISP), it is important to design this connectivity with plenty of redundancy in case your ISP has issues.
Does this mean you can’t use your existing expensive private WAN link that your business just took out a 3-year contract on? No, of course not. SD-WAN also functions over private links. This connectivity is known as an underlay and can be many different types of connection, from private MPLS to Cellular.
All about that ZTP
Zero-touch provisioning (ZTP) is a must-have feature of an SD-WAN solution. This method of deployment makes physically deploying SD-WAN a breeze. This works because all the smarts are split out from the physical appliance, and all the configuration is done on a controller hosted in the cloud (usually, but not always). You ship the physical box to the branch and have someone plug it in. It gets an Internet connection and phones home to the controller, configuring the devices per the network design.
There are other considerations in practice, such as who does the installation, and some ISP links don’t use dynamic addressing. So, there are things to consider when deploying SD-WAN, which is why planning is the key to success, just like any network deployment.
Single Pane of Glass
Centralised management is key to SD-WAN; everything must be accessible from the single management system, and only that management system controls the SD-WAN configuration. This prevents any duplication of configuration or unstandardised configuration across devices. It also makes life easier for admins at three in the morning when things inevitably go wrong.
Breaking Down the Tech Bits (This might get a little nerdy)
Understanding the technical intricacies of SD-WAN requires an exploration of its core components. Each component plays a vital role in orchestrating SD-WAN’s functionalities. So, in this section, let’s dive into each component of an SD-WAN solution.
Edge Devices
Utilising application-aware routing and real-time decision-making, these devices optimise data flow based on policies defined by the orchestrator. They sit at the edge of the SD-WAN network ( commonly called the SD-WAN fabric) and can be deployed as physical or virtual appliances.
Orchestrator
The orchestrator is the brains of the operations. You can think of the orchestrator as the wizard behind the curtain, except you pull the strings, and all from a single graphical interface.
You may hear SD-WAN defined as a separation of the data and control planes. The orchestrator is the control plane of the fabric. Within the orchestrator, you define the intent of your network rather than individual bits of CLI commands.
The Network Backbone ( AKA the Underlay Network)
The underlay network in the context of SD-WAN refers to the physical infrastructure that forms the foundation of the network. It includes the physical devices, such as routers and switches, as well as the various network links and connections. The underlay network provides the basic connectivity and transport for data between different locations in a network.
In SD-WAN, the underlay network is responsible for the efficient transmission of data, and it often involves multiple transport options, such as MPLS, internet, or 4G/5G connections.
Tunnels Everywhere (AKA the Overlay Network)
The overlay network is a software-defined layer that sits above the physical underlay network. Its primary purpose is to abstract and virtualise the network, allowing for dynamic management, optimization, and data traffic control. Unlike the underlay, which represents the physical infrastructure, the overlay introduces intelligence and programmability. The overlay is where SD-WAN technology shines.
Below are some of the key features of an SD-WAN overlay technology.
Virtualisation
SD-WAN leverages virtualisation to transform your network infrastructure from a physical entity into a dynamic, adaptable version. SD-WAN uses Virtual Network Functions (VNFs) to virtualise various network functions traditionally performed by dedicated hardware. This includes functions like routing, firewalls, and WAN optimization. By decoupling these functions from hardware, SD-WAN achieves greater flexibility and scalability.
Because of virtualisation, appliances can dynamically allocate resources to specific functions instead of being locked to the predefined limit of resources per function. For example, an appliance may need to adjust how much resourcing it gives to the router VNF; therefore, it takes resources away from other VNFs that are currently idle. Ultimately increasing the efficiency of the device.
Application Visibility and Control
SD-WAN controllers employ advanced algorithms and machine learning to gain insights into application behaviour. This visibility allows for intelligent decision-making, ensuring that critical applications get priority over less time-sensitive traffic.
Routing in SD-WAN
Dynamic routing is a crucial engineering technique in SD-WAN, allowing the network to adapt to changing conditions and select the most efficient path for data transmission.
SD-WAN utilises sophisticated algorithms to choose the best path for data traffic dynamically. These algorithms consider factors like latency, jitter, and available bandwidth to optimise the route, ensuring that data takes the fastest and most reliable path.
The network continuously monitors the performance of various paths in real-time. If one path experiences congestion or degradation, SD-WAN can seamlessly reroute traffic to a healthier path, preventing disruptions.
Data Security
Ensuring the security of data in transit is paramount for SD-WAN. This is achieved by creating secure tunnels and encrypting your information through the network.
SD-WAN encapsulates data packets, adding a layer of protection. It then encrypts these packets to secure them from potential threats.
Business Intent Optimisation (BIO)
Business Intent Optimization (BIO) is potentially the biggest benefit of running SD-WAN. BIO refers to a set of capabilities and technologies designed to align the performance and behaviour of a Software-Defined Wide Area Network with the strategic goals and priorities of the business. It aims to ensure that the SD-WAN infrastructure is technically efficient and supports and enhances the broader business objectives. Here’s an overview of key aspects related to Business Intent Optimization in SD-WAN:
Alignment with Business Goals
BIO goes beyond traditional network optimization by aligning the SD-WAN configuration and policies with specific business objectives. This involves understanding and incorporating business priorities, such as application performance, cost management, and user experience, into the design and operation of the SD-WAN.
Policy-Driven Configuration
Business Intent Optimization involves creating policies that reflect business intent. These policies are typically defined at a high level, expressing the desired outcomes rather than specifying technical details. For example, a policy might prioritise real-time video conferencing applications over less critical data transfers. But rather than manually creating QoS markings and queues, the orchestrator automates all of this for you. All you do is tell the orchestrator that you want real-time video to have a higher priority than other apps.
Considerations when deploying an SD-WAN Solution
The effective deployment of an SD-WAN solution involves technical considerations that maximise its potential. This is a high-level guide, generally in four main categories.
- Assessment: A technical assessment involves evaluating the existing network infrastructure, identifying pain points, and understanding specific technical requirements for SD-WAN integration. This assessment should explore the tools and methodologies used to analyse network conditions currently and determine any existing monitoring gaps.
- Planning: A comprehensive plan considers traffic patterns, application requirements, and security considerations. Technical planning ensures a smooth integration process that aligns with the organisation’s existing infrastructure.
- Implementation: Implementation involves rolling out SD-WAN in phases, leveraging virtualisation, and ensuring compatibility with existing systems. Most SD-WAN implementations will require some co-habitation period with the existing network infrastructure. Legacy network functions must be considered when implementing a new SD-WAN solution.
- Monitoring and Optimisation: Technical monitoring post-implementation involves real-time network performance analysis, making technical adjustments to optimise traffic routing, resource utilisation, and overall network efficiency. Whilst the automation and orchestration of an SD-WAN solution will provide invaluable insights and assistance in operating your network, monitoring and modifying configuration based on feedback in the early stages of implementation is important. As with most machine-learning-based algorithms, finding a baseline takes time and data before the benefits begin to show.
Some final thoughts
Whilst SD-WAN makes life simpler in many ways, it is still very important that the right planning and design go into an SD-WAN deployment. Not all SD-WAN solutions are created equal, so it’s good to get a view of the options available to you and which offering is the right fit for your business.