Optus Blog

What is SD-WAN? | Guide to Software-Defined WAN

Written by user | April 16, 2020 8:27:46 PM Z

What is SD-WAN? 

If you’re tired of wading through the jargon and acronyms associated with telephony technologies, we hear you. That’s why we’ve created this simple guide to help you understand the basics of SD-WAN, or Software-Defined Wide Area Network.

You’ve probably heard of SD-WAN, and you may even be using it already. But what exactly is it?

 In simple terms, SD-WAN is a software-defined approach to managing your wide area network. The traditional WAN (wide area network) serves to connect users at the branch or campus to applications hosted on servers in the data center. In a cloud-centric environment, traditional WAN and dedicated Multiprotocol Label Switching (MPLS) circuits can no longer ensure security and reliability. As businesses adopt as-a-Service applications, an explosion in WAN traffic has created challenges in data management and vulnerability.

SD-WAN addresses these challenges by delivering efficient routing, threat protection, efficient offloading, and simplification of WAN network management. The use of SD-WAN provides enterprises with many benefits including:

  • Predictable service for all critical enterprise applications
  • Multiple hybrid active links for all network scenarios
  • Dynamically routed application traffic with application-aware routing
  • Improved OpEx, replacing expensive MPLS services with more economical and flexible broadband (including secure VPN connections)
  • Integrated threat protection and traffic security across broadband and into the cloud
  • Seamless extension of the WAN to multiple public clouds
  • A single, centralized management dashboard for configuration and management of WAN, cloud, and security

SD-WAN Requirements

Tips for Deployment

 

Before transitioning to SD-WAN, it’s important to evaluate the following criteria:

  • What applications are used most often in the network?
  • Which of the applications will be given priority in the event a conflict occurs?
  • What performance do users expect out of these applications?

Additionally, enterprises will need to consider the following:

  • What are your network needs? Start with what you are trying to accomplish by using SD-WAN. This could be cost reduction, expanded infrastructure, a better user experience, or anything in between. A good network assessment will be key in making your final decision. Once you have your needs identified, present these to potential providers and ensure their SD-WAN solution will meet your requirements.
  • What level of security will you require? As with any network solution, security will be key. There are no standard security features built into SD-WAN, so every company will handle this differently. Typically, security will be provided by endpoint devices such as layer 3 firewalls. Additionally, companies may provide encryption layers on top of this, such as IPSec VPN. Identifying your security needs will play a significant role in your decision on which provider to use.

 

Benefits of SD-WAN

Best Network Path: SD-WAN can balance down to the application level which network source has the optimal connection rates and direct traffic through that path.

Reliability: By using multiple data connections, SD-WAN can ensure you stay connected by using the connection that is currently up and best suited for your needs.

Fast Deployment: SD-WAN nodes can configure themselves and use cellular networks if needed to turn up a location quickly while waiting for circuit installs. MAC work can be done within minutes reducing downtime and need for onsite technicians by using cloud services and auto-provisioning.

 

The Case for Virtual Private Network (VPN)

A VPN a solution commonly used by enterprises wishing to securely connect two corporate networks or a remote worker to the company network. Your organization most likely has an advanced firewall in place for network security; with these types of appliances, VPN is almost always available. A VPN can be a cheap but useful option to allow connectivity for your users from anywhere.

 

Tips

Split Tunneling: Consider using split-tunneling to reduce the amount of traffic coming back to your network. This option allows you to send only internal traffic back to the site while allowing standard internet traffic to route over the user’s connection.

Additional Authentication: With VPN, you will need to authenticate, typically with a username and password. Adding another layer of authentication can be useful in protecting your network. RSA keys can be a good option. This generates a key that is required to be entered when connecting. The standard rule of thumb is to pick two of the following three; something you know (password), something you have (SSL Key), or something you can get (RSA Key).

End-User Connectivity: Your end-users connectivity will be key to the success of your VPN deployment. If they have lacking internet connections, this can cause issues with applications, file transfer, or even call quality. Training your users to minimize other internet hogging applications such as streaming music or video will be a huge benefit.

 

Additional Resources