An Overview of SD-WAN August 12, 2020 Networks    0 Comments

The permeating adoption of cloud-based services with related applications has culminated into a large portion of traffic- traveling back and forth across broadband Internet and WAN connections. In today's world of ubiquitous connectivity, legacy WAN Architectures face some significant challenges, which typically consist of multiple MPLS transport(s) or MPLS paired with an Internet circuit (used as active/backup). Most often, Internet traffic is backhauled to the regional data-center for Internet access. This architecture faces few challenges along with routing-related issues. Some of the problems with such architectures are:

1. Insufficient bandwidth along with high bandwidth costs
2. Application downtime
3. Poor SaaS performance
4. Complex operations
5. Complex workflows for cloud connectivity
6. Long deployment times and policy changes
7. Limited application visibility, and
8. Difficulty in securing the network.

A standard WAN Router consists of three fundamental components:

1. Control Plane
2. Data Plane or I/O Module
3. Switch Fabric or Backplane

Let us discuss each of them:

1. Control Plane: Consist of a Routing Table, or Routing Information Base (RIB) created with the help of routes.
2. Data Plane or I/O Module: Consists of Forwarding Information Base (FIB), which is a replica of the RIB.
3. Switch Fabric or Backplane: The Router Control plane and Data plane are connected via a common backplane.

If any of the above planes become faulty, organizations would face outage in the network.

Software-Defined Networking (SD-WAN): The answer to network outages

SD-WAN is a technology that has evolved as a solution to address the above challenges related to architectures and routers. Software-defined networking is a centralized approach to network management.

In SD-WAN, the Data Plane forwarding, and Control Plane are segregated to centralize the intelligence of the network. This architecture allows for centralized provisioning, monitoring, and troubleshooting, better network automation, and operations-simplification.

Why SD-WAN:

SD-WAN is an enterprise-grade WAN architecture that enables digital transformation for enterprises. It helps to integrate all facets of secure networks such as routing, security, centralized policy, and orchestration into large scale networks.

Some of the benefits SD-WAN include:

1. Comprehensive security and end-to-end network segmentation: Usage of VPN tunnels, next-generation firewalls, and the micro-segmentation of application traffic
2. Centralized Policy Management: Single pane of glass for policy-push across the entire network
3. Transport-independent: SD-WAN delivers independence from underlying transport whether internet or MPLS
4. Deployment flexibility: Due to the separation of the control plane and data plane, controllers can be deployed on-premises/cloud or a combination of both
5. Application visibility: End-to-end visibility into applications and infrastructure across the entire SD-WAN infra
6. Recognition and application-aware policies: Micro-segmentation of applications with policy-based filtering
7. Easy troubleshooting, configuration, and monitoring: Single dashboard and real-time monitoring for configuration and troubleshooting

SD-WAN Market Analysis:

Today, enterprises seek a lean setup for a new branch/office. The SD-WAN solutions available today are easy to deploy and have the ability to grow gradually based on need. However, there is inconsistent vendor support across WAN capabilities faced in the market today. Some of them are:

• Inconsistent Routing Support: Few vendors support both LAN and WAN-side dynamic routing. Another classification is based on routing on the WAN side, static routing, while other vendors support no routing at all
• Automated IP address discovery and address table creation is being supported by less than half the vendors in the SD-WAN market
• A few vendors in the SD-WAN market support legacy WAN interfaces such as T1/E1
• Not all vendors support integration with orchestration systems and northbound REST APIs

There are a few application features that are readily available across vendors in the market. Enlisting some of them below:

• Support of multiple form factors, including x86 platforms and virtualized platforms
• Full application discovery, including separating voice, video, and data within a WebRTC collaboration application
• Reporting and visualization capabilities
• The breadth of algorithms available to load-balance across multiple pipes effectively
• The scalability of the number of sites, VPN tunnels, and throughput capacity of edge devices

SD-WAN Deployment Requirements:

The SD-WAN market is seeing an evolution concerning greater functionality embedded within SD-WAN solutions, along with the evolution of vendors' architectural options.

Today, the fundamental architectural model consists of a Central Controller and Edge devices distributed to branch offices and data centers. The distribution enables functionality to be moved from the branch office to the controller. However, this architecture is likely to evolve to multi-controller models and open APIs to integrate the controller with higher-level orchestration systems.

Let us look at each of the components of the architecture in more details:

Controller:

The controller supports central policy management within the network. It enables network-wide policy definitions and network-wide traffic visibility. Controllers can be deployed within the enterprise network, or externally in a hosted area.

Edge Devices:

Edge Device solutions in the market consist of multiple deployment models- spanning from x86 off-the-shelf platforms, fully integrated appliances, integrated appliances with virtualization capabilities, wide-area-located gateway services, etc.

A few market trends that may be observed in the edge device solution market are:

• Vendors will support a wide range of devices, from tiny thin devices with only basic functionality for smaller branch offices to large thick devices supporting a wide range of functionality for larger data-centers
• Devices will embed virtualization (for flexible, functional deployment scenarios) within the edge device
• Devices will support WAN service termination so that carriers can deploy these edge devices as part of their managed WAN services

Hughes Systique's services in the SD-WAN market:

Every organization's need differs while deploying cloud-based or virtualized solutions. We at Hughes Systique can help you evaluate the best solution based on your needs. Here are a few facets that we can help you in:

1. Understanding the Architectural requirement (Hardware/software components) for your organization: Team of specialists, tailoring a custom-made solution reviewing all aspects of WAN infrastructure
2. Solution applicability within your network: Hughes Systique can help you design a cost-effective solution with an in-depth analysis of northbound traffic and application
3. Evaluate session-based or packet-based solution: Reducing the network complexity by using session-based routing and dynamic routing decisions specifically for application-centric infra
4. Embedded security features- Leveraging inbuilt FW, IPS, VPN along with secure zero-touch provisioning
5. Low latency platforms for networks: Application quality of service (QoS) categorization and policy changes for predictable performance for low-latency network