What Is SD-WAN?
SD-WAN is a software-based network technology that offers a modern, flexible, and more effective way to administer wide-area networks.
What Is SD-WAN?
SD-WAN Definition
SD-WAN is an emerging networking technology that allows IT engineers to centrally and intelligently manage or orchestrate wide-area networks using applications like software-defined WAN controllers.
How does SD-WAN work?
In contrast to traditional router-based models that prefer TCP/IP addresses and access control list (ACL) tables for traffic routing, SD-WAN uses software and network virtualization for intelligent, application-aware traffic management. It dynamically chooses from hybrid WAN connections, including LTE, MPLS, and broadband internet, to identify the best path for traffic delivery across the network. Dynamic, policy-based traffic management in WAN minimizes packet loss or jitter, which in turn improves the end-user experience while accessing on-premises, cloud, or hybrid enterprise apps. This also eliminates the network latency, bandwidth, and application performance issues evident in conventional WAN networks.
SD-WAN technology uses various off-the-shelf software-defined WAN devices to operate the network. These appliances are centrally managed, interconnected via encrypted tunnels, and installed across every remote site or branch of an organization. They handle traffic routing and monitoring based on application-based policies and real-time traffic conditions. For instance, if a particular network link fails, such appliances automatically divert the traffic to an alternative connection to ensure connectivity. Businesses can also create multiple traffic policies to meet the quality of service (QoS) requirements of mission-critical business applications, such as enabling priority queuing for interactive apps to improve performance. With centralized orchestration and zero-touch provisioning, these policies can be instantly pushed to thousands of appliances across branches, and saving operators from configuring them individually. While policy-based routing isn’t a new technology, SD-WAN can be seen as an evolution and opens the door for more advanced technology and embraces the use of machine learning to find the best possible connection for each use case without manual, administrative input.
SD-WAN vs. traditional WAN
Traditional WAN uses older MPLS circuits to connect users at remote sites to apps hosted in the on-premises data centers. This hardware-based approach to WAN administration guarantees reliable connectivity and security. Private MPLS lines are the primary transport option, while broadband internet is the backup option if the primary path becomes unavailable in such a setup. Traditional WAN architecture is ideal for businesses operating in a specific geographic region with special connectivity requirements, but it is cloud-adverse. Due to traffic backhauling and bandwidth constraints, enterprises face increased latency and poor application performance while steering cloud apps traffic through conventional WAN.
In contrast, software-defined WAN is a modern, cloud-first approach that simplifies WAN administration. It provides more flexibility and agility than traditional WANs by programming the network behavior centrally using software such as the software-based WAN controller. It can easily support bandwidth-intensive cloud apps by distributing traffic smartly across high-speed, low-cost connectivity options, such as LTE and broadband internet, along with conventional MPLS lines. Software-defined WAN offers real-time traffic monitoring and network segmentation capabilities, making it safer and more reliable than traditional WAN.
SD-WAN vs. SDN
Both SD-WAN and software-defined networking (SDN) have common functions and a similar underlying infrastructure where the data plane and control plane is decoupled to enforce centralized network control. However, specific differences distinguish them.
SDN addresses the modern computing needs of the local area networks or service provider networks by making them agile, scalable, and programmable. It’s mainly used in data centers to provide on-demand services, simplify network management, and reduce operational costs. Network administrators or end users can configure and manage network resources quickly with the help of automated SDN programs or policies through a centralized console. Commodity and specialized switching hardware helps establish such networks.
Software-defined WAN, on the other hand, is the logical application of SDN in wide area networks. In contrast to SDN, which solely focuses on the internal network or LAN, SD-WAN connects geographically dispersed branch offices, data centers, and remote users of an organization over a unified, high-performance WAN. Instead of end users, vendors configure the appliances in this network. SD-WAN uses off-the-shelf x86 network appliances and reduces both OpEx and CapEx costs compared to SDN.
What is SD-WAN architecture?
Abstraction and virtualization are critical aspects of a software-defined WAN architecture. It can support both on-premises and cloud apps with the highest level of app performance compared to conventional WAN based on MPLS circuits. The control plane, data forwarding plane, and applications are separated in this architecture to simplify network management. Outlined below are the three vital components of this virtualized architecture.
Software-defined WAN edge: The endpoints of this abstracted network are located at the WAN edges. Examples include branch offices, remote data centers, and cloud platforms.
Software-defined WAN controller: This SaaS application centrally manages all the network nodes. It also retrieves QoS performance metrics of encrypted tunnels and defines policies.
Software-defined WAN orchestrator: The orchestrator operates like a virtualized administrator to perform real-time traffic monitoring and instruct other network devices to follow operational rules or policies.
These basic components are ubiquitous in commercially available software-defined WAN solutions, such as VMware SD-WAN (VeloCloud), Cisco SD-WAN (Viptela), and Meraki SD-WAN. There are three types of network architecture.
On-premises software-defined WAN includes a plug-n-play router that connects with network devices at remote sites only. Cloud gateway connectivity is restricted as all the business apps are hosted on-premises in such a setup.
Cloud-enabled software-defined WAN has the option for virtual cloud gateway connectivity to host SaaS apps without any latency and performance issues.
Cloud-enabled with backbone SD-WAN makes switching from a less secure public internet to a private, MPLS-based connection easier, thanks to the availability of an additional backup in the form of the service provider's nearby network point of presence (PoP).
SD-WAN benefits
Cost-effective: Software-defined WANs offer multiple transport options, such as MPLS, LTE, and broadband internet, which can be used in different combinations to fully use network bandwidth and lower operational costs. For instance, network operators can shift non-critical WAN traffic from expensive, private MPLS links to broadband internet to reduce transport costs. Centralized network control and zero-touch provisioning eliminate frequent on-site visits by IT for WAN deployments, minimizing administrative costs.
Agility: Today, network engineers face constant pressure to identify new ways to rapidly connect multiple remote sites or users to enterprise cloud and SaaS solutions without compromising on cost, security, and performance. Fortunately, the software-based approach to managing WAN allows global businesses to build a unified WAN architecture with the flexibility to add new links or optimize existing WAN services. Unlike traditional WAN, IT staff can complete these tasks in a few hours with software-based network administration.
Simplified management: Provisioning and management of a WAN become more straightforward with software. Unlike MPLS, IT staff don't need to configure network devices individually in virtualized WAN architecture. They rely on a single, centralized software-based controller to manage appliances across various locations with template-based provisioning.
Improved application performance: Policy-based traffic management and utilization of multiple transport mechanisms in programmatically managed WANs can enhance the availability of mission-critical business apps. Software-defined WANs, such as Cisco SD-WAN, VMware SD-WAN, and Meraki SD-WAN, also prevent traffic backhauling to improve cloud apps' performance and user experience.
What Is SD-WAN?
SD-WAN Definition
SD-WAN is an emerging networking technology that allows IT engineers to centrally and intelligently manage or orchestrate wide-area networks using applications like software-defined WAN controllers.
How does SD-WAN work?
In contrast to traditional router-based models that prefer TCP/IP addresses and access control list (ACL) tables for traffic routing, SD-WAN uses software and network virtualization for intelligent, application-aware traffic management. It dynamically chooses from hybrid WAN connections, including LTE, MPLS, and broadband internet, to identify the best path for traffic delivery across the network. Dynamic, policy-based traffic management in WAN minimizes packet loss or jitter, which in turn improves the end-user experience while accessing on-premises, cloud, or hybrid enterprise apps. This also eliminates the network latency, bandwidth, and application performance issues evident in conventional WAN networks.
SD-WAN technology uses various off-the-shelf software-defined WAN devices to operate the network. These appliances are centrally managed, interconnected via encrypted tunnels, and installed across every remote site or branch of an organization. They handle traffic routing and monitoring based on application-based policies and real-time traffic conditions. For instance, if a particular network link fails, such appliances automatically divert the traffic to an alternative connection to ensure connectivity. Businesses can also create multiple traffic policies to meet the quality of service (QoS) requirements of mission-critical business applications, such as enabling priority queuing for interactive apps to improve performance. With centralized orchestration and zero-touch provisioning, these policies can be instantly pushed to thousands of appliances across branches, and saving operators from configuring them individually. While policy-based routing isn’t a new technology, SD-WAN can be seen as an evolution and opens the door for more advanced technology and embraces the use of machine learning to find the best possible connection for each use case without manual, administrative input.
SD-WAN vs. traditional WAN
Traditional WAN uses older MPLS circuits to connect users at remote sites to apps hosted in the on-premises data centers. This hardware-based approach to WAN administration guarantees reliable connectivity and security. Private MPLS lines are the primary transport option, while broadband internet is the backup option if the primary path becomes unavailable in such a setup. Traditional WAN architecture is ideal for businesses operating in a specific geographic region with special connectivity requirements, but it is cloud-adverse. Due to traffic backhauling and bandwidth constraints, enterprises face increased latency and poor application performance while steering cloud apps traffic through conventional WAN.
In contrast, software-defined WAN is a modern, cloud-first approach that simplifies WAN administration. It provides more flexibility and agility than traditional WANs by programming the network behavior centrally using software such as the software-based WAN controller. It can easily support bandwidth-intensive cloud apps by distributing traffic smartly across high-speed, low-cost connectivity options, such as LTE and broadband internet, along with conventional MPLS lines. Software-defined WAN offers real-time traffic monitoring and network segmentation capabilities, making it safer and more reliable than traditional WAN.
SD-WAN vs. SDN
Both SD-WAN and software-defined networking (SDN) have common functions and a similar underlying infrastructure where the data plane and control plane is decoupled to enforce centralized network control. However, specific differences distinguish them.
SDN addresses the modern computing needs of the local area networks or service provider networks by making them agile, scalable, and programmable. It’s mainly used in data centers to provide on-demand services, simplify network management, and reduce operational costs. Network administrators or end users can configure and manage network resources quickly with the help of automated SDN programs or policies through a centralized console. Commodity and specialized switching hardware helps establish such networks.
Software-defined WAN, on the other hand, is the logical application of SDN in wide area networks. In contrast to SDN, which solely focuses on the internal network or LAN, SD-WAN connects geographically dispersed branch offices, data centers, and remote users of an organization over a unified, high-performance WAN. Instead of end users, vendors configure the appliances in this network. SD-WAN uses off-the-shelf x86 network appliances and reduces both OpEx and CapEx costs compared to SDN.
What is SD-WAN architecture?
Abstraction and virtualization are critical aspects of a software-defined WAN architecture. It can support both on-premises and cloud apps with the highest level of app performance compared to conventional WAN based on MPLS circuits. The control plane, data forwarding plane, and applications are separated in this architecture to simplify network management. Outlined below are the three vital components of this virtualized architecture.
Software-defined WAN edge: The endpoints of this abstracted network are located at the WAN edges. Examples include branch offices, remote data centers, and cloud platforms.
Software-defined WAN controller: This SaaS application centrally manages all the network nodes. It also retrieves QoS performance metrics of encrypted tunnels and defines policies.
Software-defined WAN orchestrator: The orchestrator operates like a virtualized administrator to perform real-time traffic monitoring and instruct other network devices to follow operational rules or policies.
These basic components are ubiquitous in commercially available software-defined WAN solutions, such as VMware SD-WAN (VeloCloud), Cisco SD-WAN (Viptela), and Meraki SD-WAN. There are three types of network architecture.
On-premises software-defined WAN includes a plug-n-play router that connects with network devices at remote sites only. Cloud gateway connectivity is restricted as all the business apps are hosted on-premises in such a setup.
Cloud-enabled software-defined WAN has the option for virtual cloud gateway connectivity to host SaaS apps without any latency and performance issues.
Cloud-enabled with backbone SD-WAN makes switching from a less secure public internet to a private, MPLS-based connection easier, thanks to the availability of an additional backup in the form of the service provider's nearby network point of presence (PoP).
SD-WAN benefits
Cost-effective: Software-defined WANs offer multiple transport options, such as MPLS, LTE, and broadband internet, which can be used in different combinations to fully use network bandwidth and lower operational costs. For instance, network operators can shift non-critical WAN traffic from expensive, private MPLS links to broadband internet to reduce transport costs. Centralized network control and zero-touch provisioning eliminate frequent on-site visits by IT for WAN deployments, minimizing administrative costs.
Agility: Today, network engineers face constant pressure to identify new ways to rapidly connect multiple remote sites or users to enterprise cloud and SaaS solutions without compromising on cost, security, and performance. Fortunately, the software-based approach to managing WAN allows global businesses to build a unified WAN architecture with the flexibility to add new links or optimize existing WAN services. Unlike traditional WAN, IT staff can complete these tasks in a few hours with software-based network administration.
Simplified management: Provisioning and management of a WAN become more straightforward with software. Unlike MPLS, IT staff don't need to configure network devices individually in virtualized WAN architecture. They rely on a single, centralized software-based controller to manage appliances across various locations with template-based provisioning.
Improved application performance: Policy-based traffic management and utilization of multiple transport mechanisms in programmatically managed WANs can enhance the availability of mission-critical business apps. Software-defined WANs, such as Cisco SD-WAN, VMware SD-WAN, and Meraki SD-WAN, also prevent traffic backhauling to improve cloud apps' performance and user experience.
Multi-vendor network monitoring that scales and expands with the needs of your network.
View More Resources
What Is Network Visualization?
Network visualization allows you to pictographically showcase the network architecture, including device arrangement and data flows.
View IT GlossaryWhat is Network Discovery?
Network discovery is a process of finding devices that also allows systems and nodes to connect and communicate on the same network. This helps network administrators locate devices, create network maps, organize device inventories, enforce accurate device access policies, and gain better control of the infrastructure. Network discovery also helps to find static, dynamic, reserved, and abandoned IP addresses.
View IT GlossaryWhat is MIB?
MIB is an organized, up-to-date repository of managed objects for identifying and monitoring SNMP network devices.
View IT GlossaryWhat is CPU usage?
CPU utilization indicates the amount of load handled by individual processor cores to run various programs on a computer.
View IT GlossaryWhat is Network Topology?
Network topology offers a diagrammatic explanation of the logical and physical setup of different components, such as routers and switches, in a network.
View IT GlossaryWhat Is Network Monitoring?
Network monitoring is a critical IT process to discover, map, and monitor computer networks and network components, including routers, switches, servers, firewalls, and more.
View IT Glossary