About me

Nullam nec elit quis tortor aliquam venenatis a ac enim. Quisque iaculis orci ante, eu tincidunt arcu tempor vitae. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Suspendisse malesuada ante dictum, auctor elit semper, semper dui.

SD-WAN – A Modern Solution for the Modern Network

SD-WAN – A Modern Solution for the Modern Network
June 4, 2018
by

This blog was originally published to the 128 Technology website – in 2020, Juniper Networks acquired 128 Technology. Learn more about the acquisition here.

You’ve probably heard the hype about Software-Defined Wide Area Networking (SD-WAN), most likely that it helps optimize networks, simplify operations, and reduce expenditures. However, you might be wondering what SD-WAN really means – especially if you’re considering adopting a solution after hearing all the buzz. It’s actually an application of software-defined networking (SDN) technology that can be added to WAN connections, linking enterprise networks over expansive geographic distances. As you can imagine, with the challenges this type of technology solves, there are many vendors who have brought their SD-WAN offerings to the market.

Solutions today are evolving in exciting new ways, making it important to know what’s basic, and what’s best-in-class when it comes to possible options. In this blog we’ll look at the benefits of traditional SD-WAN, approaches to implementation, and the bright future of recent cutting-edge solutions to help you plan effectively for this new technology choice.

THE BASIC BENEFITS OF SD-WAN

The benefits of traditional SD-WAN are plentiful and certainly worthwhile. Let’s take a quick look at the big six:

  • Cost effectiveness – Replacing or augmenting high-cost MPLS networks with secure, low cost broadband Internet connections enables cost savings.
  • Risk insight – Employing multiple access technologies reduces the chances that a single network issue will cut off connectivity to one or more of your locations.
  • Scalable rollouts – Issuing universal commands to one or any number of boxes makes it possible for large-scale deployments or smaller, incremental deployments, as needed.
  • Intelligent access usage – Combining main and backup lines intelligently through active-active setups increases overall bandwidth.
  • Ease of use – Introducing central control allows for instant and simplified configurations across WANs with detailed reporting and real-time visibility.
  • Reliable security – Utilizing end-to-end encryption and authentication of endpoints with scalable key-exchange functionality ensures security across public and private networks.

With so many benefits, it’s no wonder that many organizations are eager to adopt SD-WAN. But let’s look at some specific use cases where SD-WAN is best suited to serve you.

Many organizations want to maximize the efficiency and effectiveness of their applications with cloud features such as infrastructure-as-a-service and software-as-a-service. Traditional hub-and-spoke WAN architectures are designed to be on-premises in the data center, falling short of supporting cloud services. SD-WAN architectures are made with cloud environments in mind and therefore support not only the cloud features mentioned here, but many, many more.

With the use of performance-intensive applications on the rise, many organizations are looking for ways to increase their WAN bandwidth capabilities. This is achieved by SD-WAN through intelligent traffic steering that automatically monitors, measures, and optimizes traffic routes to avoid congestion.

As IoT continues to become more and more prominent in the industry, organizations can’t afford to ignore the trend any longer. One of the main requirements for multiple devices to be connected is the right security for reliable, virtual networks. This just so happens to be one of the biggest strong suits of SD-WAN.

TRADITIONAL APPROACHES TO SD-WAN IMPLEMENTATION

Traditional SD-WAN solutions are typically implemented through tunnels, such as GRE, IPsec, or VxLAN. These are logical interfaces on a router that can be centrally orchestrated or controlled to encapsulate passenger packets of data. The issue with tunnels is that the wrappers they use to mask network weaknesses and inflexibility increase complexity and overhead. This means that while you’ll reduce costs, those savings won’t be maximized to their full potential.

Let’s look at three commonly used tunnels, how they’re useful, and where there’s room for improvement:

  • Generic routing encapsulation (GRE) tunnels – Remove limitations on the amount of traffic that traverses them, can route multiple subnets from a single tunnel, and allow routing protocols to operate across them – resulting in more traffic with less complexity. The major disadvantage of GRE tunnels is they’re not inherently secure.
  • Internet Protocol Security (IPsec) tunnels – Offer encryption to allow for the secure movement of traffic from site to site on public networks. The issue is that only around 10-15% of traffic needs to be encrypted, and unnecessary use of encryption is inefficient and costly.
  • Virtual extensible LAN (VxLAN) tunnels – Isolate millions of applications logically, far surpassing the VLAN limit of approximately 4,000, to deliver highly-scalable architectures. The downside is that VxLAN requires IP multicasting, which is not supported by ISPs across the WAN, limiting the instances where these tunnels can be used.

There are ways to maximize the best from each approach by merging tunnels by, for example, protecting a GRE tunnel with an overlaying IPsec tunnel. But, by implementing extensive overlays, you’re diminishing potential cost savings while adding complexity and overhead. Furthermore, all of these tunnels need to be maintained even when they’re not being used – another costly inefficiency. A more advanced way to leverage SD-WAN is to move past tunnels entirely, which helps get around their inherent limitations.

At 128 Technology, we’re the lone vendor offering a tunnel-free SD-WAN option that only encrypts data when additional security is required. We’re able to offer this type of SD-WAN connectivity because our solution puts session-awareness and state where it belongs – in the router. Session-awareness in the router provides an automated context and identity-based approach to networking that performs key network functions natively. (Learn more about our offering here).

A BRIGHT (SESSION-BASED) FUTURE FOR SD-WAN

Traditional approaches and benefits are a good start to revolutionizing WAN networks, but it’s time to go above and beyond them. The next wave of SD-WAN solutions should take security, performance, agility, and cost savings to even greater heights. By leveraging cutting-edge technology, our comprehensive Session Smart™ SD-WAN solution is able to achieve all of these enhanced benefits through a number of unique features. (Learn more about them here).

First, Session Smart’s Zero Trust Security (ZTS) evolves from that of traditional SD-WAN, which was largely delivered to the network through add-ons, by becoming inherent in the network. This new model of security was realized through a sophisticated structure that combines hop-by-hop authentication, selective encryption, and granular segmentation – built straight into the network.

Secondly, performance is boosted by saying, “good-bye and good riddance,” to tunnels. Session Smart SD-WAN avoids the need for heavy overlay usage while still enforcing path selection and segmentation. This is accomplished by integrating traditional middle-box capabilities – including security, firewall, VPN, and load balancing – natively into the router.

Next, through increased segmentation, you gain a tremendous amount of agility. Service-centric segmentation delivers the ability to create tailormade networks around the services for which they’re needed such as mail, voice, or web, instead of the network itself.

Lastly, cost savings are made possible in a number of ways that tie in to the benefits above. You’ll no longer have to over-provision to meet peak demands, which will save on routing software licensing. With inherently secure routing through ZTS, you won’t need tunnels that eat away at bandwidth or require maintaining and terminating them, saving on redundant routers. Also, with an intelligent session-based router that can differentiate traffic from being encrypted or unencrypted – you’ll never waste another cent on unnecessary encryption.

CONCLUSION

In today’s network environment, an SD-WAN solution may be your next step in optimization that can lead to efficiency and cost-effectiveness. There are plenty of options out there and while they all offer business benefits, some are just plain better than others. Making the right SD-WAN choice comes from knowing what’s standard, what’s special, and what features to consider as you make a decision for today and tomorrow.

 

Share
Related posts
Simplify multicloud networking across hybrid and multicloud networks at scale to enable the best experience
Simplify multicloud networking across hybrid and multicloud networks at scale to enable the best experience
December 13, 2024
by
Unlocking real estate and facility utilization and occupancy insights to optimize your business
Unlocking real estate and facility utilization and occupancy insights to optimize your business
November 21, 2024
by
The Value of Enterprise Discount Programs Managed by Channel Partners
The Value of Enterprise Discount Programs Managed by Channel Partners
September 23, 2024
by