What is SD-WAN?
A Software-defined Wide Area Network (SD-WAN) is a virtual WAN architecture that allows enterprises to leverage any combination of transport services – including MPLS, LTE and broadband internet services – to securely connect users to applications.
By centralizing the control function, an SD-WAN network can securely and intelligently direct traffic across the WAN. This increases application performance, resulting in enhanced user experience, increased business productivity and reduced costs for IT.
Traditional WANs based on conventional routers are not cloud-friendly. They typically require backhauling all traffic – including that destined to the cloud – from branch offices to a hub or headquarters data center where advanced security inspection services can be applied. The delay caused by backhaul impairs application performance resulting in a poor user experience and lost productivity. Unlike the traditional router-centric WAN architecture, the SD-WAN model is designed to fully support applications hosted in on-premise data centers, public or private clouds and SaaS solutions such as Salesfore.com, Workday, Office365 and Dropbox, while delivering the highest levels of application performance.
Two core SD-WAN capabilities
Centralized Orchestration. By centralizing the configuration of an SD-WAN as well as application performance and security policies, enterprises can significantly reduce WAN operational expenses.
Zero Touch Provisioning . (ZTP). With ZTP, configurations and policies are programmed once and pushed to all branch locations without having to manually program each device individually using a CLI. It eliminates the need to send specialized IT resources out to branch locations whenever a new application is added or a policy is changed. ZTP also reduces human errors, resulting in more consistent
How does SD-WAN help network security?
Segmentation : With SD-WAN, mission-critical traffic and assets can be partitioned and protected against vulnerabilities in other parts of the enterprise The ability to segment out traffic based on business policy not only protects the quality of transmissions, but also allows network engineers to isolate any security breach. For instance, an enterprise can segment their IoT data flow so that if a device is stolen or involved in a cyberattack, the problem can be prevented from spreading to other areas of the organization.
Visibility: SD-WAN provides the ability to troubleshoot and solve problems with network congestion and other concerns, but it also offers security benefits. SD-WAN provides network management with the ability to view connectivity from a single screen, and problems can be solved from that central location, rather than requiring an employee to travel to a branch location to determine whether there’s been a security breach.
Encryption: One of the most important SD-WAN security benefits is the encryption of any data transmission from one location to another. For enterprises embracing cloud solutions and have multiple branch locations, this feature offers important protection.
What does SD-WAN mean for MPLS?
One of the first questions that comes up when considering SD-WAN is do I still need MPLS? If your company plans to continue to run mission-critical, real-time apps from your data center then MPLS might still be a part pf your SD-WAN strategy. However, if most your critical applications are in the cloud, the advanced features, such as enhanced security, seamless cloud integration offered by the SD-WAN technology could limit the benefit of expensive MPLS circuits.