SD-WAN Architecture is a Good Fit for the Cloud

There are multiple ways to deploy software-defined wide area networks (SD-WAN) but nearly all include some form of the cloud. In fact, many experts believe that SD-WAN architecture is well suited for the cloud.

Jim Duffy, senior analyst for networking at 451 Research, said that SD-WANs can be implemented with different levels of reliance on the cloud. Here are four examples:

  1. A company can install its own WAN equipment and customer premise equipment (CPE), and control it using management tools on premise. Essentially, no direct reliance on the cloud.
  2. A company can install its own WAN CPE, but optimize access to some software-as-a-service (SaaS), e.g., Amazon Web Services (AWS), Microsoft Office 365, or Salesforce.
  3. A company can install its own WAN customer premises equipment (CPE) but rely on a vendor to manage the system from the cloud.
  4. A company can install no servers on its own premises. Instead, it would rely on a vendor to host the WAN infrastructure in the vendor’s cloud, and the vendor would also manage the system. In this instance, SD-WAN is almost entirely a cloud service, available on a subscription basis.

Which implementation a company selects will depend upon many different factors including the nature of the applications a company wants to run, the company’s level of IT expertise, its budget, the application performance it expects, and the level of security it demands.

Example 1 represents the original concept of SD-WAN. The point was to save money by replacing purpose-built CPE with relatively inexpensive commercial off-the-shelf (COTS) servers running software – virtual CPE (vCPE). It made SD-WAN an attractive option even before the cloud even came in to play.

This is one of the few instances where a particular SD-WAN implementation maps well against a user category, in this case small businesses, which typically have minimal IT demands and a pressing need to squeeze every nickel.

SD-WAN was always going to be a value unto itself, but it was understood from the beginning that once the CPE is virtualized, that would open any number of options integrating with the cloud.

Example 2 occurs when a company with an SD-WAN wants to make sure that the cloud services it uses operate quickly and with no lags, as if they were on-premise.

There are several ways to accomplish this, according to Mike Fratto, research director, enterprise networking and data center technology with GlobalData.

Software as a service (SaaS) vendors such as Microsoft and Salesforce frequently use colocation (“colo”) facilities. Some SD-WAN vendors, Fratto said, get into the same colos. There they can then host virtual instantiations of their customers’ gateways, getting their customers closer to their SaaS vendors.

Example 3 is the option for companies that are certain they want their hardware on-premise, but have no interest in maintaining their own IT departments. Once the CPE is virtualized, management and control can be performed from anywhere, including the cloud.

Example 4 is the epitome of SD-WAN and cloud integration. Once the CPE is virtualized it can reside anywhere, just like the control and management.

Cost Savings    

One of the key benefits of SD-WAN is that it can save a company money, and as noted above, some of those cost savings are associated with the transition to COTS hardware. But it’s not always that simple.

The least expensive x86-based server will also be the least capable x86-based server. However, as a company increases the number of applications it wants run on its SD-WAN, the amount of processing power required will also increase. This will make the server more expensive. It is possible for a company to nullify that potential cost savings with ambitious usage plans for its SD-WAN.

But cloud-based SD-WAN solves that problem. The SD-WAN vendor can take a server or a rack of servers and use software to carve out virtual SD-WANs that can be dedicated for the use of designated customers, Duffy said. Two of the software techniques involved are segmentation and multi-tenancy. In this approach, the CPE can be a simple, inexpensive gateway.

The Hybrid Cloud

There’s a variation on this theme, referred to as hybrid cloud. Some companies that implement SD-WANs elect to own and operate enough server capacity to cover ordinary traffic loads, but then rent capacity in the cloud on an as-needed basis to handle spikes.

Fratto said there’s another option developing for SD-WAN.

“Before SD-WAN, if you had two or more WAN links between various locations, then you’d have to do a lot of stuff out of the branch to get full use of the WAN connections,” he said. For example, a company would have to implement some sort of routing with the two service providers and do that routing internally while supplying security, encryption, and firewalls. It wasn’t a particularly efficient way to handle this because if an application was running on Amazon Web Services (AWS) and the company didn’t have a direct connection to AWS it would have to route that over the Internet.

“What SD-WAN does is it builds an overlay over the Internet,” Fratto said. “Take that virtualized gateway, stick it up in your Amazon instance, and it forms the network. It’s secure. It just works. That’s an interesting use case. Because it’s an overlay, it just becomes easier to manage traffic.”