Over the past few years, widespread user mobility and the availability of cloud-based services have synergistically emerged as huge technology trends, with major implications for enterprise networking – especially with regard to wide area networks (WANs).
The traditional model for the WAN has been to connect multiple, geographically distant local networks in order to create a single, managed network. However, with the recent advents of WAN centralization and software-defined wide area networking (SD-WAN), these new approaches have rapidly changed the traditional model.
Enterprise customers are adopting SD-WAN models for a number of reasons, but primarily to reduce spending on expensive private circuits (such as MPLS) and leverage other transport options for non-critical traffic. Interestingly, service providers are also motivated to sell SD-WANs because while they may lose revenue on high-margin private circuit use, they are able to sell SD-WAN as a service with a multi-year agreement, thereby locking in the customer into a longer-term relationship.
There are other benefits from an SD-WAN approach, including adaptive traffic management, application-specific routing, and some degree of simplified implementation and management.
Nonetheless, I believe that SD-WAN is a temporary solution – not a market. In my view, intelligent routing will become the next-generation WAN, providing enterprises with greater agility and performance, and ultimately reducing the cost and complexity of their networks. But first, let’s review exactly why SD-WANs are flawed.
The Fatal Flaw of SD-WANs
Here’s the problem – business users are increasingly mobile. They work at home, Starbucks, the airport, and the applications they use must work across all these locations. As a result, the vast majority of our networking use cases need to cross one or more network boundaries – by some estimates, this is 80 percent of all network traffic. This percentage is only going to increase – greater mobility, more devices (especially with regard to Internet of Things), additional cloud services, and more. Despite this, WANs are still considered the best current practice for securing multi-location, enterprise networks.
The SD-WAN approach relies on tunnels and overlay networking to partially solve this, but this is not the future. It is less efficient and creates complications, such as packet fragmentation, the lack of underlay/overlay event correlation and elephant flow issues.
A New Approach to Routing
So what’s the best strategy going forward? I believe it is to make routing functions much smarter and more ubiquitous. The fact is, routing hasn’t seen innovation since the birth of the internet in the early 1990s, and this technology is at the heart of the network. SD-WAN technology only acts as a bolt-on solution to the network and ignores the underlying problems with the existing infrastructure.
The next generation of networking technology needs to focus on intelligent routing, and to do so:
- Routers will need to be “session aware” to be able to understand, correlate, and control the bi-directional flow of information between endpoint and destination in an optimized manner.
- Routers will need to deliver packets from end-to-end with policy that permits routing from a private network through a public network into a private network with authentication and encryption.
- Routers will need to support multi-path routing at the session layer to optimally route traffic to one or more data centers.
- Routers will need to be smart enough to integrate access control list (ACL) policies with routes so they are delivered in tandem.
Security techniques will also have to change – application security will become integrated with applications, while network security will become integral to the forwarding process. Endpoint security will rapidly increase in importance, with endpoint security systems that are agent based with a cloud component that provides security wherever the endpoint goes.
Eventually, the adoption of intelligent, secure routing will cause present and private networking constructs to fade away, and branch office IT will more closely resemble your local Starbucks than the “full stack” deployments of yore. SD-WAN, MPLS, VXLANs will all join asynchronous transfer mode (ATM), X.25, and systems network architecture (SNA) on the scrap heap of non-IP networking techniques.