Software-defined wide area networking, or SD-WAN, provides the benefits of software-defined networking (SDN) technology to traditionally hardware-based networking. It is an overlay architecture providing a networking foundation that is much easier to manage than legacy WANs, essentially moving the control layer to the cloud — and in the process, centralizing and simplifying network management. This overlay design abstracts software from hardware, enabling network virtualization and making the network more elastic.
What Do Enterprises Need in an SD-WAN Architecture?
Enterprises have been increasingly investing in open, flexible cloud solutions, and SD-WAN represents an effort to engineer similar benefits in their data center architecture. SD-WAN architecture is particularly beneficial to environments separated by distance — for example, between main offices and branch offices. Whereas traditional WAN can be expensive and complex, SD-WAN architecture reduces recurring network costs, offers network-wide control and visibility, and simplifies the technology with zero-touch deployment and centralized management. Key to the SD-WAN architecture is that it can communicate with all network endpoints without the need for external mechanisms or additional protocols.
SD-WAN Service Components. Source: MEF
The Importance of Security in SD-WAN
Aside from that array of SD-WAN benefits, arguably the primary advantage of an SD-WAN architecture is security. Today’s companies prefer network architectures that integrate security, policy, and orchestration., and SD-WAN covers those bases by unifying secure connectivity. In the SD-WAN architecture, a company benefits from end-to-end encryption across the entire network, including the Internet. All devices and endpoints are completely authenticated, thanks to a scalable key-exchange functionality and software-defined security. All communication between the main office and branch offices is secure, as is communication to and from the cloud.
Types of SD-WAN Architecture
SD-WAN providers offer several general types of SD-WAN architecture — namely, premises-based, MPLS-based, and Internet-based.
- Premises-based SD-WAN solutions involve an appliance that is placed onsite to achieve SD-WAN functionality. Premises-based SD-WANs can be cost-effective solutions for smaller, localized businesses.
- MPLS-based SD-WAN solutions involve multiple appliances placed at network endpoints. These solutions create a virtual IP network between the vendor-proprietary appliances, giving them control of network packets from end to end.
- Internet-based SD-WAN solutions also use multiple appliances at each customer location, using public Internet connections from customer-chosen providers. The customer pays for a portion of its Internet connections to be SD-WAN.
Each of these architecture types varies in cost and benefits, and might be more or less appropriate for a given environment. Regardless of the type, all of these solutions offer a full range of SD-WAN capabilities.
Updated April 2019