Software-defined wide area networks (SD-WAN) is a merging of two technology areas. One old, and one relatively new. It takes the new concept of software-defined networking (SDN) and applies it to traditional enterprise wide area networking (WAN).
Let’s take a deeper look at this paradigm. WANs haven’t evolved much over the past 20 years. Stagnant technologies like T1s, Frame Relay, ISDN, ATM, and MPLS are all still pretty much the same as when they were introduced. The problem with this revolves around the increased bandwidth needs of companies as they transition towards an “as-a-service”-based architecture. SaaS, PaaS, IaaS, and other cloud services have significantly altered the traditional 80/20 rule of networking.
The 80/20 rule dictates that 80% of the network traffic within an enterprise stays local while 20% is offsite. We are now seeing a complete reversal approaching 20/80. Services such as Office365, AWS, Azure, Google Cloud are taking over for what were traditionally data center hosted applications.
SD-WAN consists of the following core concepts:
- Separation of the control plane from the data plane.
- Bundling of disparate connectivity sources into larger virtualized, secure links
- Providing application awareness and intelligence to prioritize applications rather than just packets
Separating the control plane from the data plane is a crucial component that lies at the heart of SD-WAN. It allows for a controller to holistically look at the performance of the entire network rather than each router reacting only based on its perview. Only by having information about the state of the network end-to-end can optimal path selections be made and consistent, global policies be defined.
Bundling of links has been a staple of networking for decades, for instance, the 802.3ad standard was introduced in 2000 (Link Aggregation Control Protocol). Prior to this, since the early to mid-nineties, individual network equipment vendors were utilizing proprietary algorithms and controllers to aggregate multiple links due to bandwidth limitations. The main caveat being that all the links needed to be of the same standard and speed to interoperate in the bundle.
Recent advancements have brought with them the ability to bundle links that are of differing technologies and speeds. This allowed for inclusion of ethernet internet circuits, MPLS circuits, and even the use of wireless technologies such as LTE. This ability, while critical for increased bandwidth, also affords true redundancy through the incorporation of both wired and wireless connections, and even circuits from different carriers.
The concepts of control plane separation and link aggregation are where the first-generation SD-WAN vendors stopped. Through the incorporation of machine learning, and another factor of SDN, application intelligence, you see the benefits of the newer second generation begin. The ability to quickly discern and manage new application flows without the typical hierarchical QoS configuration required by first generation vendors and routers provides a distinctive administrative advantage. The network engineering department can easily identify new applications and apply policy based upon business logic rather than configuring access control lists to mark, queue, and police traffic.
Second generation SD-WANs add intelligence above and beyond traditional networking and first-generation SD-WAN to take advantage of application awareness and machine learning to optimize the state of the network to maximize the user experience with applications, rather than just making packet decisions. A side-effect of this is that policies can be defined based on applications, sites, priorities – business terms – rather than translated to low-level technical jargon.