What is
SD-WAN?

Software-Defined Wide Area Network (SD-WAN) is a critical component of a company’s network transformation strategy that can accelerate the digital journey towards a secure and more flexible network. The main purpose of SD-WAN is to enable a high-performance WAN ecosystem, with simplified management and control of network infrastructure using internet access. 

SD-WAN is a virtual connectivity platform that separates network control and management from the data plane, using a service agnostic underlay. This can be anything from multi-protocol label switched (MPLS) connectivity to dedicated Internet access (DIA) services. As such, SD-WAN acts effectively as an overlay, on top of existing network infrastructure. 

SD-WAN consists of three main components: 

• The SD-WAN Edge – the network edge, or endpoints, at local branch offices, regional cloud and data centers
• The SD-WAN Orchestrator – for traffic control, network management and policy configuration
• The SD-WAN Controller – for centralized management of all resources and key assets in the SD-WAN

With SD-WAN, network configuration and management are completely centralized, radically simplifying the process of adding new connections, or implementing policy changes. SD-WAN is an access agnostic solution. In other words, it works over any connection, as long as access to the management layer is enabled (generally with basic internet connectivity). The solution also makes it easier to build and run hybrid WANs, where customers can retain some of their legacy MPLS infrastructure, whilst migrating to Internet or cloud-based alternatives at their own pace.

Through smart network utilization, SD-WAN makes it easy to utilize the best available connections for the most critical applications. By aggregating multiple connections and selecting the optimum path, SD-WAN emulates the performance of a dedicated network. It also helps enterprises reduce cost and latency, by breaking out Internet-facing traffic locally and removing the need for backhaul to the company HQ or primary datacenter. 

SD-WANs are fully independent of the transport media that connect them but maintain security and optimize cost. By enabling active configuration, SD-WAN also permits full usage of any available bandwidth, rather than leaving back-up circuits idle. MPLS services are robust but tend to have long lead times and were not designed for cloud applications. SD-WAN on the other hand, can be quickly deployed through readily available access services, such as LTE, DIA or simple broadband Internet. With SD-WAN, each new device is configured directly with the latest available network configuration from an integrated management tool. This makes manual updates and site visits a thing of the past.

SD-WAN network management tools have a user-friendly GUI, where powerful templates can be created, and duplicated, for easy deployment across the entire network. Zero-touch provisioning, with network control on-premises, in the cloud, or anywhere in the WAN, facilitates changes within minutes. It also simplifies the management of Internet-based WANs, leaving the IP-VPN topology out and implementing its own set of network-tunneling, using the Internet, but with the security of a traditional WAN. In practical terms, SD-WAN provides a next-generation firewall and communication overlay baked into one.

Thanks to built-in intelligence, SD-WAN enables implementation of application-based policies and efficient traffic routing across the WAN, with a dynamic choice of network path if more than one is available.