SD WAN
With digital transformation occupying the centre stage, the enterprise IT landscape is evolving rapidly with an increased importance of the cloud and Software-as-a-Service (SaaS). Software-Defined WAN (SD-WAN) enables enterprises to aggregate bandwidth, offers cloud experience, improves flexibility and decreases the cost of their legacy WAN all with an application-driven and software-defined overlay solution.
SD-WAN offers the most advanced security features & applications including next-generation firewall (NGFW) and unified threat management (UTM) services, securing application and user connectivity across the enterprise WAN, branch and private/public clouds. Enterprises can combine SD-WAN and SD-Security to transform to a software-defined branch (SD-Branch) and experience the operational, financial and security benefits of a fully software-defined services architecture.
SD-Wan Growth Drivers
Digital Transformation
With high penetration of Smart phone & every consumer facing company across the verticals turning to applications that deliver better engagement with the end consumers, there is a spurt in bandwidth consumption & posing a challenge of reliability & security requirement between the branches, HQ & DC apart from rising cost.
Cloud First
Adoption of Cloud Infrastructure, Cloud Platform & SaaS based applications.
Broadband Everywhere
High speed , highly reliable & competitively priced.
Rising IoT
Rising IoT trend in manufacturing sector.
Growing
Growing need among organizations to simplify network management & network visibility.
Why SD-WAN?
Network Booster
Implement Policies across hundreds of locations from your control panel in minutes achieving improved performance for Saas Application like office 365 & CRM.
Reduce Reliance On MPLS
By adopting hybrid WAN strategy can achieve significance on TCO and build up high degree of scalability and redundancy.
Significant Saving On TCO
By migrating from expensive MPLS links. Savings fromimproved uptime and efficient deployments. Reduction inhardware and software support costs by up to 40%.
Improved Customer Experience
High Network Availability, Ease of deployment, Data Analytics driven real-time monitoring.
Multi-Layered Security And Cloud Enabled Platform
Deploy the VM of your choice. Secure SD-WAN is built on a multi-service, multi-tenant software platform, based on cloud principles to deliver scale, segmentation, programmability and automation. Secure SD-WAN provides both networking and security functions within a single software platform. Flexible Local-Internet Breakout for SaaS & Cloud.
SD-WAN Features
Link Aggregation & Network Path Selection
High Bandwidth availability, Customize Selection, Redundancy & Scalability (Path selection parameters include - latency, jitter, PLR, network) Flow based load balancing.
Tunnel formation & Protocol Used
GRE, IPSEC encapsulation for Link advanced SD-WAN path formation.
Zero-Touch Provisioning
Pre-configured devices to Speed up the deployment
SD-WAN ROI
SD-WAN delivers 40% cost saving advantage compared to Traditional WAN.
Cloud Control Mechanism
Public/Private cloud connection, on-prem/cloud deployment, Virtualization Platform.
Network Security
Stateful Firewall, IDS, IPS, AMP, Service chaining.
High-Level Analytics Dashboard
Monitor WAN links (Packet drop, Latency, Jitter, Network Up-time) Monitoring (IDS, IPS, AMP, Link Flapping, Suspicious logs) 3rd Party API Integration.
Traffic-flow Segmentation & Control
Endpoint Traffic Flow, Top-Talkers, Event URL Filtering, Web Filtering, Application-Based traffic filtration.
Hybrid WAN topology
Support MPLS, BB, ILL & LTE.
Enterprise Security
Encryption - AES128, AES256, SHA256 Authentication - SHA 384, SHA 512 Mode -CBC, Counter, GCM.
Flexible Local-Internet Breakout for SaaS & Cloud
Enables distributed, direct connect to the internet at remote sites, or through gateways.
Segmentation of Network Subnets
Network Groups or the SD-WAN VPN, Multi-link Elastic VPN, Private Network Segmentation.
SD-WAN Building Blocks
Orchestration Plane
- Work with control plane for building the primary connection
- Traffic Initiation for authentication (white-list model for identifying which entity it belongs to)
- AI/ML Driven data analytics tool offering comprehensive analytics including Network Utilization, Top-Talkers, End Point Communication, Event Analysis, Network UP/Down Status.
Control Plane
- Controls the information between the edge device and gateways.
- Separation of traffic with routing intelligence.
- Implements control plane policies, such as service chaining, multi-topology and multi-hop.
- Highly resilient.
Data Plane
- Establish secure data plane between edge routers over the WAN.
- Traffic (LAN & WAN) control Mechanism.
- Implements data plane policies.
- Exports performance statistics.
- Leverages traditional routing protocols like OSPF, BGP and VRRP.
- Support Zero Touch Deployment.
- Physical or Virtual form factor (100Mb, 500Mb, 1Gb, 10Gb (Available in smaller factors)).
Management Plane
- Centralized provisioning through central manager.
- Policies and Templates for avoiding complexity in configuration.
- Troubleshooting and Monitoring.
- Software upgrades.
- GUI with RBAC.
- Generating reports for analysis.
- Programmatic interfaces (REST, NETCONF).
- NMS interfaces (SNMP, Syslog, IPFIX).
SD-WAN Use Cases
Hybrid WAN
Hybrid WAN offers asymmetrical optimization techniques that employ both internet and MPLS connection as against typical symmetrical optimization techniques used by traditional WAN. The Secured SD-WAN can enable them to use both WAN access types at their full potential.
Local Internet Breakout (LIB)
Local internet breakout is achieved by opening the direct internet access for specific application’s traffic from branch without the need to hairpin it via DC or HQ.
In order to minimize latency caused by backhauling traffic through the datacentre, organizations can enable direct Internet breakout for SaaS applications like O365, Salesforce, G-Suites traffic from branch office locations. This also frees up WAN links for other traffic.
Managing & Monitoring Enterprise Network
Central Management Console: Central orchestrator allows organizations to simplify centralized deployment and establish automation to save time and respond more quickly to business demands.
Granular control through Single Console: More efficiently find and mitigate human errors, improve functionality, and reduce security risks.
Faster Upgrades: Faster software update through central orchestrator to introduce new feature.
Multi Cloud
SD-WAN facilitates the enterprise towards adopting multi-cloud strategies to leverage multiple cloud platforms to support an expanding range of SaaS and corporate workloads, each with unique performance and service level requirements.
Benefits of Multi-Cloud
- Assure better application availability and reliability even if one cloud service provider experiences an outage, the application will still be available in another cloud.
- Support regulatory and compliance requirements allowing organizations to maintain the integrity of application data in a specific geographic region in accordance with local legal mandates.
- Leverage the unique advantages of each cloud, such as Google Cloud Platform’s strength in machine learning or Microsoft Azure’s seamless integration with Office 365 and Microsoft databases.
- Reduce IT spend on IT infrastructure CAPEX.
- Increase agility to on-board and connect enterprise users to new applications.