In short, digital transformation. Digital traffic has grown enormously and much of it originates from outside the office. The traditional hub-and-spoke method of data traffic management, centered around the corporate datacenter, was viable when employees worked on-premises using applications on their personal computers. Today, a hybrid workforce is an accepted reality. Corporate applications are housed on the cloud.
Pervasive use of mobile devices generates data traffic from outside the corporate walls. In the past, the thumb rule was that 80% of the network traffic stayed within enterprise walls, on a data center, and 20 percent outside it. Today, the numbers have been reversed with services such as Office365, AWS, Azure, Google Cloud hosted on the cloud
The traditional hub-and-spoke method would require the routing of data traffic through the corporate datacenter, including security verification, before it is consumed by its users. Given the large volumes of data that must be processed today, data centers will be chronically choked.
In one word, automation. Traditional WAN entails manual processes of installing and configuring additional network capacity with long lead times. By contrast, SD-WAN can automatically interlink existing broadband connections including MPLS, and wireless connections to increase capacity in real-time to meet spikes in demand.
SD-WAN can route traffic through multiple networks because it separates the control plane from the user plane. Its control plane has the intelligence to read the metrics of volumes of traffic flow and its quality at any end point of any of the integrated networks without it having to go through a hub. By reading the quality metrics of traffic flows through each route, SD-WAN can apply policies to each application to ensure they achieve the desired quality of service.
SD-WAN has several layers of security less burdensome than traditional methods. The most rudimentary level of protection against malware is the encryption of traffic at the edge device. Firewalls and VPNs were the old methods of security that are not viable with distributed communications. Perimeter defenses with firewalls don’t work because threats could come from many different directions in a distributed network. VPNs are no longer scalable in a distributed network with a hybrid workforce; the administrative demands of connections with numerous workers are overwhelming.
Instead, SD-WAN relies on network security which is based on the identification of each of the participants in the network, their applications, and devices. Their identities are verified before allowing them to use the network.
Furthermore, SD-WAN administrators recognized that threats come in disguise. Typically, malware hides in packets. First and deep-packet inspection ferrets out the threats hiding within packets.
One word, the web portal. Network administrators gain a view of all the traffic flows through any of the integrated networks and can remotely control it. The web portal provides the means for network monitoring, policy-setting, bandwidth allocation, and services alterations.
In one word, remotely. Customers need to only connect the customer premise equipment to the Wide area network. They can then remotely access and install its configuration and policies without the need for a visit from a service technician.
No, managed services in one word. Network-as-a-Service combines the SD-WAN network with a bundle of managed services that monitor and control network performance as well as service quality. The managed services ensure that the performance of individual applications does not suffer due to poor network performance.
In short, hidden costs. Do-it-yourself might appear to be cheaper than managed services, but unnoticed costs add up over time. It starts with time spent on assessing alternative network choices including a realistic assessment of the right size of the solution in order not to exceed budgets. The cost rises with the number of vendors who participate in building the network. By contrast, managed services allow customers the flexibility to add capacity as their needs grow.
DIY is exposed to the risk of obsolescence as technological change overtakes them. Managed service providers, by contrast, have more resources to keep pace with technological change.
Some companies might still prefer DIY to meet their unique needs. They might want to retain control over security with a solution customized for their environment. Private sector alternatives may not be able to factor in all the requirements of your situation.
In short, filling gaps in existing networks. MPLS is the network that companies have been using but they are often too expensive to connect branch sites spread over many locations. Similarly, many edge sites, typically locations outside of metropolitan areas, are not covered by existing networks. SD-WAN closes the gaps by connecting branch offices to MPLS networks or remote locations even when neither wireless nor is wired network is available. SD-WAN can interconnect with satellite networks to close even such gaps.
Companies expanding business in new locations often do not have the time or the resources to extend their networks especially costly ones like MPLS. They can quickly expand their communication infrastructure with SD-WAN.
SD-WAN offers several benefits including lower cost, flexibility, expanded reach, superior quality of service and security. It can use any of the low-cost Internet broadband services with their inconsistent performance. By connecting the edge device into the one of the gateways of the SD-WAN, customers benefit from the high quality of service of a cloud.
Costs are kept low by not allocating bandwidth uniformly but based on application need. Mission-critical applications get more capacity while those like email are routed through lower cost and performance channels. Applications with higher bandwidth and performance needs are routed through networks like MPLS while low priority applications like payroll go through an Internet broadband network.
The quality of service suffers when the bandwidth capacity and the flow rate of packets are not matched and cause loss of packets. AI techniques, such as Adaptiv’s LiveQoS FEC technology, dynamically adjust the volume and pace of flow of packets such that they don’t exceed the available capacity.
A breakdown in the network or a link can be a major cause of loss of quality. However, SD-WAN can switch traffic from one link to another when any one of them breaks down. Automatic failover policies, such as Adaptiv’s automated failover service, provides the ability to maintain the flow of traffic even when one or some of the links breakdown.
SD-WAN uses central orchestrators for distributing policies for network use to routers without humans making configuration changes. The metrics of network operations are displayed on a dashboard to allow for corrections, in real-time, whenever a departure from expected performance is observed.