A dive into SD WAN
Written by Paul Bonner, Group Head of Technology.
Things have changed. There I said it. Gone are the days when it was just hardware that was needed to run applications and to connect users to them. In today’s technology landscape we have seen an explosion in the term ‘Software Defined’ which has now prepended many things from datacentre, through networking and now in its latest stable mate is WAN. So, what does it actually mean when we describe something as ‘Software Defined’, and more importantly, what impact does it have on the infrastructure that we have spent many years building?
In its most basic form, ‘Software Defined XYZee’ means using some form of central control to abstract the configuration and management of an environment away from the individual hardware components. We have all read the marketing material from the majority of vendors informing us that their control plane is separated from their data plane, which has allowed us all to breathe a sigh of relief as we have needed that for years – right?
In all seriousness, this separation is a good thing, as being an engineer it helps me in my daily job by having a single point of management and configuration for complex environments. I can now orchestrate complex changes from my central point and change configuration, traffic flows, deploy server resources or amend security policies with a click of my mouse. So, ‘Software Defined XYZee’ is a good thing and I for one both embrace and promote it wherever possible.
The most talked about and understood incarnation of ‘Software Defined XYZee’ is in the LAN networking world – Software Defined Networking (SDN), which has been around for the past few years. We have all heard the stories of Google and Amazon deploying monolithic DC environments using generic ‘white labelled’ infrastructure that is all managed and configured from a centralised orchestration platform. Their ability to make changes to meet the demands of the business and not have to rely on complex network changes that often delay time sensitive requirement is widely documented. Their virtual server resources can be spun up/down with the required levels of network access and security are all available to the resource hungry users in minutes, rather than days under traditional architectures.
So SDN has whetted our appetite in the quest for all things ‘Software Defined’ and has led to other uses such as Software Defined Datacentre (SDDC) and now the subject of this article – Software Defined WAN (SD WAN). But, in reality, what does SD WAN actually mean and what does it typically bring to average organisations who currently have a WAN infrastructure?
Apart from changes to the underlying physical connectivity, SD WAN is the biggest change to Wide Area communications since WAN Optimisation was unveiled back in the early 2000’s. Since the adoption of optimisation, WANS have continued to be typically used point-point between remote offices and a form of datacentre or central HQ location. They have utilised various connectivity mediums such as MPLS which has proved itself to be a good transportation underlay but can prove to be expensive to implement and manage.
Traditionally, organisations have looked to MPLS to provide the underlying connectivity between locations and have found this to be both expensive and restrictive when deploying new environments. MPLS has its place in the corporate landscape as it is an efficient means of transporting data from one location to another but this does come at a cost. Typically, the cost of MPLS circuits consume a large percentage of the annual IT budget, and with applications moving to the cloud, they are now less likely to provide a complete solution.
We all know that using broadband connectivity from multiple providers elevates the typical wait time from connectivity providers when deploying new sites, as these circuits are normally on far shorter lead times. However, do they address the security and administration issues that are taken care of by the service or connectivity provider? It is fairly easy to implement a corporate VPN strategy using broadband links from multiple locations into either a corporate HQ or centralised datacentre. But, this configuration and management overhead often outweighs the benefits gained from adopting widespread use of broadband. This coupled with the ‘no guarantees in the internet’ rule of packet delivery place the corporate consumer in a tight spot on whether to move away from MPLS.
SD WAN is making the adoption of widely available, inexpensive broadband connectivity a reality for many businesses as they look to save cost and provide the required level of services to the user base. Utilising broadband links to support traffic flows from the remote branches into the datacentre or corporate HQ not only saves money it allows organisations the freedom of choice when it comes to who provisions these circuits.
With multiple circuits in place that support traffic flows to corporate and cloud based services you would think that this is the end of the story as we now have all our traffic going where it needs to. But unfortunately, this is just the beginning, as we need to look at the complexity of configuring our environment not only to send traffic where it needs to go, but to also ensure that our traffic gets there with a given priority. This is where we introduce an SD WAN overlay that takes all the configuration of our various circuits, providers and devices and places them in a single place to be configured using our trusty mouse.
Just like SDN which abstracted all the low-level configuration of the network away from the devices, SD WAN allows us to define site locations, data paths, traffic prioritisation and links into cloud providers from a single screen. The ability to move away from relying on the configuration of multiple point devices at each remote location and treat the network as one is a huge benefit to any organisation. With SD WAN you can define links between locations and assign traffic from the central management portal. Backup links from secondary providers can be created and seamlessly integrated into the environment and configured from the portal. When utilising the services of cloud providers links can be defined and security levels set for access by the users to applications and services from the same centralised portal.
SD WAN also takes away the administrative overhead of creating the various secure links between the various locations as it seamlessly creates secure VPN tunnels without user intervention. The management portal allows you to easily configure the environment and more importantly it provides a management window into the traffic that is flowing between the various locations. Some SD WAN providers have built close relationships with the most prevalent cloud providers and offer seamless integration with their products which enforces the simplicity and ease of configuration that SD WAN affords.
So, is SD WAN another industry fad or something that will see widespread adoption within today’s and tomorrow’s organisations? I for one, see it as moving hand-in-hand with the adoption of cloud based services and that it will become more than just an enabler. SD WAN adoption will grow over the next few years and it will become a mainstream deployment model for remote locations as they can be deployed in hours, rather than days. The whole abstraction of the management and configuration of devices is a good thing as it affords network administrator time to concentrate on more important tasks, rather than being bogged down with low level configuration and point management. Finally, it will allow organisations to significantly reduce their costs as they move away from expensive MPLS connectivity and move to broadband managed by SD WAN.
Connect with the writer, Paul Bonner, Group Head of Technology.
- We partner with Riverbed who are building a software-defined architecture for digital businesses and are at the fore-front of SD-WAN.
- [Infographic] SD-WAN Needs to Extend Beyond the WAN
- [Infographic] Building the network of tomorrow with software-defined WAN