English
HomeBlogSD-WAN

SD-WAN

Posted on Apr 10, 2024 by
  Migelle
55

What is SD-WAN?

SD-WAN is an automated and programmatic method for managing enterprise network connectivity and circuit expenses. It expands the concept of software-defined networking (SDN) into a practical application that enables businesses to efficiently establish a sophisticated hybrid WAN.

Comprising business-grade IP VPN, broadband Internet, and wireless services, SD-WAN empowers you to efficiently oversee applications, especially those in the cloud, in a cost-effective manner. Traffic is automatically and dynamically directed through the optimal and most efficient WAN path, taking into account network conditions, application traffic security, quality-of-service (QoS) demands, and circuit costs. Routing policies can be configured according to your preferences.

SD-WAN in Industry Standards

Different SD-WAN vendors provide different definitions for SD-WAN. The following are typical industry definitions of SD-WAN.

SD-WAN Defined by Gartner

Gartner clearly defines the following basic features of SD-WAN:

  • 1. Supports connections through hybrid links (including MPLS, Internet, and LTE links).

  • 2. Supports dynamic path adjustment for load balancing of traffic across WAN connections.

  • 3. Simplifies management and service provisioning, and enables zero touch provisioning (ZTP) of branch networks as easy as home Wi-Fi networks.

  • 4. Supports virtual private networks (VPNs) and other value-added services (VASs), such as WAN optimization controllers (WOCs) and firewalls.

SD-WAN Defined by the MEF

The Metro Ethernet Forum (MEF) standardizes SD-WAN to MEF 70 (the first SD-WAN service standard). MEF 70 clearly defines SD-WAN components and capabilities, and defines the framework and application programming interface (API) service specifications for all interfaces of each component.

SD-WAN Benefits

Due to the comprehensive financial and operational benefits, enterprises are rapidly adopting SD-WAN technology. Key advantages include:

  • 1. Lowers WAN OpEx, CapEx, and overall total cost of ownership.

  • 2. Improving application performance and increasing agility.

  • 3. Enables the use of several secure, high-performance connections, removing the backhaul penalties enforced by MPLS networks.

  • 4. Enhances efficiency by distributing traffic across multiple connections and recalibrating data paths according to the state of the network.

  • 5. Facilitates the automatic set-up and adjustment of advanced network functionalities, including Virtual Private Networks, firewalls, protection measures, Wide Area Network acceleration, and management of application traffic.

  • 6. Supports Zero-Touch Provisioning (ZTP).

  • 7. Bolsters network defenses by implementing WAN encryption and creating distinct network segments to contain the impact of any security compromises.

What are the Layers and Components of the SD-WAN Logical Architecture?

Viewed in terms of logical layers and functionalities, the SD-WAN logical architecture encompasses the service presentation layer, management layer, control layer, and network layer. Each layer serves distinct functions and comprises numerous core components, as delineated in the accompanying illustration.

SD-WAN

Service Presentation Layer

The service presentation layer establishes a connection with a network controller in the southbound direction, enabling the implementation of SD-WAN service presentation and provisioning through service portals. This layer offers:

  • Proprietary portal: The SD-WAN solution provider offers a portal that allows customers to conduct end-to-end SD-WAN service configuration and management.

  • Third-party BSS/OSS: Third parties can utilize the northbound open APIs of the network controller to integrate the SD-WAN Solution and customize the GUI according to service functions and GUI layout requirements.

Management Layer

The network controller serves as the central component of the management layer, acting as the "smart brain" of the entire SD-WAN solution. It offers network orchestration and management functions:

  • Network orchestration: The network controller abstracts service-oriented SD-WAN network models, orchestrates enterprise WAN networking services, and enforces network policies. It automates service provisioning by defining enterprise WAN network models, shielding technical intricacies of SD-WAN deployment, and simplifying WAN configuration and service provisioning.

  • Network management: Within the network controller's management component, network management and operations functions are implemented for enterprise WANs. This includes tasks such as fault information collection (e.g., alarms, NE logs), performance data collection, statistics, and analysis based on links, applications, and networks. It also involves gathering and displaying multi-dimensional O&M information, including network topologies, alarms, and performance data.

Control Layer

The route reflector (RR) serves as a fundamental component within the control layer, tasked with network control responsibilities. It undertakes tasks such as distributing and filtering VPN routes for SD-WAN tenants, as well as creating and modifying VPN topologies. Additionally, the RR is responsible for establishing and maintaining overlay tunnels between sites.

In contrast to the distributed control mode found in traditional networks, this centralized control mode segregates the control plane from the forwarding plane of enterprise WANs. This approach streamlines network O&M operations, diminishes network configuration errors, and enhances the operational efficiency of enterprise WANs.

Network Layer

From a service standpoint, enterprise sites encompass branches, headquarters, data centers, and IT infrastructures deployed in the cloud. The SD-WAN network layer comprises network devices employed for WAN interconnection at various enterprise sites, along with the intermediate WAN infrastructure.

SD-WAN network devices include edge devices and gateways.

Edge devices

Edge devices are egress Customer Premises Equipment (CPEs) located at various enterprise sites including headquarters, branches, data centers, or cloud locations. They serve as the starting or ending points of SD-WAN tunnels and also act as border sites within the SD-WAN network. Overlay tunnels between edge devices can utilize any wired or wireless underlay WAN links and typically employ data encryption technologies such as IPsec to ensure the security of enterprise WAN data transmission.

Typically, both traditional hardware-based CPEs or universal (uCPEs) and virtual CPEs (vCPEs) can serve as edge devices in the SD-WAN Solution.

  • CPE: A traditional hardware CPE, initially deployed as a hardware device at a site, typically comprises a switching and routing unit (SRU), interface cards, multi-core CPUs, and various hardware components. Functioning at both hardware and software levels, a CPE provides Layer 2 switching and Layer 3 routing functions to connect internal and external networks at sites. This type of CPE is commonly referred to as a traditional CPE.

  • uCPE: With the emergence of cloud computing and Network Functions Virtualization (NFV) technologies, cloudification and virtualization have become inevitable trends. Functions traditionally offered by dedicated hardware devices can now be realized through software. For instance, security, WAN acceleration, and load balancing functions can be delivered through virtual network functions (VNFs). Integrating these functions into CPEs can lower device costs, reduce power consumption, and enable flexible and rapid service provisioning.

  • vCPE: When network functions typically performed by traditional CPEs are instead implemented through software, the software is decoupled from the hardware. These CPEs are known as vCPEs. vCPEs can replace dedicated hardware devices, executing the functions of traditional CPEs through software. This facilitates swift service deployment, enhances service scalability and flexibility, and decreases deployment and operational expenses.

Gateway

An SD-WAN gateway serves as an intermediary device linking newly established SD-WAN sites with legacy VPN sites within an enterprise. With legacy non-SD-WAN sites still in operation, gateways are deployed to facilitate connectivity between SD-WAN networks and the traditional branch networks of enterprises.

SD-WAN Uses and Functions

The SD-WAN software that runs on the customer premises equipment (CPE) monitors the health of all the public and private line services and determines how each type of application traffic should be routed. For example, voice-over-IP (VoIP) traffic might default to an MPLS VPN service. However, if the MPLS connection becomes congested, the SD-WAN can redirect that traffic to a broadband Internet or 4G LTE wireless circuit. In this way, SD-WAN enables automatic load balancing and network congestion management for the best performance and most cost-effective routing.

Tags

You might be interested in

See profile for undefined.
FS Official
Load Balancing
See profile for undefined.
FS Official
Malware
See profile for undefined.
FS Official
Orthogonal Architecture
News Letter
Videos
FS Same Day Shipping Ensures Your Business Success
01:28
Nov 20, 2023
654
FS Same Day Shipping Ensures Your Business Success
Recent Trend
Cloud-based Networks Grow with Your Business

Cloud-based Networks Grow with Your Business

Anchor Your Hybrid Cloud Networking Strategy

Anchor Your Hybrid Cloud Networking Strategy

Hot Tags
Popular
FS.com About FS FS APP Contact Privacy Terms