SD-WAN: The “new normal” network
Exploring the key benefits of SD-WAN in the wake of recent global disruption to the work environment and the role of the technology in a post-pandemic "new normal".
Due to the unprecedented impact of recent global disruptions, including the Coronavirus pandemic, on businesses worldwide, organisations of all sizes and across all industries have been forced to change the way they operate. Whether entering new markets, seeking new ways to provide services to customers or simply just making sure employees are able to do their jobs, businesses had to adapt to survive.
As adjustments were made and Business owners and Executives became accustomed to the new world in which they now do business, board room discussions could shift from how to survive to how to thrive. Suddenly, business drivers that have always been important become critical in allowing a company to deliver against its strategy. Business Leadership teams may ask ‘How can we maintain productivity levels whilst lowering costs to sustain the business?’, which is perfectly valid- finding small efficiencies can certainly help an organisation survive.
But for those business looking to thrive and embrace the ‘new normal’, the question being asked is a different one: ‘How can we be more productive, deliver a better service, and grow the business while lowering costs?’
Fundamentally changing the way your business is connected, increasing agility, improving security and lowering administrative overheads, all whilst reducing costs is one answer to this question, and a Software-Defined Wide-Area Network could help you deliver it for your business.
What is SD-WAN?
A Software-Defined Wide-Area Network or SD-WAN is not a single product, but a suite of network and security capabilities implemented and managed as a single solution.
Combining the latest in Software-Defined Networking (SDN) and Network-Function Virtualisation (NFV), SD-WAN offers policy-based visibility and control over your entire business estate from a single pane.
At its core, SD-WAN will offer the following capabilities:
- Support for multiple communication technologies
Whether you have an existing MPLS or dedicated links, leverage business or consumer-grade broadband or rely on LTE cellular networks like 4G to connect your business, SD-WAN allows you to manage all of these as one single Enterprise network. The SD-WAN ‘overlay’ lets you apply the same controls and policies, from one interface, regardless of how your business locations are connected.
- Enhanced performance, efficiency and resilience through dynamic path selection
When connectivity is key or access to business-critical applications is a priority, having a backup link to fall back on if primary connectivity fails is a good idea- but it can be expensive and can introduce some complex security issues. SD-WAN lets you aggregate all available connections meaning that your ‘backup’ link could be put to work and is not just an expensive failsafe. Aside from just balancing load, features like multi-path routing can deliver better performance across multiple links than using a single one- with the same security controls applied regardless of which link or links are active.
- Simple deployment and management
With traditional WAN technologies, making global changes to topology or policy can be risky and time-consuming, involving co-ordinated command-line configurations and plenty of opportunity for error. SD-WAN delivers unified management of the entire network with intent-based policies, meaning making widespread changes could be as simple as changing a single profile.
- Support for advanced network and security functionality
Whether natively or through integration with third-party tools, SD-WAN offers support for next-generation security, optimization and cloud-centric functionality again all administered from a single portal. Functions such as Firewalls and Internet filtering can form part of your standard policy set, while optimised traffic flow and access to corporate resources can also be granularly configured to your business’ specific requirements.
How could SD-WAN benefit my business?
While SD-WAN can benefit any business, the largest impact in terms of operational efficiency and cost can be had in organisations with multiple locations. Retail outlets, hotels, education institutions or branch offices- whether your business is spread nationwide or worldwide, SD-WAN could reduce complexity and increase productivity whilst delivering a lower TCO. As your business expands and your need to provide connectivity to remote locations (or as is becoming more common, to remote workers individually) increases, managing your Wide Area Network becomes more complex. Businesses have the choice of expanding expensive private networks such as MPLS, VPLS or leased lines to each and every site, or relying on connections that may not be Enterprise-grade to provide Enterprise-level performance and security with Virtual Private Networks (VPNs) or secure tunnels between locations.
The topology is also a challenge- how you connect all your locations either to each other (often called a ‘mesh’) or to a central hub (known as ‘hub and spoke’) is not a straightforward decision, and both have advantages and drawbacks. Go hub-and-spoke and all your traffic has to go via the central hub, meaning inefficient traffic flows are common and your central hub could easily become a bottleneck, or a single point of failure. Choose a mesh topology, and it can quickly become unwieldy to manage traffic routing and expanding the network with new locations becomes a risk to your entire WAN.
These are problems enough, but how businesses need their WAN to work for them has changed. Enterprises don’t necessarily have all their business resources in one location any more, meaning traditional WAN topologies may no longer make sense. The adoption of cloud-based ‘SaaS’ solutions, Voice over IP (VoIP) and the increasing reliance on Video conferencing not only lead to greater bandwidth demands from remote sites, but also put greater emphasis on the need for robust, stable connectivity. Moreover, this also raises some challenges with how you optimise traffic over the WAN. If your remote workforce needs to access HQ Business data located on-premises, as well as web-based CRM and Office applications as well as point-to-point communication between sites, routing all this traffic efficiently to deliver the performance and stability required is no easy feat.
SD-WAN was designed to solve all these problems and more, specifically engineered to provide the flexibility, manageability and security needed to efficiently build WAN connectivity for today’s businesses.
Performance and Reliability
The services deemed as critical will vary from business to business. It could be connectivity from Point-of-Sale devices in retail locations, access to corporate resources- whether hosted in private datacentres or a cloud based offering such as Microsoft 365 or Salesforce- from branch offices, or simply just to keep employees connected via video calls or IP telephony. Whatever is critical for your business, SD-WAN could enable you to deliver it securely, with higher performance and fewer interruptions.
Through link-aggregation and multi-path technology, SD-WAN can leverage multiple links to offer an improved user experience over the SD-WAN overlay as we learnt previously. But the use of multiple links also means that in the event of a link failure, a local broadband outage for example, all traffic will failover to the remaining available link or links seamlessly, and with no interruption. Even if you only have a single link available, SD-WAN could improve the performance and reliability of the user experience. Latency caused by an unstable 4G connection can quite easily mean that video calls are difficult or impossible to participate in, but using the SD-WAN overlay across the very same link is able to deliver a perfectly usable experience. How? The overlay is aware of the state of the link or links it operates on, and can mitigate unstable or poor-performing links by adding a quality-assuring ‘wrapper’ around the traffic, allowing communications not received or received out of sequence to be re-assembled or re-transmitted instead of being jumbled or lost. Simply put, SD-WAN could help keep your operations running smoothly, even if your connectivity is anything but.
Bringing a new branch office or additional office site online is a traditionally slow and potentially expensive feat. A new location would mean new hardware- routers, firewalls, switches and Wi-Fi access points- that would all need an experienced network professional sent to site to configure and install (and in all likelihood, triage and troubleshoot). In today’s pandemic-aware world, what was once at best an arduous task is now an almost impossible one in some cases with travel restrictions either enforced, or not advisable.
When a place of work could quite literally be anywhere, or if you have tens or hundreds of sites to bring online, the light-touch, profile-based SD-WAN deployment is a cheaper, faster and safer way of getting connectivity out to where it’s needed.
Deploying a new site can be as simple as plugging in a single piece of equipment and clicking a link, meaning no expertise is required at the site to install and enable. You don’t even need to wait for connectivity to be installed at the site to make it operational. Why be delayed waiting for fixed lines to be installed or broadband to be activated, when you can deploy with a 4G dongle. All configuration is applied using profiles and policies, all that’s needed to get your new site fully configured is an internet connection. When your permanent links are ready to go, switch seamlessly to the new link and either use the 4G as a secondary line or remove it completely, it’s as simple as that.
Reduction in Branch office footprint
We know that SD-WAN is a suite of capabilities delivered as a single solution. It’s also delivered in a single piece of hardware, meaning it requires a much smaller footprint in your branch office. A single SD-WAN device can be your router, your firewall, your switch and your Wi-Fi access point all in one. No rack required, no complex cabling and no excessive power provision- and also no IT expert required in each location to support or maintain it.
More Visibility, and control
Since the outbreak of the global COVID-19 pandemic, business mobility quickly became a key focus for many organisations. More than ever before, enabling your workforce to be productive no matter where they are working from is critical. What this means will be different from business to business, but the underlying challenges remain the same. Access to corporate resources needs to be secure, but it also needs to be robust and performant to avoid falling into the quagmire of ‘Shadow IT’. Your business must maintain control of critical data, so the tools you provide must be up to the task. If not, staff may well find their own easier but insecure ways of working, and your critical business data could slip into the shadows with no visibility, or control.
SD-WAN gives you that control and visibility along with the tools to ensure access to your business critical resources is secure and performant. With granular, policy-based controls you can for example:
- Prioritise IP Telephony and Video conference traffic over your links, guaranteeing they will always have the bandwidth they need
- Force access to corporate data over VPN or MPLS, to make sure your business traffic remains within the business regardless of where your remote locations are
- Block or restrict access to undesirable or non-business related applications such as facebook or Spotify, or any application not compliant with your business policies
- Allow local direct internet access for web-based resources, improving performance and reducing load on your datacentre infrastructure.
- Apply web filtering to all web traffic, either on-premises proxies in the datacentre or through cloud-based deployments
- SD-WAN allows any location to be a part of your business, and more importantly under your business control.
Gateway to the Cloud
Whether your business is already leveraging Cloud services or it’s on the roadmap to deliver on your business strategy, SD-WAN can quite literally be your Gateway to the Cloud. With a cloud-based ‘backbone’ of Gateways located in the same datacentres as the major cloud service providers such as Microsoft, Amazon and Google, you can direct traffic destined for cloud services direct to these datacentres, essentially landing on the doorstep of Microsoft 365, AWS and GCP.
Together with the granular application routing, SD-WAN can give your traffic- and your business- a direct on-ramp to the cloud.
Traditional WAN deployments can be complex and expensive to maintain, rendering any wide-ranging change to topology or routing difficult, and a huge risk to operations.
With a Profile-based approach to configuration, managing one hundred sites can be as easy as managing one. Centrally-controlled profiles mean there’s no need to send an engineer with the necessary expertise to every site, instead the changes can be made to the necessary profiles and automatically pushed out to all sites with those profiles associated. This massively reduces the time and expense it can take to rollout changes to your business connectivity, but the risk is also significantly reduced as well. If a change of configuration results in a site losing connectivity with the central management Orchestrator, it will automatically detect this and rollback to the previous ‘good’ configuration to restore connectivity.
Site and WAN configuration is also ‘intent-driven’, meaning that your SD-WAN administrators describe the desired state of the network but don’t need to know the typically complex, low-level commands that would be required to deliver it. This takes away the risk of human error, whilst ensuring uniform configurations across your WAN that is based exactly on how your business needs it to operate.
Typically when evaluating business solutions, the decision comes down to one single basic comparison: Cost vs Functionality.
More often than not, you have to choose between getting all the functionality you want at a premium, or paying the price you want to pay but with reduced capability. It’s rare that you can get all the bells and whistles at an attractive price, however this is exactly what SD-WAN could deliver for your business. In fact, SD-WAN can take it one step further and deliver enhanced functionality, with all the security, performance and flexibility your business needs to deliver on strategy, whilst delivering cost savings with a lower overall TCO.
We know that SD-WAN provides an overlay across any number of connectivity options. This means that you can have all the benefits of dedicated, private WAN connectivity- but delivered on lower-cost, true commodity connectivity offerings.
From business broadband to 4G LTE, SD-WAN can deliver the same functionality as an MPLS for example, but with better performance and a lower TCO. This also means that you can do business from more locations than ever before. Providing fixed, dedicated links is not always possible- with SD-WAN you can have the same control, and provide the same user experience wherever you can get an internet connection.
VMware SD-WAN – The intelligent network that makes the internet work better
Panoptics deliver cutting edge Cloud-Delivered SD-WAN in partnership with VMware SD-WAN, the global market leader. Enabling simple, agile and secure branch office wide area networks, VMware SD-WAN dramatically decreases bandwidth costs and deployment timeframes, to deliver a high performing flexible network over private, broadband Internet and LTE links for today’s increasingly distributed enterprises.
Enable your workforce and your business to be more mobile than ever before, in a time when a productive remote workforce is essential.
- VMware SD-WAN features Dynamic Multi-Path Optimization (DMPO) technology, using deep application recognition and policy-based monitoring to make sure performance and reliability is delivered to the applications that need it most
- Even with slow or unstable links, VMware SD-WAN link-steering and remediation monitors links in real-time, redirecting traffic on a per-packet basis to ensure optimal performance. Error-correction and buffering help to negate link degradation, and application Quality Scores show you the difference VMware SD-WAN makes to your critical services- and ultimately the end-user experience.
- Available as a physical or virtual appliance the VMware SD-WAN Edge gives you the freedom to deploy how you wish, whilst Zero-touch deployment gets your branches operational quickly with any available internet connection.
Maintain security and control, in a world where Cyber Security threats are constantly evolving.
- The VMware SD-WAN Orchestrator lets you control your entire WAN from a single pane. Whether enrolling a new site, tweaking policies or changing entire topologies, administration is quick, simple and safe.
- With integrated Next-Generation Firewall (NGFW) features, VMware SD-WAN gives you granular control of services of applications to ensure business policies are enforced across your distributed enterprise. User and device-aware, the integrated firewall can also help you enjoy the benefits of BYOD, securely.
- VMware SD-WAN can integrate seamlessly with cloud-based security services- Advanced Threat Protection (ATP) and web filtering can be leveraged, branch-by-branch and application-by-application.
Reduce costs, in a global market facing uncertainty and new challenges.
- VMware SD-WAN’s feature-rich, optimised and secure network gives you the confidence and control of a traditional MPLS or VPLS solution, over lower-cost and more flexible commodity connectivity.
- Zero-touch deployment will get your new sites up and running quickly- without the cost and risk associated with sending technical resources out to site.