SD WAN (Software-Defined Wide Area Network = Software Defined Wide Area Network), is an approach to the design and implementation of wide area networks that uses software abstraction to simplify network management and make it more flexible.
At the end of the article you will find a small test that will allow you assess the knowledge acquired in this reading
The basic components of an SD-WAN are the following:
1. Network control software
This software provides “software-defined” functionality. Essentially, it allows network administrators to configure, manage and monitor the wide area network from a centralized point, usually through a graphical user interface.
Network control software can also implement algorithms and policies to manage network traffic, select the best path for each data packet, and respond to changing network conditions.
2. Software-defined network devices
These are the physical devices (such as routers and switches) that are used to create the wide area network.
In an SD-WAN, these devices can be controlled and managed by software, meaning they can be reconfigured or updated remotely without having to change physical hardware.
3. Network connections
An SD-WAN can use any type of network connection, including MPLS, LTE, Wi-Fi, optical fiber, and even connections Bandwidth Internet. This provides great flexibility in terms of cost and performance.
E.g., a site with high performance requirements may use an MPLS connection, while a site with less demanding requirements might be fine with a broadband Internet connection.
Advantages of an SD-WAN
Greater flexibility
Since network settings are controlled by software, it is much easier and faster to make changes or updates.
centralized management
Network management is performed from a single centralized point, simplifying administration tasks and reducing the time and effort required to manage the network.
Network performance optimization
By using software-defined algorithms and policies, an SD-WAN can automatically select the best path for each data packet, which can improve network performance and reduce latency.
Potentially lower costs
By being able to use any type of network connection, an SD-WAN can opt for lower-cost paths when possible.
Security
As a software-managed network, SD-WANs typically have strong built-in security measures, such as network segmentation, data encryption, and threat identification and isolation.
SD-WANs are especially useful for organizations with multiple locations (such as offices or stores) that need to share data and applications securely and efficiently.
This includes companies with branches in different cities or countries, organizations that use cloud services, and companies that need high availability and network performance.
Features
If we delve a little deeper into how an SD-WAN works, we find some additional concepts and features that help explain its usefulness and flexibility:
Network virtualization
As with other software-defined technologies, SD-WAN uses virtualization to separate network functionality from physical hardware devices.
This allows you to create virtual networks that can be configured and managed independently of the underlying network infrastructure. Virtual networks can be easier to manage and can offer greater flexibility and scalability.
Load balancing and policy-based routing
SD-WAN can distribute traffic between multiple network connections based on predefined policies. This can help maximize network utilization and improve performance.
For example, critical applications mission-critical or delay-sensitive routes can be directed via the fastest or most reliable routes, while the non-critical traffic can be directed through less expensive routes.
Redundancy and resilience
SD-WAN can use multiple connections network simultaneously, providing redundancy in the event of a connection failure.
Additionally, if a connection becomes unstable or suffers performance degradation, SD-WAN can redirect traffic to other connections automatically, providing greater resilience.
Traffic and safety inspection
SD-WAN can inspect traffic network to identify and prioritize certain types of traffic (such as voice over IP o video conference), and to detect and respond to security threats.
Many SD-WAN solutions also include built-in security capabilities, such as firewalls, intrusion prevention, and data encryption.
Cloud Integration
SD-WAN is particularly useful for organizations that use cloud services.
It can improve the performance and reliability of connections to cloud services, and can facilitate network management in a hybrid cloud or multicloud environment.
Implementación
In terms of implementation, an organization may opt for a SD-WAN from a single provider, which includes both network control software and software-defined network devices.
Alternatively, they can opt for a multi-vendor solution, in which the network control software and network devices come from different vendors. This last option can offer more flexibility, but can also be more complex to manage.
SD-WAN solutions can also be physical o cloud based.
In a physical solution, software-defined networking devices are installed at each site. in a solution cloud-based, network control software is hosted in the cloud, and sites connect to the network through network devices that can be simpler and less expensive.
Commercial Solutions
Cisco Viptela
Cisco is a major player in the networking world and offers a robust SD-WAN solution with Viptela. This product includes features such as policy-based routing, network security, WAN optimization, and deep analytics.
VMware SD-WAN by VeloCloud
VMware, known for its virtualization solutions, offers SD-WAN through VeloCloud. VeloCloud's offering is notable for its ease of use, cloud focus, and flexibility in terms of connectivity and traffic management.
Silver Peak (acquired by HPE)
Silver Peak offers an SD-WAN solution that focuses on improving application performance, network security, and simplicity of WAN management. Hewlett Packard Enterprise (HPE) acquired Silver Peak in 2020, strengthening its position in the SD-WAN space.
Fortinet Secure SD-WAN
Fortinet, a leader in network security, offers an SD-WAN solution that combines software-defined WAN features with advanced security capabilities. Fortinet's offering is attractive to organizations looking for an SD-WAN solution with strong built-in security capabilities.
Comparative table of commercial solutions
Cisco Viptela | VMware SD-WAN by VeloCloud | Silver Peak (HPE) | Fortinet Secure SD-WAN | |
---|---|---|---|---|
Policy-based routing | ✔️ | ✔️ | ✔️ | ✔️ |
WAN Optimization | ✔️ | ✔️ | ✔️ | ✔️ |
Integrated network security | ✔️ | ✔️ | ✔️ | ✔️ |
Analytics and reports | ✔️ | ✔️ | ✔️ | ✔️ |
cloud management | ✔️ | ✔️ | ✔️ | ✔️ |
Ease of use | ✔️ | ✔️ | ✔️ | ✔️ |
Support and Customer Service | ✔️ | ✔️ | ✔️ | ✔️ |
Scalability | ✔️ | ✔️ | ✔️ | ✔️ |
Multi-cloud integration | ✔️ | ✔️ | ✔️ | ✔️ |
This table should only be used as a starting point for comparison, as specific capabilities and strengths vary from vendor to vendor and may be more or less relevant depending on your organization's specific needs.
Free Solutions / Open Source
FlexiWAN
It is the first open source SD-WAN in the world. It allows users to customize and build their SD-WAN solution with a variety of modular and scalable options.
OpenContrail (aka Tungsten Fabric)
It is an open source SD-WAN platform developed by Juniper Networks. Provides a scalable and flexible software-defined networking solution.
Comparative table of open source solutions
FlexiWAN | OpenContrail (Tungsten Fabric) | |
---|---|---|
Open Source | ✔️ | ✔️ |
Modularity | ✔️ | ✔️ |
Customization | ✔️ | ✔️ |
Community support | ✔️ | ✔️ |
SDN capabilities | ✔️ | ✔️ |
Integration with existing infrastructure | ✔️ | ✔️ |
Documentation | ✔️ | ✔️ |
These two open source solutions offer a great deal of customization and flexibility. However, with that flexibility comes additional complexity and you may need more technical knowledge to implement and maintain these solutions compared to commercial solutions.
Additionally, although they are free in terms of licensing costs, there are costs associated with the implementation, maintenance and support of these solutions that you should be aware of.
For example, you may need to dedicate more internal time and resources, or you may need to hire external consultants or support services.
Brief knowledge quiz
What do you think of this article?
Do you dare to evaluate your learned knowledge?
Recommended book for this article
RouterOS v7 Advanced Routing Book
Study material for the MTCRE Certification Course, updated to RouterOS v7
2 comments on “What is an SD-WAN”
Excellent introduction to SD-WAN
Edgar, we appreciate your comment. Little by little we will expand more information on the subject.