Spending on cloud services has been rising rapidly over the last few years. Cloud infrastructure spending grew to $107 billion in 2019, an increase of 37% over the previous year. Almost any IT service can now be served to customers from the cloud: servers, databases, storage, networks, applications, analytics, and a lot more. With a multi-cloud ecosystem (Private, Public, and Hybrid), enterprises are becoming more efficient, service-oriented, and agile.
With increasing cloud dependency, enterprises need to innovate and move beyond the legacy network architectures. Traditional networking technologies like MPLS are not designed for connectivity to the cloud. The answer to this challenge lies in Software-Defined WAN or SD-WAN.
The traditional networking approach is heavily centered around hardware. Gateways and routers need individual configurations through command-line interfaces (CLIs) or scripts. The network engineer needs to have complete knowledge of the IP address schemes, access control lists, ports and other network parameters. Consequently, there is a higher probability of making mistakes. However, with an SD-WAN, challenges like these are easily overcome.
SD-WANs use a combination of transport services, including the Internet, for providing application access. SD-WANs support zero-touch provisioning: the network device only needs to be turned on and connected to the network, and the device configuration is downloaded from a server or network controller. SD-WANs are application-aware and use software for providing the required level of quality of service (QoS) and security.
An SD-WAN is a network of appliances that are connected through encrypted tunnels. Every SD-WAN appliance further connects to a series of networks and keeps a check on their performance and availability. An organization has two options for connecting to a cloud provider: the cloud provider’s Point of Presence (PoP) or a vendor for SD-WAN.
The debate about how much organizations can rely on cloud-service providers’ POPs is ongoing. VMWare’s NSX SD-Wan, for example, enables POP network access through cloud gateways. This is what organizations can leverage for accessing several different cloud providers. In VMWare’s solution, the incoming traffic is routed to the closest data center based on the hosting location of the application being accessed.
Amazon Web Services (AWS) allows an organization to either configure a 3rd party SD-WAN software on every Virtual Private Cloud (VPC) or deploy it on the Virtual Private Cloud like a shared gateway service.
At the 2018 Ignite conference, Microsoft announced its Azure Firewall and Virtual WAN Service. This service would be used for connecting to their cloud network services with SD-WANs.
Let us explore a few examples of SD-WANs being used to connect to cloud services.
According to Microsoft, more than 50% of their commercial Office customers use the cloud (Office 365): this trend is only expected to grow in the future. The performance of Office 365 can vary depending on various factors such as geographic location, number of applications used, available bandwidth, and so on. To free up WAN links for other traffic, Microsoft has set up over 130 PoPs or edge nodes that allow its customers to connect to Office 365.
The Citrix SD-WAN solution for Office 365 is certified with the ‘Works with Office 365’ tag. It identifies and classifies traffic meant for Office 365. This traffic is then sent to the closest point of entry for Office 365. This approach provides the end-user with an overhead-free approach. The monitoring and traffic steering capabilities also simplify policy administration.
All the staff of Alaska Airlines at every airport is mobile and has access to lounges for resting between flights. Often, the staff may want to relax by watching a streaming service like Netflix. Through SD-WAN technology, Alaska Airlines has created a connection to the mobile device and determines the user and content they are trying to access. If the user tries to access a service like Netflix, the traffic is routed onto the public internet. This preserves bandwidth without affecting the traffic meant for enterprise applications.
Real-time communication can be a challenge for enterprises. Even the best Internet connections with high bandwidth can have unpredictable performance: inefficient bandwidth consumption, jitter, latency and packet loss are some of the common issues. Aryaka’s SmartCONNECT SD-WAN service is designed to provide predictable performance specifically for Cisco WebEx. This solution uses a global layer-2 private network that has WAN optimization built-in.
This solution allows applications handling mission-critical data to work with predictable performance and consistent user experience, all without deploying MPLS. SD-WAN solutions for WebEx also support last-mile optimization, thus providing guaranteed Quality of Service (QoS) at every location.
Businesses of all kinds use Salesforce to manage customer relationships and their growth. Salesforce comes with a complex architecture that is heavily dependent on the Internet for connecting data and its users. The Salesforce host is hosted at a data center located closest to the user. However, the actual server could be several countries or even continents away. Simply increasing bandwidth is not the answer here, and this is where SD-WAN based approach helps.
Tools like Aryaka’s solution for Salesforce connectivity provide SD-WAN as a service. On a high level, what this does is bypass the Internet that we all normally use (aka the ‘Public Internet’). The service uses a secure and optimized global private network, which allows the enterprise to have a predictable performance regardless of where the end-user may be located. Certain SD-Wan solutions also provide data compression which reduces the data volume for greater throughput.
Routing all data from the enterprise data center not only degrades latency but also severely affects users’ experience and performance. Compared to legacy networking architectures, connecting to cloud services and SaaS providers through SD-WAN provides several benefits. For any enterprise, it eliminates the need for scanning of all data at its own data center before sending it to the cloud/SaaS provider.
There are several other advantages to the SD-WAN approach as discussed ahead.
The SD-WAN PoPs can include an integrated security mechanism. This eliminates the need for deploying a standalone security appliance at every location. The networking and security appliances are also optimized for interoperation, thus increasing their overall integrity.
For many businesses, fast and efficient transport between all branch offices and the central office are of extreme importance. SD-WAN allows virtualization of the network which means more efficiency, better performance, and higher security. With PoPs employing SD-WAN, organizations can ensure global presence while minimizing latency. All of these benefits are accompanied by lower overall network costs.
With SD-WAN, the flow of traffic can be prioritized. This ensures that mission-critical data gets the required level of service and core functionalities are not impacted. Traffic is sent optimally depending on the underlying application’s need and priority. Solutions by many leading providers like Cisco and Aryaka support this feature.
Legacy network architectures are not designed for cloud and SaaS services. They pose several challenges due to the complexities involved. The network administrator has little visibility on the performance parameters between the user and the SaaS application. SD-WAN comes with zero-touch deployment, allowing the network engineer to deploy and add new devices without being present on-site. For most SD-WAN solutions deployment can be done in a matter of days. The dependency on the network engineer also reduces after the design phase.
Maintenance engineers also have greater visibility and control on SD-WAN connectivity. For instance, Cloud ONRamp by Cisco measures the performance of the SaaS applications and assigns a score. This score gives administrators better visibility on the performance of the application. The service also makes decisions about the best path to use in real-time. Enterprises have the option to enforce policies in a more targeted approach. For instance, they may allow direct connectivity for a specific set of SaaS applications – such as Office 365 – that they trust. Regular traffic can be routed using the Secure Web Gateway (SWG).
Compared to traditional architectures, SD-WAN allows for redundancy and improves availability. Unlike MPLS where the addition of a redundant link is expensive, SD-Wan allows for re-routing of traffic using an alternative transport method in event of an outage.
When it comes to choosing SD-WAN solutions for cloud connectivity, enterprises have a host of available 3rd party and PoP solutions to choose from. As enterprises move towards the cloud, the need for better, more robust, and efficient connectivity will only increase.
With it intrinsic flexibility, numerous benefits and lower cost, SD-WAN offers an optimal solution for the IT needs of the future.