SD-WAN Overview & Architecture
SD-WAN is software defined Wide Area Network mostly used to provide accelerated service delivery , better application performance by utilizing multiple WAN links by automating network deployment.
Need for SD-WAN:
SD-WAN is needed to solve following business challenges:
- High access cost for MPLS based network for better application performance
- Branch deployments are complex in nature day by day
- Issue faced due to static traditional Architecture while migration to dynamic and public cloud environments.
Challenges faced by using traditional WAN
- Complex Static WAN Architecture and need to simplify WAN for enterprise Branch offices
- Inefficient WAN utilization in case branch has multiple link
- Branch faces often insecure communication, even if uses IPSEC, causes latency due to larger packet size
- Branches faces Rigid WAN circuit Requirement
- Backhauling leading Performance issue of application
- Expensive Traditional Private WAN links
- Cloud Migration requirements
Features of SD-WAN:
Below are the features of SD-WAN:
- SD-WAN visualize the network
- It ensure the secure Overlay
- It simplifies the Service Delivery
- It is well interoperability with traditional WAN segments
- It uses Low cost effective hardware
- It supports automation and business policy framework
- Enables Managed services like monitoring, troubleshooting, configuration
- It provide zero-touch deployment of branches.
SD-WAN Architecture has three layers:
- Secure Cloud Network
- Virtual Service Delivery
- Orchestration & Analytics
Secure Cloud Network: It means SD-WAN provides Secure Overlay and is transport independent and uses any combination of Public and Private Circuits and provides connections to both DC and SaaS applications. Transport can be anything like MPLS, LTE, DSL, CABLE, PTP, 4G, and 5G etc.
It uses standard encryption Algo like AES, over any transport to provide Secure Overlay.
Virtual Service Delivery: A large verity of Virtual Services like FW, Load Balancer, LAN optimization, web security can be delivered to branch with need for Hardware of everything and these virtual services can be easily deployable as NFV also.
Orchestration & Analytics:
This layer provide control plane which is used for forwarding traffic to and from the on premise and cloud Nodes. Orchestration can be deployed by two methods: Cloud based or On-Prim appliance based.
This layer has main following function:
- Management of SD-WAN Environment (Edge, gateways and controller)
- Configuration, Monitoring and Troubleshooting of SD-WAN environment.
- Business policy Framework definition and implementation across SD-WAN sites
- Providing High available and resilient Control plane
Branch deployment Options:
Given below the following Branch deployment option based on its traditional WAN: