SD-WAN - MOBILE INTERNET

Digital transformation is taking place at high speed. Network structures are becoming more complex due to the use of cloud services as well as mobile work and home offices - and thus more susceptible to capacity bottlenecks and security gaps. A traditional wide area network (WAN) no longer fits into a world that relies more and more on cloud applications. This is where SD-WAN offers an intelligent approach that solves the problems of today's WANs using software.

01

Definition: What is SD-WAN (Software-defined Wide Area Network)?

SD-WAN technology can be defined as a software-based WAN solution. In concrete terms, this means that the line-based physical infrastructure is supplemented by a software overlay and the individual components are linked together by a central platform.

Companies are increasingly confronted with the challenge of not only establishing their networks at various locations, but also simultaneously integrating all remote offices as well as users and network subscribers into their data network. For this purpose, SD-WAN provides a reliable, cost-effective and secure solution. Compared to traditional solutions, network coverage and virtualization are used to provide better and more flexible connections at lower cost and complexity. The routing of the network traffic as well as the determination of the most efficient connections (or connection types) between data source and data destination is thereby taken over by the software. In addition, connection types can be selected depending on the application or the sensitivity of the data, among other things. Security requirements can also be implemented centrally via network management.

In today's cloud-oriented world, the functionality of the traditional enterprise WAN is reaching its limits. The main task of the WAN is to connect users of branch offices or a campus environment with the applications that are centrally operated in the data center. Access to cloud environments also often run via central instances. Usually, dedicated MPLS (Multiprotocol Label Switching) circuits are used for this purpose, which should ensure security as well as guarantee reliable network connections. But MPLS is not designed to handle the explosion of WAN traffic we see today. The expansion of data traffic not only makes the management of networks become more complex but also application performance can no longer be reliably guaranteed due to outdated technology. The dedicated data lines and the central instance quickly become a bottleneck, even though the destination could be reached via the Internet. SD-WAN offers a new approach that solves precisely these problems.

02

How does SD-WAN work?

Technically, an SD-WAN network is based on an enterprise WAN. In contrast to the conventional WAN, software and central control functions are used to control and route data traffic on the WAN more intelligently. More precisely, the software takes over the routing of the traffic to all network participants and simultaneously locates the most efficient path with the highest data throughput. Software also monitors the data streams. Since these tasks are handled by a virtual overlay, the network gains maximum flexibility. The processing of data traffic can thus be adapted according to business requirements, priority, quality of service (QoS), and security requirements. Furthermore, for data transmission both public (e.g. 4G/5G) as well as private Internet connections are used. One criterion for selecting the appropriate connection is, for example, the sensitivity of the data to be sent. With all this SD-WAN can meet very high security requirements. 

SD-WAN takes over traffic management

As part of a SD-WAN, an enterprise WAN is installed, which then uses Software-defined Networking (SDN). The SD-WAN software is deployed on-premises or in the cloud. To avoid common network problems that can occur when routing traffic to cloud applications, the SD-WAN routes and manages cloud traffic from a dedicated location. This can reduce the number of negative incidents such as service outages, packet loss or poor connections. The SD-WAN evaluates incoming requests and efficiently routes traffic to the required data center, application or branch office. Enterprises can use SD-WAN to ensure that their scaling and distributed workforces have secure, easy and fast access from any suitable location.

Active use of all transmission type, including MPLS, broadband and LTE

SD-WAN virtualizes WAN services such as MPLS (Multiprotocol Label Switching), broadband Internet services such as 4G / LTE / 5G and uses them as a resource pool. Existing connections are used more efficiently and the management as well as the operation of the wide area network is simplified. Among other things, this allows the available bandwidths of WAN connections to be shared across different technologies such as MPLS, cellular (3G, 4G, 5G, UMTS, LTE) or commercial internet connections. Software handles the routing of traffic and determines the most efficient connections between data source and data destination. 

03

Use and functions of SD-WAN

Depending on the provider, the functions and type of use of an SD-WAN can vary. In principle, a well-positioned SD-WAN should meet the following requirements: 

  • The Central Administration of the network is done via a cloud-based console that provides a complete overview of cloud environments, network connections and end users logged into the LANs as well as WLANs of different locations.
  • Enterprise-wide coordination of data traffic: Performance specifications and access permissions can be enforced for all applications and users, regardless of location, using policies customized for business use. When embedded in software based on vCPE (virtual Customer Premises Equipment), SD-WAN also monitors the conditions of all public and leased line services and determines how to route each type of application traffic.
  • Remote deployment with functions for extending cloud networks and for automated activation of local network components. Cloud-based applications offer the advantage that they can be used regardless of location. An effective SD-WAN solution covers the entire infrastructure of a company. From a central console, the corporate network can be extended so that every user, whether employee, partner or customer, has secure and high-performance access to applications and files at all locations.

What potential does SD-WAN offer for your company?

SD-WAN offers numerous advantages over a traditional network infrastructure. Especially when cloud services play a role in daily business, SD-WAN technology can show its full potential. Get in touch with us and learn from our experts how your company can also benefit from SD-WAN.

04

The advantages of SD-WAN

The technology enables companies to simplify the management of different applications while adapting their corporate network to contemporary cloud computing solutions. Looking more closely, there are even more advantages to SD-WAN:

  • Lower operating and investment costs: Costly MPLS services are replaced by more economical and flexible broadband (including secure VPN connections). Even in hybrid application structures, the use of cost-intensive data connections is significantly reduced.
  • Greater flexibility and responsiveness: The network can be used far more individually, as SD-WAN solutions quickly adapt to the respective requirements. This allows a company to react more flexibly to new IT innovations.
  • Supports diverse secure, high-performance connections and reduces backhaul penalties that MPLS networks face.
  • SD-WAN enables load balancing within connections by adjusting data streams based on network conditions for higher performance.
  • Supports the automatic deployment and change of premium network services such as VPN, firewall, security, WAN optimization and application delivery control.
  • Increases network security through encryption: The WAN data stream is forwarded encrypted and the damage in case of possible security breaches is minimized thanks to the software-based segmentation of the network. In addition, security policies can be enforced more effectively with the help of centrally controlled administration.

05

Issues solved by SD-WAN

Maintaining overview and control of the corporate network

A major problem with the traditional WAN is that it was developed before the age of cloud applications. Accordingly, WANs are designed to transmit application traffic through enterprise data centers, not through IaaS and SaaS services operated by external providers, as is increasingly the case today. Due to this, they have limited capabilities for monitoring network performance and data, and for visualizing network health. In addition, MPLS WANs do not have a firewall. This must be managed separately as an additional individual solution, which makes monitoring even more difficult.

An SD-WAN solves this problem with the help of Centralized network and security managementwhich is integrated into the software. This not only provides comprehensive visibility of network health, but also simultaneously increases application performance as well as control by routing traffic across WAN links according to programmable and scalable policies. In this process, multiple Integrated security implementations (e.g. firewall, IDS/IPS platforms) are used without performance degradation.

Increased application performance

The general lack of visibility that traditional WANs bring with them leads to losses in application performance. In the event of network congestion, for example by a sudden increased use of VoIP or video conferencing, the limited capabilities of a WAN do not provide the adequate scope to respond appropriately to this challenge, as it lacks the necessary application discovery and real-time intelligence. SD-WAN, on the other hand, provides relief by leveraging programmable network devices that can be controlled remotely and via dynamic routing be modified.

In order to apply the desired policies to cloud and Internet traffic, MPLS-based WANs typically need to backhaul through a data center. This process introduces significant delays and reduces the reliability of cloud applications. As a stopgap measure, portions of traffic are then moved from MPLS to higher bandwidth network transport systems, which in turn drives up the cost of managing multiple different plans and navigating the time-consuming MPLS provisioning process.

SD-WAN technology makes it possible to bundle multiple types of links within a network overlay, so that the use of high-bandwidth broadband Internet can be implemented in addition to or as a replacement for poor MPLS connectivity. Furthermore, to further enhance the user experience, both Quality of Service (QoS) and WAN optimizations as well as Automated Cloud-On-Ramps be used in the areas of SaaS, PaaS and IaaS. The integrated security features of some SD-WANs provide a multi-layer threat protection, which is specifically designed for environments with cloud connectivity. In addition, the security features of SD-WAN have a much less negative impact on user experience than the MPLS backhaul approach.

SD-WAN: More flexibility and scalability in corporate networks

Companies often have limited technical staff and IT budget. However, the requirements of a traditional WAN oppose these limitations: The reliance on a hardware-defined architecture ensures that a local team is needed to configure and manage the specialized hardware. Moving, adding and changing thus becomes a difficult, or even impossible process in a WAN. In addition, carrier-based MPLS can take months to deploy. Connecting just a single branch office to the corporate WAN can become a major undertaking. For a forward-thinking enterprise that needs to respond flexibly and quickly to change, this is not reasonable.

With SD-WAN, policies can be easily adapted as circumstances change. Businesses can be more agile thanks to Zero Touch Provisioning and deploy WAN connections in branch offices within minutes. This creates a future-proof WAN architecture that fits many on-premises, virtual, web, cloud, SaaS applications and desktops.

Reduce network costs with SD-WAN

MPLS connectivity, on which traditional WANs are based, requires a costly and customized router infrastructure, making it significantly more expensive than broadband Internet, cellular or satellite solutions. Furthermore. real-time applications and data-intensive cloud services require more bandwidth than is provided, despite the high cost of the of static connections. In addition, there are administration and management costs as well as an increased security risk for data leaks caused by outdated security models.

As lower-cost bandwidth sources are viable alternatives, SD-WAN as a whole is less restricted and less expensive than MPLS. It also combines several types of network transport for the transmission of real-time and TCP applications.

06

Exploiting the potential of broadband in the corporate network

Broadband services within enterprise SD-WAN offer serious potential. However, concerns about broadband performance, reliability, and security have lingered among some decision makers:

  • In what way is a broadband Internet connection secured to create a secure SD-WAN?
  • How do you ensure that business-critical applications always receive top priority?
  • Can sites be configured, managed and expanded in a simple way?

The solution is to migrate to a business-oriented SD-WAN platform, which combines SD-WAN, firewall, segmentation, routing, WAN optimization, and visibility and control capabilities on a single platform. Instead of employing SD-WAN only as a contingency, advanced software-based security and performance capabilities enable enterprises to reliably and actively use broadband to transport traffic. By replacing MPLS with broadband, enterprises can not only significantly increase WAN bandwidth, but also reduce overall WAN costs.

Ebook: Secure Corporate Network with SD-WAN: How to Map Agile Requirements in Times of Digital Transformation.

Learn more in our free ebook:

What makes a future-proof corporate network
Why SD-WAN is ideally suited for this task
What role a hybrid WAN can play
What tips you can use to immediately increase network security
and much more

07

SD-WAN vs. SDN: a rendition

Both technologies are based on the same central concept: controlling a network using software. Therefore, they have several things in common:

  • The data level and the control level are separated: In a traditional network, the data plane does the routing. The control plane, which determines where to route traffic, resides in a router or switch, making it inconvenient for administrators to control the flow of data. Both SD-WAN and SDN solve this problem by integrating the control plane into a software environment. After an administrator connects a device, he or she can control the flow of data on the network from a central location.
  • Virtualization: Virtualization is the linchpin of both technologies and creates an abstraction of the physical network. Both solutions allow the user to manage the network in this virtual environment. 
  • Possibility for virtual network functions (VNF): Virtual network functions manage certain network functions such as load balancing and firewalls. They can be strung together or combined to create a fully virtual environment. Both solutions enable VNF integration, which can provide another convenient layer of control for an administrator.

The main differences between SD-WAN and SDN are as follows:

  • SD-WAN provides a wide-area network (WAN) that connects multiple sites, making it in some ways a SDN in the WAN SDN, on the other hand, focuses more inward on the local area network (LAN) or service provider network.
  • Another key difference is that SD-WAN is defined by the vendor as a Managed service who provides it, rather than from internal resources. This means that SD-WAN requires less work from a network administrator because the provider delivers the service. SDN, on the other hand, is designed and configured by the user, which requires more resources.
  • SD-WAN can also be used with a virtual private network (VPN) SD-WAN can be implemented into existing VPNs. Existing VPNs connecting multiple sites can therefore be expanded using SD-WAN.

08

SD-WAN vs. MPLS Comparison

SD-WAN and MPLS are both solutions that enable enterprises to achieve high-performance and reliable network connectivity. However, they take different approaches. Some important Differences between MPLS and SD-WAN are:

  • Confidentiality: Although MPLS is isolated from the internet, it does not offer data encryption. Traffic flowing over an SD-WAN connection, on the other hand, can be encrypted in a VPN tunnel.
  • Safety: MPLS does not offer integrated security functionality. Security functions must be established via an additional solution. SD-WAN solutions usually contain integrated security functions. In addition, central administration enables performance specifications and access authorizations to be enforced for all applications and users regardless of location. 
  • Transportation media: MPLS reliably provides connectivity over fixed network circuits. SD-WAN aggregates multiple transport media to reach the same destination more efficiently. Routing traffic and determining the most efficient connections between the data source and destination is handled by software dynamically instead of a fixed configuration. In addition, paths can be chosen depending on the application or the sensitivity of the data.

09

The market for SD-WAN solutions is growing rapidly

Some companies are still rather hesitant about SD-WAN technology. However, due to the high potential, experts expect the market for industrial SD-WAN solutions to grow by 30 % in the coming years and generate a market volume or revenue equivalent to 4 billion euros by 2023. Many companies are turning to SD-WAN solutions because they hope to gain important advantages, especially in terms of security and flexibility. In particular, companies with branched structures or branch offices will benefit from converting their company-specific network to SD-WAN.

10

SD-WAN solutions with Peplink

Peplink offers multi-WAN VPN bonding (SD-WAN) routers and access points with industry-leading robustness, a clear and intuitive web interface, and a wide range of features and product capabilities. The company has helped numerous customers move from traditional WAN to SD-WAN solutions to achieve higher WAN reliability, greater bandwidth, and significant cost reduction. Over the years, Peplink has developed a powerful combination of products and technologies that enable the deployment of robust SD-WAN networks, while also maintaining ease of use. Administration is done through a single cloud-based console that combines visualization, management and tracking of complex WAN deployments.

11

Inter Data Systems are Peplink Gold Partners

As a Peplink Gold Partner, Inter Data Systems is your contact for efficient and flexible SD-WAN solutions. Our 30 years of experience in implementing pan-European WAN solutions in a wide range of industries, coupled with our Peplink-certified technicians, make us your partner for SD-WAN implementation. Get a non-binding consultation now.

12

Conclusion on SD-WAN

In an increasingly cloud-oriented world, networks must meet new requirements. Every end user should be able to reliably access digital services regardless of location. This goal cannot be achieved with traditional hardware-based WAN networks, which are difficult to adapt. SD-WAN enables automated administration and provisioning processes and central coordination of data traffic in a unified enterprise network. Central administration, enterprise-wide coordination and remote provisioning make an SD-WAN flexible and thus future-proof.

What potential does SD-WAN offer for your company?

SD-WAN offers numerous advantages over a traditional network infrastructure. Especially when cloud services play a role in daily business, SD-WAN technology can show its full potential. Get in touch with us and learn from our experts how your company can also benefit from SD-WAN.