SD-WAN, or software-defined wide area network, is a wide area network that uses software to control network operations across different geographies. SD-WAN is the next evolutionary step from a traditional WAN network which connects local area networks (LANs) together using VPNs or routers and un on MPLS.
WANs support a traditional client-server model where applications live in on-site data centers but are not designed to support applications hosted in the cloud. WAN networks run over MPLS and cannot directly access cloud resources from the branch but instead follow a hub and spoke design that backhauls traffic through the corporate data center. An SD-WAN extends support and visibility from the enterprise, branch and corporate data center into cloud-based applications allowing remote workers to experience high-performance levels.
SD-WAN allows WANs to mix and match different transport layers like broadband, 4G, or LTE, instead of only MPLS.
Moves, adds, and changes can happen on demand without significant preplanning or deployment periods. SD-WAN makes change management much more agile with its scalability of resources. Network changes can be made in a matter of clicks instead of stretching out over weeks and involving multiple parties.
Bandwidth is pooled from different service providers, so prioritization of specific applications can automatically run on the least congested links – the applications are not tied to underlying transport types but can take the fastest path intelligently for optimized performance. This results in fewer QoS policy violations and mitigates network congestion.
Is SDWAN Secure?
The broadness of SD-WAN makes security a top-of-mind concern for many NetOps and SecOps teams alike. The introduction of SASE products that overlay an SDWAN network attempts to correct this oversight but can still fall short. Because you can use different transport types, SD-WAN introduces public cloud and public internet connectivity which can be a concern as an access point for cybercriminals.
Is the monitoring included with my SD-WAN adequate?
Some SDWAN monitoring only gives visibility into the overlay SD-WAN fabric but not the underlay transport layers. During deployment and network maintenance, visibility into your entire network, from infrastructure core to cloud, is critical for troubleshooting and managing network health.
Find out if your SD-WAN native monitoring platform includes visibility into:
- network devices
- each transport provider and their SLAs
- data centers
- cloud applications
- north-south and east-west traffic
If not, you may need to supplement your monitoring platform with additional tools.