By Deon Geyser, CEO Liquid Intelligent Technologies, South Africa
With networked applications and security still being the top concerns for most businesses, those that transform their IT and network architectures, and use cloud services, should simultaneously consider transforming their security architectures. By implementing SD-WAN these enterprises can ensure a smooth and uninterrupted experience, with improved performance, increased security, and lower operational costs. Its biggest selling point, however, is the oversight it gives IT departments who will benefit from a real-time overview of their application performance, network stability, and the ability to troubleshoot, audit, and direct capacity, as well as implement different configurations quickly and easily.
As the use of business-critical, cloud-based applications continues to increase, enterprises with a distributed infrastructure of remote offices or workspaces, and an expanding remote workforce, need to adapt. While traditional Multi-Protocol Label Switching (MPLS) and Wide-Access Networks (WAN) have helped in the past, the ever-changing needs of the enterprise will add pressure to the system, and they will struggle to meet these constantly shifting demands.
SD-WAN is a software-driven WAN architecture alternative that allows enterprises to use any combination of transport services, including broadband internet services, MPLS, and Long-Term-Evolution (LTE/5G), to securely connect users to applications. SD-WAN decouples the physical network from its control mechanism to automate and simplify the management and operations of the WAN. It allows for the secure and intelligent routing of application-aware traffic on the WAN, which increases application performance. Functions that used to be delivered through separate pieces of infrastructure at the WAN edge, or customer premises, are now delivered through integrated SD-WAN technology.
What all of this means for the end-user is that SD-WAN can provide increased control and security, allowing for connectivity bandwidth at a much lower cost than traditional WAN setups. It also provides enterprises with more options for connections, while increasing the number of vendors and services (such as connectivity options) available when building a network.
In traditional network designs, network administrators would use dual fixed line connections, delivered by different operators as underlay transport for MPLS and routed networks to deliver redundancy. The networking devices were complex to configure to effect load balancing application-level filtering and optimization, etc., so in most cases this was not done, and one link was left idle most of the time. In a SD-WAN setup, one can use one dedicated primary line, and use cheaper alternatives, such as a consumption-based mobile link as backup. The company will only pay when the link is used, and it is kept in reserve till needed. The intelligent SD-WAN edge devices can then make application-based decisions when the backup link is activated, i.e., only allow business critical applications, and hold back traffic such as large file transfers till the secondary line is restored, while maintain the service levels and security for business-critical applications.
This increased oversight cannot be understated. SD-WAN’s implementation of WAN connections creates a situation where the edge router makes fewer local decisions – which is the opposite of what happens in the case of a traditional edge router. SD-WAN devices makes use of software defined policy-based rules that is centrally configured and enforced at the edge, i.e., which traffic is business critical, as well as security rules.
As an analogy, imagine buying a new car at a dealership and then having to call the dealer for any changes you make to the car – everything from opening the boot, to changing a tyre, to giving it a service. This is the situation users find themselves in using traditional edge routers. SD-WAN does away with this, recognising a trusted request and granting them permission faster, thus speeding up the rate of transactions. This makes SD-WAN network much cheaper to maintain and operate.
Most SD-WAN solutions that are available in the market today come with an integrated stateful firewall that offers additional security features. This secure access is particularly helpful when you have a remote worker working from home using Software as a Service (SaaS)-based applications over a public internet. Most remote workers now access corporate applications delivered in a secure controlled environment, as well as accessing public cloud services such as their e-mail from the same device. Rather than routing traffic to a firewall at an enterprise data centre before routing it to the end-user, SD-WAN allows for traffic to be routed through a secure gateway helping to eliminate the inherent risks of any public Internet connection.
Enterprises that have implemented SD-WAN have seen a reduction in their overall cost of doing business, improved network performance with added functionality, improved security with end-to-end encryption across the entire network, more consistent uptime, and greater visibility and flexibility across the organisation. If you are in the process of transforming your IT and network architecture, and transitioning to Cloud, take the time to further investigate SD-WAN and the benefits that it could offer your enterprise. There is no doubt that it will play a pivotal role in the future of business operations.