It has only been a few years since SD WAN arrived to transform Wide Area Networks from restrictive layer 3 MPLS and layer 2 VPLS to all encompassing digital transformation. In many respects, the challenge is to actually understand which of the many SD WAN features align with your particular organisation. And perhaps more than this, how each feature differs from vendor to vendor.
We’ve put together a matrix of features below in an attempt to describe the business SD WAN benefit together with a more detailed explanation to expand further on the technology.
What are the top SD WAN features?
Note: Click the links below to expand on the feature.
|Software defined Features and benefits||Description|
|Path selection||How the solution measures application performance to decide on the best path for hosted applications such as SaaS.|
|Next generation security||Whether or not the solution offers basic or advanced capability with anti-malware, IDS, IPS, content filtering and sandboxing.|
|SD WAN architecture||Does the SD WAN vendor or provider offer their own backbone access with cloud services (AWS, Azure, Google)?|
|WAN optimisation||Features such as TCP optimisation, caching, deduplication and compression.|
|Traffic handling||Traffic can be session-based (apps are on one link or the other or packet-based where sessions can take place over multiple links simultaneously.|
|4G/5G||Ability to terminate 4G and 5G connectivity with fast start options.|
|Maximum throughput||Determine whether the solution is able to deal with required throughput and VPN tunnels based on your WAN topology.|
|Form factor||Physical, Virtual (VMware, KVM), Cloud (AWS, Azure, Google).|
|Year launched||Denotes experience.|
|Gartner status||As listed within the latest Gartner magic quadrant.|
1. Application and cloud path selection
The level of intelligence afforded by SD WAN solutions means businesses are positioned to leverage application path selection either pre-determined, dynamic or a mixture both capabilities. With SD WAN path selection, links are continuously monitored against specific parameters including latency, packet loss, jitter, MOS (Mean Opinion Score), PESQ (Perceptual Evaluation of Speech Quality) and complete outage situations..
Each SD WAN appliance/device is continuously monitoring delay, loss and availability with some solutions offering sub-second failover and recovery across paths.
Path selection can be based on:
- The designated traffic steering policy
- Quality of Service configuration
- The state of access circuits
- Latency, jitter and packet loss
With designated traffic steering, policies are available to dictate which circuit/link will be best placed to service SaaS applications. On the flip side, applications not designated as mission critical traffic may be sent via a less important path.
What are the core capabilities of SD WAN path selection?
Service Level Agreement (SLA) Monitoring
In order to minimise SLA monitoring traffic, configuration can be deployed to learn link states between every neighbour which has the downside of generating significant traffic. Alternative paths can be used to send initial packets to avoid congesting the primary path/route.
Where voice is concerned, SD WAN is able to create a replica of the voice traffic over secondary and tertiary links. When packets are lost on the primary links, the secondary and tertiary mirrored circuit will deliver the complete voice data.
FEC (Forward Error Correction)
FEC delivers encoded messaging which includes an ECC (Error Correcting Code). In short, the receiving entity is able to correct the data without having to request that the sender retransmit the complete data.
2. Next generation Security (NGFW)
The average SD WAN consists of IPSec based site-to-site VPN, next-gen Firewall capability and segmentation of network app traffic. With SD WAN evolution, company adoption of cloud-based applications has positioned security perimeters to expand. In this respect, the security of our network can now be virtualised outside of the branch-office (where required) and into the data centre creating a hybrid of both hardware and virtual security deployment.
The NGFW (Next Generation Firewall) is the key feature-set behind the security of SD WAN deployments. The features associated with NGFW are:
- Application awareness (Layer 7)
- Intrusion detection and prevention
- URL and content filtering
- Malware detection
- Antivirus protection
(all of the above security SD WAN benefits and security features are available in the cloud or on-premise)
3. SD WAN architecture
The choice to be made is whether to select an SD WAN solution with dedicated service provider private backbone or a vendor only capability which will require your business to procure connectivity. Providers such as Aryaka and CATO offer access to private based connectivity resulting in predictable SLA performance between sites.
SD WAN with backbone connectivity requires local VPN into the nearest provider PoP which can sometimes cause detrimental network performance depending on distance and location. With every solution, architecture must be carefully considered regardless of whether private backbone connectivity is leveraged or your business opts for end to end Internet.
Whether or not the use of private backbone connectivity is viewed as a benefit is down to your view of end to end Internet access. Where MPLS VPN offers predictable traffic performance between HQ and branch-office locations, the Internet is viewed as ‘less trusted’. However, with the right SD WAN features to support traffic profiles, the Internet (or rather public IP) is now a trusted platform for delivering WAN & Cloud connectivity for the largest of Enterprise organisations.
4. WAN optimisation
Optimising WAN apps in respect of local TCP acknowledgement and caching is not a new technology. SD WAN positions your business to add optimisation features as a component of single device WAN infrastructure.
WAN optimisation adds to the performance of your overall traffic by leveraging the application granularity of SD WAN services allowing improvements to be made per traffic profile. The adoption rate of WAN optimisation is significantly high as users demand consistent SaaS access wherever they are located. IT teams benefit from a lower cost of ownership by integrating features into a single device vs legacy deployments which required the cost of additional hardware.
5. Traffic handling
The decision on how to handle traffic is a feature to make the most of available bandwidth. SD WAN typically offers per-session and per-packet traffic treatment/load balancing. Outside of balancing your traffic, your business may opt for primary and failover configuration which is often the case where there is no tangible benefit of balancing traffic. E.g. primary 1Gbps with 1Gbps failover where the primary is (for example) only using 200Mbps.
SD WAN further improves upon the legacy load balancing options of standard routers which do not support multiple circuit types, neither do they monitor network conditions for packet loss and excess latency. As an example, SD WAN could use different transport links, e.g. Ethernet, Broadband and 4G/5G based on any given profile which will dynamically update based on network conditions.
While 4G and 5G WiFI may not be suitable for a medium to large office locations, businesses are leveraging wireless connections to provide failover or alternative paths for less important data. Where businesses need to bring up sites quickly or temporarily, SD WAN ZTP (Zero-touch deployment) is the enabler to delivering fast networking capability without the need to physically interact with equipment. When deployed with 4G/5G connectivity, sites can be brought on-line within hours.
When reviewing SD WAN provider and vendor features, 4G/5G support is not a given with some solutions offering e-SIM capability, others requiring a SIM card. Note that certain vendors that do not support wireless cell connectivity.
7. Maximum throughput
If your business is subject to imminent growth, you’ll need to consider the longevity of any SD WAN hardware and licence agreements. The maximum throughput will be measured in both features (which require CPU, memory) and bandwidth. If your business is expecting growth, your IT team will need to factor in upgrading any SD WAN vendor solutions that may require performance improvements.
8. Form factor
There is a decision to be made whether your business adopts the traditional WAN edge hardware deployment (customer premises hardware) or will adopt virtualisation technology, perhaps a hybrid of both technologies. Within the data centre environment, access to Cloud-based services such as AWS, Azure or Google will require WAN termination which is typically delivered via hardware or a virtual instance alongside other virtualised services. There is a preference toward virtual delivery of networking capability due to simplified delivery, cost efficiency and ease of management.
Delivery of SD WAN is typically:
- Physical via traditional WAN edge
- Virtual (VMware, KVM)
- Cloud (AWS, Azure, Google)
9. Year launched
The year of launch denotes how experienced the provider and vendor is across delivery of Software-based WAN solutions. When considering the year launched, take into account previous experience of legacy WAN delivery to build a complete picture of experience.
10. Gartner status
Gartners report on magic quadrant status is an indication of how leading SD WAN providers deliver on features. While the Gartner report is valuable, there are other players which could suit your business requirements outside of magic quadrant listed businesses.
The majority of IT teams have a tendency to focus on the leaders quadrant but this does not always mean that ‘leaders’ are a good fit for your business. The Netify SD WAN assessment opens up the marketplace to totally evaluate providers and vendors.
SD WAN providers and vendors are denoted as:
- Niche players