SD-WAN stands for Software-Defined Wide Area Network. Before we jump into SD-WAN let us clarify the Wide area Network (WAN). WAN is the connection between local area networks (LAN) separated by considerate distance anything from a few hundred meters to thousands of kilometers.
The term software-defined implies the WAN is programmatically configured and managed. So, it can be easily adapted quickly to meet changing needs.
SD-WAN can increase your network security with encrypted network traffic, network segmentation, the use of a central provisioning system, increased visibility into the WAN, and optimized performance overall. Segmenting your network limits any attack damage to a manageable area. A central provisioning system provides a piece of software that controls all of the separate nodes interdependently which gives better communication and connection between your network, very different from the traditional WAN setup.
Some of the key features of SD-WAN include
- Better application experience
- High availability, with predictable service, for all critical enterprise applications
- Multiple hybrid active-active links for all network scenarios
- Dynamically routed application traffic with application-aware routing, for efficient delivery and improved user experience
- Improved OpEx, replacing expensive Multiprotocol Label Switching (MPLS) services with more economical and flexible broadband (including secure VPN connections)
- More security
- Application-aware policies with end-to-end segmentation and real-time access control
- Distribute security to the branch and remote endpoints with NGFW, DNS security, and NGAV
- SASE Integrated threat protection enforced at the right place
- Optimized cloud connectivity
- A seamless extension of the WAN to multiple public clouds
- Real-time optimized performance for Microsoft Office 365, Salesforce, and other major SaaS applications
- Optimized workflows for cloud platforms such as Amazon Web Services (AWS) and Microsoft Azure
- Simplified management
- A single, centralized, cloud-delivered / on-premise management dashboard for configuration and management of WAN, cloud, and security
- Template-based, zero-touch provisioning for all locations: branch, campus, and cloud
- Detailed reporting of application and WAN performance for business analytics and bandwidth forecasting
Let us discuss Cisco SD-WAN
Before we move into discussing the Cisco SD-WAN discussion let us discuss the vendor selection process.
The vendor selection process will show you that many vendors have not been able to quickly evolve to produce more effective software-defined platforms. Small vendors do not offer a holistic platform for WAN management and rarely have the necessary years of experience in the WAN market. An ideal vendor will recognize and resolve your specific pain points as well as be a leader in the WAN market. This ensures that they will have the capability to meet your current and future requirements for the entirety of your SD-WAN project.
Cisco is one of the leaders in SD-WAN and it meets the above-mentioned criteria.
Cisco SDWAN is the solution that is provided by Cisco. It consists of the following
vBond is the first point of contact and thus our first point of authentication for all SD-WAN components as they boot up and join the SD-WAN fabric. On-Premise deployments can be hosted on either ESXi or KVM hypervisors
The vManage NMS is a centralized network management system that provides a GUI interface to easily monitor, configure, and maintain all Viptela devices and links in the overlay network. The vManage NMS software runs on a server in the network.
vSmart is the brain of the SD-WAN overlay. All the control plane policies, centralized data policies, and VPN topology policies are configured on vSmart by vManage. In addition, to control plane functions, vSmart also handles the security and the encryption functions by providing the key-management process.
The vEdge Cloud router is offered as a virtual machine that whereas cEdge is offered as hardware, which can be deployed in a variety of private, public, and hybrid cloud computing environments. It is supported on all major hypervisor platforms. Cisco vEdge Cloud router uses the Intel DPDK infrastructure to help ensure the most optimal performance on x86.