By Ashish Shah, Solution Architect

SD-WAN – What it is, what it does, and why you need to know now.

With the shift to cloud computing and a distributed workforce, companies rely on connections to the external world and to remote offices in order to get work done. Software-Defined WAN (SD-WAN) technologies are a hot topic right now in the networking world. Here we have a case of two extremes coming together. One extreme is the WAN, which has seen little fundamental development in roughly a decade. The other extreme is Software-Defined Networking (SDN), which has been a focal point for massive development over the last few years. So, what does it mean to bring these two technologies together into a Software-Defined WAN?

To many network professionals, the term “WAN” does not refer to the Internet, but refers exclusively to enterprise WAN services such as (MPLS) MultiProtocol Label Switching, Private lines, Point to Point, and (EPL) Ethernet Private Line. The distinction is that enterprise WAN services were designed primarily to connect enterprise branch offices and data centers while the Internet provides connectivity to a huge range of resources with a myriad owners. To me that is an arbitrary distinction that is quickly losing relevance and as a result the term “WAN” refers to either an enterprise WAN service, the Internet, 3G/4G or any combination of these three services.

Expanding what is thought of as a WAN has some ramifications because as documented in the 2017 State of the WAN Report, network organizations have somewhat different concerns with an enterprise service, such as MPLS, than they do with the Internet. In the case of MPLS, those concerns are cost, uptime, and the lead time to implement new circuits. In the case of the Internet, those concerns are security, uptime, SLA and latency.

While some organizations continue to make use of WAN services such as MPLS, Point to Point, Private lines, EPL, and even ATM, the use of those services is quickly diminishing. The result is that we are rapidly approaching a time when IT organizations will have two WAN services to choose from: MPLS and the Broadband Internet. So the question is how to design a WAN using those two services?

Traditional WAN Design Giving Way to SD-WAN

One approach to designing a branch office WAN, which I will refer to as the traditional approach, is to have low speed T1 access or 5 Mbps Ethernet to a service provider’s MPLS network at each branch office, and a higher speed link, such as a T3 link, DS3 or 100 Mbps Fiber/Ethernet at each data center. In this design, Internet traffic is backhauled to a data center before being handed off to the Internet. One of the limitations of this design is that since the Internet traffic transits the MPLS link, this adds cost, congestion and delay which, when coupled with the lack of visibility and control increases frustration of IT staff and end users.

An alternative to the traditional approach described above is to supplement the low access link in each branch office with (DIA) Direct Internet Access, and to also leverage technology such as Policy Based Routing (PBR). PBR allows network administrators to create routing policies to allow or deny paths based on factors such as the identity of a particular end system, the protocol or the application.

This alternative design does have an advantage in that it enables network administrators to take Internet traffic off the relatively expensive MPLS link and put it on the relatively inexpensive Internet link. However, a major set of disadvantages of this approach is that configuring PBR is complex, time consuming, and error-prone. Another limitation is that this approach creates a static allocation of traffic to multiple links, which means that it isn’t possible to reallocate the traffic when the quality of one of the links degrades. This approach also gives very little visibility and control over the type of traffic that traverses the WAN.

For many, MPLS is the gold standard for wide-area network (WAN) routing. But if you’re experiencing the challenges above, it might be time to look into SD-WAN.

What is SD‑WAN?

SD-WAN is a potential game-changer for WAN—on the same level as server virtualization, which transformed data centers over the last 10 years. SD-WAN combines the use of multiple active branch links, intelligent direction of traffic across those links, and centralized, policy-driven management of the WAN as a whole. The ability to leverage multiple lower-cost services (including Internet and 4G wireless) as well as traditional services like MPLS holds the promise of transforming IT’s relationship to the WAN and the WAN’s relationship to the business.

The promise of a Software-Defined WAN is that it will leverage the underlying principles of Software-Defined Networking (SDN) to automate the configuration of WAN edge routers. SD-WAN technology also promises the ability to enable a WAN with multiple links to automatically reallocate traffic based on changing network conditions, overcoming the limitation of static traffic allocation you would see with PBR.

Some of the benefits and use cases for SD-WAN

  • Improving the performance and quality of service of your WAN
    • Measurable and dramatic reduction in dropped and out-of-order packets
    • Reduced effective latency between locations
  • Accelerate any WAN application
  • Improved performance for replication over the internet
  • Enables utilization of  lower cost bandwidth services, while providing redundancy of carriers
  • Simplify WAN architecture

Generating ROI and Boosting Efficiency

SD-WANs can create greater ROI for enterprises because they provide better scale and management, even when they work in conjunction with MPLS networks. Because these architectures are an overlay technology, they can be built atop existing routers and servers. SD-WANs enable aggregating data and sending critical traffic over the best connection, and allow enterprises to use inexpensive secondary or tertiary connections such as DSL, Coax, or 4G wireless, to route lower-priority traffic.


Furthermore, because SD-WANs are smart networks, enterprises can cut back on extra hardware and additional routing devices currently used to increase capacity. Because SD-WAN improves network performance without requiring additional classic networking hardware, this architecture can produce incredible ROI for large networks with significant bandwidth demands. In other words, an enterprise WAN with a dozen branch offices can realize a reduction in future hardware investments because the network performs more efficiently with its existing hardware.

SD-WAN Is Not an End, But a Beginning

Does the era of SD-WAN signal the death of the traditional router and MPLS network? Maybe – because this top-down approach to designing a network makes traditional routers perform smarter and more efficiently. Enterprises looking to save money can simply go with dual broadband WAN links and not expensive MPLS links.

An SD-WAN architecture allows an enterprise IT team to control network traffic from a single, centralized location, and that’s perfect for an enterprise with locations scattered around a town, city, region or even countries. The architecture allows applications – and by extension, business functions – to dictate what traffic receives highest priority so critical enterprise applications won’t be stuck in line behind other, less mission-critical network traffic. As a result, SD-WAN improves a network’s efficiency and bandwidth allocation while keeping long-term costs down.

SD WAN Enterprise Architecture

As demand for cloud applications and services continues to grow, enterprises are re-examining their WAN strategies and architectures to optimize business efficiencies, protect critical data and enhance the user experience across public, private and cloud paths. SD-WAN decouples network intelligence and configuration from physical connections and hardware to create a scalable, centrally managed WAN that connects distributed branches and remote locations regardless of connection type or carrier.

Drop me a note if you would like to talk more about SD-WAN.