As cloud adoption accelerates, the relevance of a traditional router solution for wide area network (WAN) connectivity, wanes. It is now the era of Software-Defined WAN (SD-WAN)… or what Silver Peak likes to hail it, “self-driving WAN”.
SD-WAN technology will gain global traction as cloud services proliferate, with an estimated 55 percent of large enterprises implementing an all-in cloud SaaS strategy by 2025. After all, with 50 percent of IT budget consumed by traditional WAN services, businesses are faced with bandwidth wastage and performance degradation due to backhauling internet-bound traffic from the branch to headquarters.
What’s Driving the Need for SD-WAN
In a June 2017 IDC report commissioned by Silver Peak group, it is noted that traditional WANs are not architected for the Cloud. This is because applications tend to reside exclusively behind firewalls in enterprise data centers, which made it able to support branch-to-data center and branch-to-branch traffic, but not to support increasingly critical branch-to-cloud application traffic. Furthermore, the traditional WAN is poorly suited to the security requirements associated with distributed and cloud-based applications.
An additional complication is that legacy WANs tend to encompass disparate technologies and products – such as routers, firewalls and WAN optimisation appliances – that may not be designed to work together. As a result, they are onerous to configure, deploy and manage. Indeed, configuration occurs at the device level, is manual and time-consuming.
In today’s real-time digital transformation world, the objective of connecting users to applications is based on business intent. Consequently, bringing new branch locations of an enterprise online with a traditional approach based on Multi-Protocol Label Switching (MPLS) and complex command-line configuration of legacy routers take too long to effect, i.e man-on-the-ground to manually add or change things, device-by-device basis.
Finally, traditional hub-and-spoke WAN architectures typically necessitate backhauling Internet-bound traffic from branch offices to the data center, then out to where applications reside in the cloud before going back through the data center and on to the branch. Imagine the expense associated with using MPLS for this inefficient transport of cloud applications in today’s prerequisite of business agility!
If numbers are telling, IDC found (from an SD-WAN survey of worldwide respondents in 2016) that most enterprises are currently using or planning to use a range of cloud services, with nearly 56% indicating that they are using public infrastructure as a service (IaaS), about 44% reporting the use of in-house private cloud, and nearly 42% indicating that they are using software as a service (SaaS). About 70% of the respondents indicated that they would adopt SD-WAN in the next 18 months. It was predicted that by end 2017, about 80% will be using IaaS and in-house private cloud to some degree and approximately 74-percent will be using SaaS. IDC has not released updated actual figures as yet.
In its July 2017 report, IDC believes this increased confidence in emerging WAN architectures, and the rapid embrace of SD-WAN, across enterprise and service providers will help drive the market to reach US$8 billion in infrastructure and services by 2021 in US. It is safe to say that Silver Peak Systems figure highly as a top three SD-WAN global player in this projection. The company currently has over 600 SD-WAN customer deployments worldwide.
The Future of SD-WAN in Malaysia
Silver Peak’s SD-WAN solution has been in the Malaysian market since 2015. In Malaysia, Silverpeak’s SD-WAN solutions have already been deployed in the manufacturing, shipping and government sectors, although customer names and numbers are held privy. Nevertheless, going forward, the company is targeting corporate customers in the services, insurance, financial services and healthcare sectors.
The “Thin Branch”
In a recent media roundtable session with Tricia Png, Regional Director, Asia, Silver Peak Systems, she opines that shifting internet traffic patterns require the intelligent, application-aware steering of SaaS to direct traffic, changing the role of routing at the WAN edge. By combining SD-WAN, routing, WAN optimization and branch firewall capabilities in a single, fully integrated “thin branch” solution, enterprises and service providers can greatly simplify WAN edge infrastructure and streamline the management of underlying WAN services.
Routing will continue to play a role in an SD-WAN architecture, particularly as enterprises migrate to a new WAN edge. However, Png says that while an SD-WAN solution can replace branch routers, it’s also important that it supports legacy routing protocols to enable interoperability with environments that are not part of the SD-WAN infrastructure yet.
Zero-touch provisioning
Centralised orchestration is a key element of a complete SD-WAN solution. From a single-pane-of-glass, application priorities, quality of service and security policies are configured and assigned to automated traffic handling across the WAN. A single mouse click distributes SD-WAN configuration parameters to all sites, improving operational efficiency and minimizing the potential for human errors that can affect application availability. If needed, integrated WAN optimization can be added to specific applications, simply by checking a box.
In short, zero-touch provisioning allows network managers to easily add new sites to the SD-WAN without specialized IT resources at branch office locations.
Security
Base-level security will be provided inherently, and additional layers of security will be afforded by automated traffic steering, which will ensure that applications traffic can be automatically identified on the first packet of each flow and automatically directed to the internet or to firewalls at regional offices or at corporate HQs. Granular security policies will be driven by application profiles. For e.g. trusted business applications will be directed to the internet, lower-priority known and personal applications will be directed to a secure web gateway, and unknown or suspicious applications will be directed for further inspection to firewalls at regional offices or at corporate HQs.
Blacklisted applications would be dropped. As a result, known high-priority applications traffic will be delivered expeditiously and securely while less important, unknown, or potentially malicious traffic will be subject to additional inspection or outright blacklisting.
Conclusion
Being network-agnostic, SD-WAN works over fixed broadband internet connections, satellite links, terrestrial cellular LTE broadband and also MPLS connections. In the coming advent of 5G, Png welcomes it as another means of efficient “transportation” to further reduce latency and provide quality real-time applications.
Its SD-WAN network can be set up in as little as two weeks, compared to three months, in the installation of traditional MPLS lines. The telcos are responsible for MPLS installation and those leased lines are priced according to distance and speed. In Malaysia, it ranges from RM36,000 per annum for a 64Kbps (kilobits per second) line to as much as RM240,000 per annum for a 2 Mbps (megabits per second) line.
Indeed, IDC believes that greater intelligence will come to the WAN through advanced analytics and enhanced visibility. The SD-WAN must become cognitive, proactive and self-driving. As David Hughes, Founder CEO of Silver Peak Systems says, “If Google can produce self-driving cars, why can’t Silver Peak produce self-driving networks?”
