The SD-WAN market is in high gear. The concept is solid and the benefits are real. There are, in fact, very few WAN situations that would not benefit greatly from this technology. However, all SD-WAN is not the same. There are multiple paths you choose as you endeavor to take your existing, running, trusted network...to a brand new modern one.
The primary value proposition for SD-WAN centers on the high cost of traditional WAN. As the internet has grown, it has become easier (and cheaper) to get broadband internet circuits just about anywhere. For many users, high speed bandwidth was no longer a benefit of driving to the office. I has become harder to explain why we had to build the networks that we did and as traffic patterns have migrated cloud-wise, these designs are showing their age.
MPLS has been the dominant form of enterprise WAN over the past few decades but it finally has a very viable competitor in SD-WAN. MPLS circuits provide a dedicated networkthat iscompletely distinct from any other network. Every remote connection has a specifically sized circuit delivered to them so you know exactly how much bandwidth you get at each site...it is all very predictable. Which is important. If any location needs to access 'the internet' than this is commonly done by routing that connection through a central office which has big pipes to the internet and various security mechanisms for filtering it.
Two big issues have come out of this:
Enterprise IT has long been able to connect to the Internet directly from any remote office. This is not a new idea. It just came with too much risk.
SD-WAN is now offering a credible option for enabling a secure 'hybrid' WAN. The hybrid is a reference for how SD-WAN is here to augment, not necessarily replace those expensive MPLS circuits with a less expensive broadband internet.
There will be multiple, physical circuit terminations into the same edge point. Does the vendor have hardware routing experience? Some locations may need an MPLS line, pus two different sources of Internet connectivity. If it's a really critical area, consider adding cellular failover, 4G LTE or other wireless that might be available. Make sure you can run active/active on those cabled circuits as well so that you are not paying for something 'just in case.'
When SD-WAN is done right, it should offer asimplifiedability to route enterprise traffic in asecuremanner with aconsistent quality of experience that is as good or betterthan what you are doing now.
If you are considering an SD-WAN solution, there are quite a few options in the market. Here is my shortlist for things you should make sure you dig into with any option under consideration:
1. Simplicity-the software defined part of SD-WAN refers to the control portion of your routers now being handled somewhere else. This is generally a cloud based that you access with what is hopefully a simple interface. Couple of quick things to check for here:
2. Securityshould be more than a passing mention to IPsec encryption.
3. Quality of Experience-as opposed the ease of use pointer above, this QoE mention is really about the controls and design in place that benefit the end-user.
There are no shortage of SD-WAN vendors right now. This is truly where WAN networking is going, it is not a fad of any sort. But as much as networking changes, it still remains the same. Don't overlook the importance of a good track record in both networking and security. Most vendors seem to have some experience in one but are then partnering for the other. Partnerships are hard.We do it. But if any one element that is important to you, is being handled through a partnership...make sure you are comfortable with how that will work for you if something goes awry. This is your network after all...everything and everyone is impacted.
Don't run towards SD-WAN ONLY because it offers tremendous cost savings when compared to your private lines. There should be no increased risk or settling for sub-standard control options. SD-WAN is a technology your network should aspire to with better security, better visibility, control and ease of use. It's all here and it's fun to show off.
As always, I did not get to cover everything...but I hope it answered a few questions. We have a TechWiseTV episode on this of course but I do encourage you to check out the product page: cisco.com/go/sd-wan.
So, What are you looking to get out of SD-WAN? What would you add to this list of things to look for?
Deep: Check out our TechWiseTV episode on SD-WAN. Ramesh Prabagaran and David Klebanov broke down the new options quite well. I believe they were both Cisco employees well before working with Viptela...I am glad to have them back.
Also, check out Anand Oswals blog on vAnalytics. I did not spend any time talking through the visibility options you should be 'looking' for...but he covers it well.
Deeper:David Klebanov also lead our workshop where he took live Q&A. These workshops are great for having a little more time to play with and of course, getting some interaction.
Deepest:Check out David's session from Cisco Live: Delivering Cisco Next Generation SD-WAN with Viptela -BRKCRS-2110. I hardly ever have time to go to the Cisco Live sessions that I want to attend. I think there are over a 1,000 of them or so at each event? Meeting engineers and learning new stuff is what makes Cisco Live such a required event every year. David and Ramesh did a number of sessions in Orlando this summer. You can hear just how much real routing knowledge went into the Viptela design. I love the Q&A especially because a Cisco Live audience is filled with the smartest and most experience network engineers in the business.
TechFieldDay is a great resource. I really liked one that they did in 2016 for Networking Field Day 13. There are quite a few good demos from David in here.
For network security detail, I really got a lot out of some Viptela specific resources: Control Plane Security and Data Plane Security which examine how authentication, encryption, and integrity are implemented throughout the overlay network.
Thank you for watching. Thank you for reading.
Leave me a note below to tell me you read this far down the page...
Robb
@robbboyd
Watch all of our shows at techwisetv.com, follow the show on twitter @techwisetv
Integrating Viptela SD-WAN onto Cisco IOS-XE on TechWiseTV