Oct 26, 2017
SD-WAN technologies are becoming mainstream as distributed organizations experience the benefits of plentiful internet bandwidth, prioritized access to critical applications, and the ease of centralized management. Leading IT organizations are deploying SD-WAN solutions with software-based routing and displacing traditional branch router architectures. Over time, Doyle Research expects significant disruption of the branch router market with SD-WAN becoming the primary platform.
The popularity of SaaS-based applications, hybrid cloud deployments, and pervasive mobility continues to drive a shift in WAN traffic patterns. In addition to a significant growth in WAN bandwidth requirements (20% per year), traffic is now flowing directly from branch/mobile locations to cloud-based applications. This reduces the reliance on the traditional MPLS networks connecting the branch to the centralized data center. Backhauling internet-bound traffic from the branch, back to headquarters and then out to the internet to access SaaS or web applications is inefficient in connecting a distributed workforce to the cloud.
SD-WAN solutions enable enterprises to introduce economical broadband to augment MPLS, steer traffic in accordance with application requirements and centralize management. Distributed organizations continue to implement SD-WAN at a rapid pace to meet their growing needs for bandwidth and to deliver high performance access to SaaS-based applications. SD-WAN technology continues to improve its security and routing capabilities and its ability to intelligently steer traffic based on application-driven policies.
The SD-WAN architecture enables a radical shift in branch network architectures. SD-WAN provides the routing required to connect the branch to appropriate WAN links, including MPLS, Ethernet, internet broadband, cable, and 4G LTE – thus enabling IT organizations to displace (retire) existing branch routers. Replacing the router simplifies branch network operations by eliminating the need to manually reprogram every router whenever traffic patterns, application QoS, or security policies change. SD-WAN’s centralized, simplified management system provides for easy deployment and automated control of application traffic flows.
SD-WAN supports additional functionality at the branch, including WAN optimization and stateful firewall. This eliminates the need for a separate WAN optimization appliance and provides IT organizations the option to distribute or centralize branch network security. For example, the Silver Peak Unity EdgeConnect SD-WAN solution incorporates a stateful firewall and enables granular internet breakout with First-packet iQ to identify and to automatically steer trusted SaaS and web applications directly to the internet. Unknown or suspicious application traffic can be quickly and easily service chained to next-generation firewalls or cloud-based security services for further inspection.
See Figure 1:
The popularity of SD-WAN with its benefits of improved bandwidth economics, application prioritization, and centralized management, is rapidly reshaping the branch network architecture. Distributed IT organizations can now implement an application-driven WAN Edge architecture that provides a flexible branch network deployment model. IT leaders should select SD-WAN technologies that, while fully compatible with existing routers and firewalls, can enable the transition to a “thin” branch network architecture – one without traditional routers or firewalls. The new WAN edge architecture will deliver consistent application performance, robust security and operational efficiencies. Over the next few years, Doyle Research expects SD-WAN to dominate the branch network conversation and, over time, to replace traditional routers and provide branch-based network security.
Lee Doyle is Principal Analyst at Doyle Research, providing client focused targeted analysis on the Evolution of Intelligent Networks. He has over 25 years’ experience analyzing the IT, network, and telecom markets. Lee has written extensively on such topics as SDN, NFV, enterprise adoption of networking technologies, and IT-Telecom convergence. Before founding Doyle Research, Lee was Group VP for Network, Telecom, and Security research at IDC. Lee contributes to such industry periodicals as Network World, Light Reading, and Tech Target. Lee holds a B.A. in Economics from Williams College.