Things move slowly in the WAN marketplace generally, but even here, the rate of change is increasing. If you are involved in WAN in any respect, then you will have heard of SD-WAN and if you believe all you see, then it’s a revolutionary development, the like of which we haven’t seen before. You may also believe that because it’s got “SD” in it, then it’s a sure-fire route towards full SDN. Finally, you may believe that it’s a definite way of saving money. Are all these claims true? Maybe I’m a cynic (I definitely am), but when I see so much marketing around a technology, I always find that I ask myself, “So what?”. I’ll try to answer that question in this blog.
Firstly, we have to understand what we mean by SDN and SD-WAN. Unfortunately, neither of these terms are well defined and as a result, vendors are defining them in all kinds of different ways. So let’s boil it down. In part one I’ll look at what SDN promises for the enterprise customer and at a very high level, how. While in Part 2, I will address how it relates to SD-WAN.
For starters, the key for me is that SDN promises the ability to apply a network policy across the entire network. For an enterprise, this means the entire network. Not just the WAN, but from the data centre, the branch LAN, the wireless network etc – fair enough but what does a network policy mean? In short, it means the ability to define how you want the network to work in a variety of areas. These could include security, application traffic behaviour, traffic prioritisation application availability and others. SDN allows you to define that policy once and automatically have it deployed using best practice across the entire network. This requires a centralised controller approach to hold, manage and deploy that policy.
There is nothing particularly revolutionary about that. Management systems have been around for a while with this kind of ability, but they have tended to be proprietary and limited in scope. SDN goes a step further in that it should allow customers to develop policies which are vendor agnostic and which can be dynamic in their nature. SDN is looking to provide other benefits beyond policies, such as simple hardware provisioning, but in the network arena, I believe this is more beneficial to the service provider than the enterprise customer. For an enterprise, the policy definition is the ‘killer app’ for SDN. This policy based approach means that a controller is required in the network. The controller needs a view of all network elements including their capabilities and configuration. It needs to know how it can interact with those network elements (routers, switches, AP’s, WLC’s, load balancers etc.) so that it can apply the policy created on it or through it. It needs to be able to accept input from other systems to allow those policies to be orchestrated and allow all those network elements to act as a single coherent entity. A big ask.
What might these policies deliver?
A security policy could define what the default policy stance is for an enterprise customer. For example, what ACL’s should be applied by default, what should happen to an Ethernet port when it hasn’t been used for a certain amount of time and what should happen if a network vulnerability is detected. Should a port be shut down? Should an ACL be applied? So, what? Dynamic reactive network security across all devices means rapid remediation of threats.
A traffic prioritisation policy could allow an enterprise to define their application list and build a QoS policy or policies and deploy or change them based on time of day or day of the week or any other criteria required. So, what? More dynamic traffic prioritisation adapting to network conditions means more consistent application response.
An application availability policy could track the performance of network interfaces and traffic paths and amend the network configuration to avoid poorly performing links. It could automatically perform a suite of troubleshooting procedures and mitigation techniques to allow the network to self-heal, not just in a ‘hard down’ scenario but when network performance degrades through other issues. So, what? Get the best performance out of your network at all times.
Any number of policies may be possible once SDN becomes an established reality. Needless to say, this reality is a little way off but the potential is such that I strongly believe that enterprise networks must be implemented to maximise that potential and with a strategy which enables it.
So, what about SD-WAN? What is unique about it?
Well, that’s what I’m going to look at in Part 2 but if you can’t wait until then, read our SD-WAN whitepaper here.