A Software-defined Wide Area Network (SD-WAN) is a virtual WAN architecture that allows companies to leverage any combination of transport services, including broadband internet services, to securely connect users to applications (video, voice, cloud-based programmes, etc).
An SD-WAN uses a centralised control function to securely and intelligently direct traffic across the WAN. This increases application performance, resulting in enhanced user experience, increased business productivity and reduced costs for IT. As such, an SD-WAN is a considered a clever way to build a WAN, particularly if you have third party connectivity and would like to connect to private clouds.
Traditional WANs based on conventional routers are not cloud-friendly. They typically require backhauling all traffic – including that destined to the cloud – from branch offices to a hub or headquarters datacenter where advanced security inspection services can be applied. The delay caused by backhaul impairs application performance resulting in a poor user experience and lost productivity. Unlike the traditional router-centric WAN architecture, the SD-WAN model is designed to fully support applications hosted in on-premise data centers, public or private clouds and SaaS solutions such as Salesfore.com, Workday, Office365 and Dropbox, while delivering the highest levels of application performance.
How does an SD-WAN work?
An SD-WAN uses software and a centralised control function to more intelligently steer or direct traffic across the WAN. An SD-WAN handles traffic based on priority, quality of service and security requirements in accordance with business needs. The conventional router-centric model distributes the control function across all devices in the network - routers simply route traffic based on TCP/IP addresses and ACLs.
Not all cloud-bound or web traffic is created equal. Many cloud applications and their providers natively apply robust security measures. Accessing these “trusted” applications directly from the branch, across the internet provides the needed security to protect the enterprise from threats. A few examples include Salesforce, Office365, ServiceNow, Box, and Dropbox.
However, other cloud apps and web traffic may be less trusted, unknown or even suspicious, requiring more advanced traffic screening. A sample security policy might be:
- Send known, trusted business SaaS traffic directly across the internet
- Send “home from work” applications like Facebook, YouTube and Netflix to a cloud-based security service
- Backhaul untrusted, unknown or suspicious traffic such as peer-to-peer applications or traffic to or from a foreign country back to a headquarters-based next generation firewall.
The intelligence and ability to identify applications provides an application-driven way to route traffic across the WAN instead of simply using TCP/IP addresses and ACLs. This software-driven approach delivers a much better QoEx (Quality of Experience) than possible with router-centric WAN model.
With that said, SD-WAN is not going to offer the QoEx, reliability or security as a direct, private connection.
SD-WAN is not as good as a direct, private connection
We are fans of SD-WAN, particularly for customers who have third party Ethernet connections. With SD-WAN we are able to connect you to VTSL's core network, despite not providing your connectivity.
But SD-WAN is not as good as a direct, private connection to VTSL's core network - as is delivered when your Ethernet is provided by VTSL. With a direct connection to the VTSL cloud, customers enjoy a reliable, secure connection for voice and other VTSL applications. Most other providers are not ISP's and thereby can't offer a direct connection to their voice network. They can only offer SD-WAN.
So the bottom line? SD-WAN is a great wide area network technology as it offers intelligent routing of traffic, and a way for companies to securely access private clouds, but it can't replace a direct connection.
For more information on SD-WAN, Ethernet or network connectivity options, please get in touch today! 0207 078 3200 or info@vtsl.net.
About VTSL
VTSL is a leading cloud communications provider in the UK & Ireland, specialising in cloud telephony, LAN & WAN, fibre connectivity and unified communications. VTSL offers solutions ranging from contact centres as a service to flexible working solutions to integrated productivity management. VTSL has over 10 years of experience providing the leading IP telephony platform to businesses and over 15,000 users across the UK and Ireland. To speak to one of our experts today, please call 020 7078 3200 or email info@vtsl.net.