The noise in the Software-Defined Wide-Area Networking (SD-WAN) marketplace has reached pandemonium levels, as a wide range of vendors seek to disrupt the hegemony of
The reason why the SD-WAN space is so hot is because it represents disruptions at the conjunction of three separate areas: the wide-area network (WAN) market, cloud computing and the rapidly maturing Software-Defined Everything (SDX) arena.
Enterprises have been using WANs for decades, primarily to connect their remote offices or branches with their headquarters by leasing secure networking capabilities from telco carriers and running private networks over them. The underlying WAN protocols have evolved over the years, and the current one is Multiprotocol Label Switching (MPLS).
However, MPLS is now an older technology, and is more expensive than now-standard Internet broadband connections. Your home Internet may be both faster and cheaper than your company’s MPLS, the reasoning goes, so is the added security of a dedicated network over a leased line really worth the money?
The answer: it depends. For more sensitive or regulated traffic, MPLS may still be the technology of choice. But for many corporate uses, the Internet may be the more cost-effective option.
And then there’s the impact of the cloud. WAN is no longer simply about connecting one office to another. Today, every office must connect to various cloud services, from Salesforce to
SD-WAN also gives companies the ability to leverage different network technologies as a matter of policy. Instead of having to configure network hardware directly, SD-WAN centralizes administration of such networking policies, thus abstracting the underlying network.
That abstraction is at the core of SDX. Instead of having to configure and maintain any technology manually – from network equipment to servers and beyond – it’s now possible to shift the control to centralized software.
Now, if companies need to adjust which traffic goes over which connection, or establish granular rules about who can leverage which services over which network, admins can configure and manage all such choices from a simple dashboard.
SD-WAN Challenge: Differentiation
For enterprises looking at SD-WAN solutions, the challenge is differentiating the solutions on the market. Superficially, all vendors offer similar capabilities. Discerning the differences, therefore, is critical for making the best decision for the particular situation at hand.
The logical starting point for this discussion is Cisco. As the leading incumbent, it has the luxury of defining SD-WAN in terms of its existing technology – technology that most enterprises have already implemented at some level.
Cisco’s offering: Intelligent WAN (or IWAN), which consists of a set of traffic control and security features the vendor has integrated into its branch-office routers. However, if a company doesn’t already have Cisco gear in its branches, then IWAN may not be that good a fit – opening up opportunities for other players in the market.
Among the vendors capitalizing on the SD-WAN opportunity: Riverbed Technology.
Riverbed is an established player in the WAN optimization market with its flagship SteelHead devices. WANs have long required optimization because the long distances involved can lead to performance issues like latency and slowdowns. Riverbed has implemented innovative approaches for resolving such issues and has a loyal customer base as a result.
With the more recent rollout of its SteelConnect SD-WAN solution, Riverbed is now a significant player in the SD-WAN market as well. Yet, while SteelConnect offers a remarkable level of policy-based control via a highly usable dashboard, Riverbed’s competitors are also rolling out such features.
One of Riverbed’s most defensible SD-WAN differentiators is its WAN optimization, as it leverages patented IP and years of product development in the SteelHead product line. Now, Riverbed is bringing those innovations to its SteelConnect SD-WAN offering.
SD-WAN and the Telecom Service Provider Channel
Riverbed also recently announced a partnership with Orange Business Services, the business arm of European telecom
The two companies are working together to develop a virtual network function (VNF) that customers will be able to deploy on standardized virtual customer premise equipment (vCPE) at their sites.
VNFs are virtualized tasks that can run as software on generic telecommunications equipment – the vCPEs – instead of more expensive, proprietary hardware.
Implementing SD-WAN capabilities as VNFs, in fact, gives telecom service providers the flexibility to craft a range of custom and specialized network services for customers entirely in software, thus supporting an SDX approach.
Other SD-WAN vendors are also leveraging VNFs for a similar service provider channel-based business model. Mushroom Networks, for example, supports its telecom service provider channel by creating overlay tunnels as VNFs that combine and abstract different network technologies including MPLS, broadband, and 3G or 4G LTE mobile. These tunnels provide application-centric, packet-level load balancing.
The fact that such tunnels are VNFs gives service providers the ability to create complex, custom SD-WAN offerings for specialized purposes, like optimized Voice-over-IP (VoIP) or video over mobile networks. The latter offering, for example, allows end-customers to replace satellite video uplinks with far less expensive gear.
Also offering SD-WAN capabilities as VNFs is VeloCloud Networks. VeloCloud’s architecture consists of Gateways (deployed at data centers), Edges (at enterprise office locations), and Orchestrators, which provide the centralized management software.
The VeloCloud Edges in particular are zero-touch enterprise-class appliances that provide secure optimized connectivity to private, public, and hybrid applications, compute resources, and virtualized services – and they can host VNF services as well.
SD-WAN Nuts and Bolts: Paths, Packets, and Sessions
Basic SD-WAN functionality consists of routing messages over different network connections as per the relevant business or performance policies. VeloCloud, for example, offers such dynamic multipath optimization.
The state of the art today, however, is packet-by-packet routing. VeloCloud for one provides per-packet link steering based on the measured performance metric, intelligent application learning, the business priority of the application, and the cost of each link.
Silver Peak is also able to make load balancing decisions on a packet-by-packet basis. While other SD-WAN vendors prioritize traffic by type or by message, for example, to send video over the Internet but point-of-sale transactions over the private MPLS link, Silver Peak can break up individual messages and route them piecemeal for the best real-time performance.
Furthermore, this vendor offers error correction it bases on ‘erasure coding,’ which uses a checksum-based approach for reconstructing lost packets, similar to the way that RAID storage systems work.
The end result: virtually no lost packets, and overall real-time performance that can actually exceed the performance of each of the individual network connections, even when all of the network connections are simultaneously experiencing slowdowns or other issues.
In fact, Juniper Networks, another incumbent networking gear vendor who has long competed head-to-head with Cisco, is partnering with Silver Peak for the smaller vendor’s optimization capabilities.
On its own, Juniper offers a cloud-enabled branch solution, cobbled together from its NFX250 Network Services Platform, SRX Series Firewalls, vSRX Virtual Firewall, and Contrail Service Orchestration.
For its WAN optimization, however, it’s looking to Silver Peak. “Coupling the new Juniper Cloud-Enabled Branch solution with the feature set offered by the Silver Peak CPX virtual appliance for WAN Optimization, presents customers with choice and flexibility to deploy the most cost-effective WAN connectivity in order to optimize business application performance and empower branch users,” explains Fraser Street, Vice President of Technology alliances at Silver Peak.
Connecting SD-WAN to the Cloud
Cloud connectivity is a must-have for most SD-WAN customers, and is, in fact, one of the main reasons why SD-WAN has been such an explosive market over the last few years. In general, this requirement means that the SD-WAN vendor must partner with cloud providers to install technology in the cloud.
For example, Riverbed has recently added Microsoft Azure support to its existing Amazon AWS capabilities, allowing "single-click" creation of SD-WAN capabilities in the two leading public cloud environments. Combined with its other capabilities, SteelConnect automates secure connectivity between cloud vendors, between cloud regions, as well as between corporate branch locations and the cloud.
CloudGenix, in contrast, addresses the cloud connectivity challenge by centering its technology on application sessions instead of packets or paths. CloudGenix defines application-specific overlays and policies, including allowed paths and service projection, that are defined at the application layer.
The administrator simply selects applications of interest from the vendor’s application library, along with the desired business priority and allowable paths. The CloudGenix controller then builds the secure contexts within the application network.
In this way, the CloudGenix service projection technology enables customers to bind SD-WAN services to specific applications and application flows by policy and deliver them from any location, including data centers, regional hubs, or most notably from the cloud, with no incremental could-based branch footprint or pre-installed technology needed.
Aryaka has also taken a novel approach to providing cloud connectivity within the SD-WAN context. It has built a global private network to provide stable and fast connectivity for mission-critical applications – and it has built cloud connectivity into the network. This global network backbone, in fact, separates it from the pack.
This global network, in fact, has attracted the attention of telecom carriers like
As carriers continue their decades-long struggle to move up the food chain from ‘dumb pipes’ to value-added services, investing in SD-WAN solutions to mitigate the decline of the MPLS market is a logical step.
Furthermore, since Aryaka’s global network leverages carriers’ global telecommunications infrastructure, it could represent both a channel as well as a growth opportunity for global carriers.
“We believe that companies like Aryaka can benefit from the strong European market presence of our corporate sponsor Deutsche Telekom,” according to Young. “DTCP is looking for proven companies. Aryaka is one of the early trend-setters.”
The Path to Software-Defined Everything
SD-WAN is a rapidly growing market today in large part because enterprises need more flexible ways to connect their disparate physical locations to each other and to various cloud environments, both public and private.
Organizations may realize some of the most significant benefits of this trend by using SD-WAN solutions to rapidly add sites, change configurations and take advantage of non-traditional connections — bringing digital flexibility to a physical and organizational infrastructure.
From the business perspective, therefore, a network no longer consists of boxes, cables, and carrier-provided WAN connectivity. Instead, the network now connects people and the application resources they require – with central, flexible control and management of access and other security policies.
As they implement SD-WAN, therefore, enterprise organizations are finally beginning to realize the benefits of SDX. Decoupling the physical layer from the software layer is enabling organizations to achieve greater flexibility, scale, and speed — exactly what they need in the digital era.
Intellyx publishes the Agile Digital Transformation Roadmap poster, advises companies on their digital transformation initiatives, and helps vendors communicate their agility stories. As of the time of writing, Aryaka, CloudGenix, and Riverbed Technology are Intellyx customers. None of the other organizations mentioned in this article are Intellyx customers.
