SD-WAN - A Cloud-focused WAN routing technique
| Author |
Date |
Revision |
| Samuel Knoppe |
04/23/2024 | 1.0 |
| Related product (if any): |
N/A |
| Description: | Describes SD-WAN and what it's used for. |
| Notes: |
Knowledge of dynamic routing protocols, MPLS and WAN concepts, and the OSI Model will prove useful. |
| Files Needed: |
N/A |
| Information: |
What is SD-WAN? Software-Defined Wide Area Networking (SD-WAN) architecture uses a centralized control function to steer traffic securely and intelligently across the WAN and directly to trusted SaaS and IaaS providers. This provides a more seamless experience and reduces costs for maintaining a more traditional WAN infrastructure, but the primary benefit is the enabled use of SaaS and IaaS services across the WAN. This is something like a traditional MPLS infrastructure cannot do natively with causing extra configuration and overhead.
Traditional WANs based on conventional routers weren't designed with the cloud in mind, and typically backhauled all traffic, including cloud-destined traffic, from branch offices to a hub or data center where advanced security inspection services can be applied. This delay caused by backhaul impairs application performance, resulting in poor user experience.
The SD-WAN model seeks to designed an architecture which fully supports applications hosted in on-premises data centers, public or private clouds, and SaaS services like Microsoft 365, Workday, Dropbox, and more. It supports these by providing the highest levels of performance.
How does SD-WAN work? Traditional conventional router-centric models for WAN distributes control functions across all devices in the network and simply routes traffic based on TCP/IP addresses and ACLs. This traditional model is rigid, complex, inefficient, and not cloud-friendly resulting in a suboptimal user experience.
SD-WAN is intended to deliver a superior application quality of experience (QoEx) for users. By identifying applications, an SD-WAN provides intelligent application-aware routing across the WAN. Each class of applications receives the appropriate QoS and security policy enforcement, all in accordance with business needs. Secure local internet breakout of IaaS and SaaS application traffic from the branch provides the highest levels of cloud performance while protecting the enterprise from threats.
The networking-specifics of SD-WAN and its functionality are beyond the scope of this surface-level document, but it utilizes tunnels and routing protocols across various mediums in order to securely deliver traffic to the endpoints from the cloud. The rollout and deployment of this architecture is handled through the cloud WAN configuration page.
SD-WAN vs. MPLS
SD-WAN vs. VPNs
SD-WAN vs. SASE
The Control Plane and the Data Plane
SD-WAN's decentralized control plane
Cisco DNA Center and SD-Access
|
