SD-WAN (Software-Defined Wide Area Network) is about recognizing the importance of the entire forest that is your network. It is about ensuring that all of your sites enjoy the same level of performance, automation, load optimization, and security that your central operations office does. This is the pretext for SD-WAN. SD-WAN is about applying software defined technology to your WAN connections regardless of distance and complexity. The goal is to optimize the experience of all of your users, regardless of enterprise location. This blog outlines four of the leading SD-WAN solutions in the market today.
VMware NSX SD-WAN with VeloCloud
VMware CEO, Pat Gelsinger, compares the current vibe about their SD-WAN solution to that of the early days of virtualization when VMware changed how servers are managed and deployed with its ESXI virtual technology. He describes its VeloCloud product as, "the hottest element of the company’s product portfolio." Gelsinger added, “VeloCloud is quickly becoming a key element of VMware’s edge strategy.”
VeloCloud is incorporated into VMware’s NSX-SD-WAN. The premise behind the product is simple – bring the same level of agility and flexibility to branch offices in order to deploy, manage, and secure application traffic remotely using a transport independent architecture. VMware accomplishes by substituting rigid inflexible network hardware for the nimbleness and flexibility of software. By separating the control plane and data plane layers, intelligence is moved from the data plane to the programmable control plane, substituting labor intensive tasks with automated policies. Some of the specific abilities of VeloCloud include:
- Increase bandwidth economically by aggregating WAN circuits of any type, while at the same time, providing faster application response
- Deploy a branch in minutes with NSX SD-WAN Edge activation from the cloud
- Enable direct cloud access for all users
- Provide standard based encryption to secure connectivity over any type of transport
- Compact multiple virtualized network functions to eliminate single-function appliances and reduce branch IT complexity.
With VeloCloud, VMware is developing a framework that extends its hybrid and multi-cloud environments to the edge for both applications and IoT devices alike. The result is a branch architecture that is agile, automated, and secure.
Cisco Viptela
Cisco has been a leader in WAN infrastructure technology for decades and their SD-WAN product is one of the most widely deployed enterprise solutions of its kind. With Cisco SD-WAN, the company sets out to ensure that every organization can become an “always connected workplace” whether work takes place at corporate headquarters, or district offices thousands of miles away. With deployment cycles growing every shorter and growing branch complexity throughout the network enterprise, Cisco identified the need to create to create a carrier agnostic overlay for any WAN, centralized management and increased visibility and versatility. Formerly Viptela, Cisco acquired this leading software defined technology to serve as a natural extension of their dominant product line. By software defining their branch network gateways, companies can reduce their WAN costs as much as 50%.
There are three main facets to Cisco’s software defined WAN solutions.
- Segmentation – Cisco SD-WAN takes the concept of the traditional VLAN even further to provide end-to-end segmentation that is policy driven in order to ensure that WAN traffic is protected.
- Zero-touch provisioning – Cisco SD-WAN gives central IT the ability to perform centralized control deployments and upgrades in order to scale out deployments fast enough to react to changing dynamics.
- Cloud Integration – If everyone is turning to the cloud for its many benefits, then it only makes sense to bring the power of the cloud to the WAN as well. Cisco SD-WAN is cloud based and integrates a cloud first philosophy directly into your WAN infrastructure that simplifies security and improves application performance.
Fortinet and SD-WAN
According to Gartner, 90 percent of SD-WAN vendors are not traditional security vendors and thus there are serious gaps within many of their solutions. Fortinet now integrates their Next Generation Firewall solutions with SD-WAN capabilities. The result is increased scalability, greater flexibility, improved simplicity, and cost savings. All of this without any compromise to security.
FortiGate SD-WAN erases geographic boundaries, forming a mess like network that connects network and security paths to all of your locations across the world using multiple types of connectivity links that create a borderless infrastructure. It also does away with the need for multiple network devices residing at each branch gateway as all security, routing and management functions are conducted within a single appliance.
When it comes to security, Fortinet offers the full gamut of tools including application control, web filtering, antivirus, intrusion detection and advanced threat detection. Perhaps this is why Fortinet is the only vendor with security capabilities to receive the SD-WAN recommended rating in the First NSS Labs Software-Defined WAN Test Report. Because cost savings is a primary motivation for companies to explore SD-WAN opportunities, FortiGate SD-WAN shows that you can have your cake and eat it too.
Aruba Branch
Aruba is the same company that improved the visibility, security, and management capabilities of your wireless network and now wants to apply those same standards of visibility, control, simplicity, and security to the WAN. In the same way that their enterprise wireless platform solutions can control and react to your highly dynamic wireless environments, Aruba’s SD-WAN solution uses contextual data and awareness to dynamically route traffic across the WAN based on user, device, or group affiliation. Whether it is data, video, voice, or IoT, Aruba can protect and optimize all of your traffic patterns, LAN and WAN alike. Traffic segmentation, isolation and path selection are enforced for not just the last mile of connectivity, but the entire route from device to WAN exit point.
Like the previous vendors, Aruba’s solution is centered around software defined architecture that combines multiple virtual network functions into their SD-Branch appliance. Aruba’s branch gateway appliance connects to all WAN uplinks and provides an SD-WAN overlay fabric that makes application management and deployment a snap. Gateway functions include stateful firewall capabilities, IPsec encryption, VPN, QoS and WAN path monitoring. SD-Branch integrates with Aruba Central that provides single pane of glass visibility and manageability for all of your locations. But integration isn’t just about Aruba. The company’s security partner program has more than 140 technology partners, all of whom provide added functionality and innovation to an already powerful and proven platform.
Conclusion
Every mile of connectivity for your application traffic is important. The last mile is no less important than the first. Each of these vendors have proven solutions to optimize and secure the total connectivity arteries of your WAN. Each of these solutions brings agility and security to any WAN environment, making your WAN, a fully controlled and optimal environment. Talking to a trusted technology partner like WEI can help you see which SD-WAN strategy would be the best fit for your organization.
Next Steps: Sign up for a wireless network assessment that covers RF coverage maps, RF analysis, capacity plans, channel plans, access point installation recommendations, and more!
