A wide area network provides a connection between a headquarters location and remote branch offices. With a software-defined WAN, a software overlay sits on top of the tunnel created between the headquarters and the branch. This simplifies the management, security and access between the two entities.
Typically, SD-WAN is a point-to-point architecture, meaning an edge device sits at each endpoint and has a direct connection with the other devices. This creates a hub-and-spoke architecture, with the headquarters as the central hub. While this design is straightforward, it also means any branch-to-branch communication or branch-to-cloud service needs to pass through headquarters first, which adds latency for both the branch and the headquarters.
With the growth of cloud services, a second type of SD-WAN architecture is emerging. This model is cloud-based and adds an SD-WAN gateway into the architecture.
A virtual SD-WAN gateway sits in a cloud environment outside the headquarters and handles all the SD-WAN traffic and control. Branch-to-branch communication happens in the cloud, not at headquarters, which eases the traffic on the headquarters' networks.
Who should use SD-WAN gateways?
Enterprises using a large number of cloud-based services -- such as Office 365, Salesforce or applications running on AWS -- can benefit from an SD-WAN gateway, as it reduces traffic and latency. An SD-WAN gateway can insulate cloud applications from interruptions during circuit flapping because the end users are connected to the gateway. This keeps the session active during the interference instead of the session connecting directly to the cloud service.
Enterprises with long-term SD-WAN strategies to build out a meshed WAN design for all their sites -- perhaps because they have plenty of site-to-site WAN traffic -- will likely prefer the SD-WAN gateway options over a standard, point-to-point SD-WAN. An SD-WAN gateway eliminates much of the hardware and management costs of a point-to-point architecture.
One of the few downsides of an SD-WAN gateway is some of the usual SD-WAN service-level capabilities might not be available in a gateway model. Some capabilities -- like application-based traffic forwarding, quality of service or security policy management -- may require an SD-WAN endpoint on each end of the tunnel. An SD-WAN gateway environment has no common endpoint at the gateway location to manage that tunnel connection.
Dig Deeper on SD-WAN
Related Q&A from John Fruehe
Organizations may combine SD-WAN and UCaaS to gain synergies and avoid multivendor complexities. But the combination of the two technologies can ... Continue Reading
Network automation certifications and training include vendor-specific commercial credentials, as well as open source options. Which career path is ... Continue Reading
Edge computing can reduce processing times and improve application performance, but the architecture has its issues. Here are eight challenges edge ... Continue Reading