alex_aldo - Fotolia

SD-WAN explained in 15 key terms and phrases

This SD-WAN glossary delves into the various capabilities, technologies and components that encompass SD-WAN, explained with 15 concise definitions.

One way to understand software-defined WAN is to split the phrase in two: software-defined and WAN. This technology takes software-defined concepts and builds these capabilities into an organization's existing WAN infrastructure.

The reassembled phrase software-defined WAN explains a major shift toward virtualized capabilities in the networking industry. SD-WAN can help organizations efficiently route traffic among branch offices, data centers and other crucial locations on a network, and remote employees can securely access business-critical applications on the network. Organizations may consider SD-WAN adoption to improve application performance and simplify network management and operations.

SD-WAN has various moving parts that encompass and define the technology. The following glossary explains 15 key terms and technologies that make up SD-WAN, exploring the roles they play in SD-WAN architecture. From bandwidth and remote offices to the ongoing battle of SD-WAN vs. VPN, this glossary builds a cornerstone of SD-WAN expertise.

Dive into the world of SD-WAN, explained through the terms and phrases that encompass the technology.

SD-WAN explained: A glossary of terms

Bandwidth. Bandwidth is a network link's capacity to transmit the maximum amount of data per second between points on a network. SD-WAN can use multiple bandwidth connections and assign traffic to specific links, which gives users more potential capacity and control. So, if one link has issues, SD-WAN can route the network traffic over another available link before the user notices the issue.

Controller. The term controller describes a hardware or software client that controls data flows between two points. IT teams use a centralized controller to manage an organization's SD-WAN deployments at its headquarters and branch locations. The controller enforces routing and security policies and monitors the virtual overlay, software updates, and reporting and alerts.

Hybrid wide area network. Despite similarities between the two, hybrid WAN and SD-WAN are not the same. A hybrid WAN routes traffic over multiple links and connection types, and it can connect various WANs located in separate geographic areas. However, it doesn't rely on software-defined capabilities or a centralized controller. A hybrid WAN can have SD-WAN components and capabilities, but a hybrid WAN does not require those capabilities.

This chart details common configurations of SD-WAN explained in relation to common WAN designs.

Internet Protocol Security. IPsec is a security service architecture and framework meant to protect traffic on IP networks, with security and protocols at the IP layer. Many SD-WAN services support IPsec tunnel configurations to bolster security and authenticate network traffic.

Last-mile technology. The term last mile refers to infrastructure technology at a neighborhood level that transports telecommunication signals along short distances between service providers and networked locations. SD-WAN can enhance existing last-mile connections as it can enable organizations to use more than one transport link and make use of multiple available links simultaneously.

Multiprotocol Label Switching. MPLS is a routing technique that speeds up data traffic flows and simplifies network management processes. MPLS labels packets based on priority, provides packets with a specific path to follow based on priority order and moves those packets at Layer 2 rather than Layer 3.

While experts have pit MPLS and SD-WAN against each other due to their similarities as WAN transmission technologies, MPLS and SD-WAN can work well together. For example, SD-WAN supports MPLS connectivity as an underlying transport option and can designate mission-critical traffic to travel over that connection.

Overlay network. Overlay telecommunication networks are networks built or constructed over another network. The other -- underlying -- network infrastructure supports the overlay network. SD-WAN creates a transport-agnostic virtual overlay over an organization's existing WAN connections to centralize network management and control.

Remote office/branch office. ROBOs are business sites located in different geographic areas than an organization's headquarters. SD-WAN can benefit ROBOs as IT teams can use SD-WAN to remotely program resources -- such as edge devices -- as well as reduce the need for manual router configurations at ROBOs.

Software-defined networking. SDN is a network management architecture that uses a centralized controller to manage data center traffic and increase network agility, efficiency and flexibility. SD-WAN uses SDN concepts -- such as the virtual overlay, connectivity link abstraction and centralized controllers for traffic -- and SDN led to SD-WAN's emergence and popularity.

Traffic shaping. The process of traffic shaping aims to regulate a network's data transfers and separate high-priority traffic from less crucial traffic. The goal of traffic shaping is for a network to maintain and control a consistent, ideal performance level and quality of service. Traffic shaping is one of SD-WAN's key benefits.

Virtual network functions. VNFs are network functions that have traditionally run on proprietary hardware appliances that now run as software on commodity hardware. The functions can include firewalls and caching tasks. Organizations might use VNFs to reduce the number of physical appliances and to increase interoperability and flexibility. Many SD-WAN vendors offer VNF capabilities in their SD-WAN platforms so customers can add third-party functions.

Virtual private network. VPN software encrypts traffic and network connections to provide network access solely to authorized users. VPNs enable remote employees to safely access an organization's resources and applications as if the employees were in the headquarters with direct network access. SD-WAN uses VPN technology, but SD-WAN is more of a consolidated platform for WAN capabilities, while VPNs secure and encrypt connections between endpoints.

Wide area network. A WAN connects geographically separated headquarters, branch offices and other related facilities -- or various LANs -- through wired or wireless connections. All WAN users can access an organization's services, resources and applications. As the name suggests, SD-WAN uses SDN capabilities to route traffic across WANs.

Wide area network optimization. WAN optimization -- or WAN acceleration -- technology accelerates user access to business-critical applications and resources on a WAN. Some WAN optimization techniques include traffic shaping, forward error correction, caching, compression and data deduplication. Most SD-WAN services offer integrated WAN optimization capabilities.

Zero-touch provisioning. Zero-touch provisioning is an automated feature for device provisioning and configurations. This type of plug-and-play provisioning enables IT teams to directly install hardware into network environments and quickly set up the accompanying configurations and policies. Many SD-WAN vendors tout zero-touch provisioning capabilities.

Next Steps

Are compact SD-WAN devices realistic compared to VPNs?

Dive further into SD-WAN's technical side

Compare SDN and SD-WAN protocols

Dig Deeper on SD-WAN

Unified Communications
Mobile Computing
Data Center