SD-WAN aims to reduce costs and improve performance and availability for the enterprise WAN by creating virtual networks overlaid on a pool of connectivity. The goal of making your WAN software defined is to increase its agility, not an insignificant achievement given that the WAN is traditionally the network slowest to change.
There are three ways to make your WAN software defined: overlay an SD-WAN on existing connectivity; replace the existing WAN infrastructure with SD-WAN infrastructure; or get SD-WAN as a service from your WAN provider or Internet service provider. Each has its benefits and limitations.
Overlaying an SD-WAN on existing connectivity is most common -- and getting the most attention right now -- because it promises major improvements in connectivity costs and WAN management without requiring massive changes to what is already in place. The promise: You can add new connections using whatever medium is available, from whatever carrier you like, to get more bandwidth much more cheaply than with your existing MPLS provider.
The SD-WAN will aggregate the capacity and do clever things to take advantage of the new link(s) for both capacity and continuity of service, as well as improved performance. The main downside to overlay networking: Hiding a lot of lower-layer stuff from view doesn’t remove it, and it all still has to be maintained, managed and monitored to some extent (hopefully largely via the SD-WAN management tools). The branch stack gets one box deeper, and the data center network a tad more complex.
Replacing existing infrastructure seeks to address that major shortcoming of overlay networks. In replacement architectures, the SD-WAN appliances replace one or more of the other infrastructure boxes in branches and possibly in the data center. Typically, the SD-WAN box will replace the branch router, either by behaving like one (e.g., participating in BGP) or by eliminating the need for one. Some SD-WAN systems can replace other boxes as well, such as firewalls and optimizers.
The great benefit of using replacement systems to make a WAN software defined is that these systems truly simplify network infrastructures, in addition to presenting a simplified view of them to the network admins. The major drawbacks: The transition is more complex, and it is harder to back out of a replacement than an overlay should something go wrong. Luckily, most systems that support router replacement also support working in an overlay mode, so IT can get the high-level benefits of SD-WAN right away and ease into replacement mode over time.
As a service
In-network SD-WAN seeks to make a WAN software defined by using a carrier’s own infrastructure. In-network SD-WAN makes the carrier infrastructure flexible and dynamic, using virtual network functions (VNFs) -- virtual appliances that replace specialized hardware -- running on generic service nodes (replacing traditional CPE and provider-premises equipment), as well as deeper in the provider's core. New services can be spun up simply by pushing new VNFs to the appropriate service nodes, a process that can be automated and managed via a customer portal. Services can be anything, from routing to optimization to security. Holistic management can be provided via the portal.
The advantages are obvious -- shrinking the branch stack to one box, ultimately, and making the WAN be what you want instead of overlaying what you want on top of it. The disadvantage is also obvious: You get tied to one service provider and lose the leverage and security of spreading the commitment across many; the provider becomes a single point of failure. It is early days for in-net SD-WAN, but as network functions virtualization and software-defined networking spread rapidly through provider architectures in the next two years, offerings will become increasingly common. Interoperability standards may even emerge, to bring multi-carrier capacity to bear as well.
To make a WAN software defined -- delivering to it the agility of an SDN without having to do an overall SDN migration -- enterprises are embracing SD-WAN. Three approaches -- overlay, replacement and in-network -- and a still-expanding set of providers make it increasingly likely any enterprise that wants to can find the SD-WAN approach it needs.