ra2 studio - Fotolia


SD-WAN requirements for a multi-cloud world

With the emergence of a multi-cloud world, SD-WAN vendors must upgrade their platforms to ensure secure and reliable SD-WAN connectivity to cloud services.

For many IT organizations, software-defined WAN has become the primary on-ramp for branch and edge communications to cloud environments. These organizations have also begun to adopt multi-cloud architectures, where applications run on the best platform, regardless of location.

In response, SD-WAN providers aim to rapidly innovate their platforms to enable secure, reliable and high-quality SD-WAN connectivity to leading IaaS cloud platforms. As IaaS cloud providers extend their networks toward the edge -- and their customers -- SD-WAN requirements call for providers to use new means of traffic acceleration to and from cloud environments. New integration opportunities for SD-WAN providers include Microsoft Azure Virtual WAN and AWS Transit Gateway.

For customers, the key is to buy technology that examines all possible paths and then chooses the best transport option for the best performance directly from the branch office. This can enable consistent, high-speed on-ramps from the branch or edge to an IaaS cloud environment anywhere in the world.

Multi-cloud requirements

Multi-cloud is typically defined as the use of two or more IaaS platforms, such as AWS, Microsoft Azure, Oracle Cloud Platform and Google Cloud Platform. Most organizations now use an assortment of on-premises -- data center -- and cloud-based resources to enable agile IT operations. According to a survey by RightScale -- now part of Flexera -- about 84% of enterprises have a multi-cloud strategy.

As a result, those IT organizations manage a range of private cloud, public cloud and SaaS platforms to provide developers with the flexibility to run applications on the most appropriate platform, regardless of location, and with excellent quality of experience for users.

SD-WAN requirements for multi-cloud

Distributed organizations primarily use SD-WAN platforms to increase bandwidth, improve security and provide application prioritization to the network edge. IT teams may internally deploy SD-WAN with the help of channel partners or as a managed service. SD-WAN providers aim to continually improve their platforms' functionality with traffic identification and routing, increased network security and better centralized management. Below are some key SD-WAN capabilities needed to support multi-cloud connectivity.

To support multi-cloud environments, SD-WAN requirements expand beyond traditional hybrid WAN connectivity to enable application delivery where and when the end user needs it.

Application delivery. To support multi-cloud environments, SD-WAN requirements expand beyond traditional hybrid WAN connectivity to enable application delivery where and when the end user needs it. SD-WAN requirements include seamless connectivity from users to private cloud, IaaS and SaaS platforms based on defined business policies, with proactive traffic steering and prioritization.

Reliability and quality of experience. As many cloud applications are business-critical, SD-WAN platforms must provide high reliability and user quality of experience, like low latency, with appropriate security and compliance policies.

Security and visibility. Improved security and contextual awareness in the platform and through partners are essential to offset the inherent dangers of internet, cloud and IoT vulnerabilities. SD-WAN platforms need visibility into traffic sources and destinations to whitelist and quarantine traffic flows. SD-WAN technology must offer enforcement choices to IT and security administrators through the data center or at the edge.

Microsegmentation. For customers in multi-cloud environments, security requires platforms with microsegmentation capabilities to isolate certain traffic flows, applications and network segments. Also, IoT traffic's low-latency requirements need a platform to identify, secure and route traffic to appropriate resources. Many SD-WAN providers can identify and prioritize real-time traffic.

Connectivity. Connectivity to multiple IaaS platforms often entails lengthy manual processes to enable appropriate routing tables and complex tools to troubleshoot traffic slowdowns. Some SD-WAN technology providers offer automated connectivity to leading IaaS cloud environments and tools to rapidly identify and remediate application performance degradation.

Partnerships. SD-WAN suppliers also aim to rapidly improve how they handle customer expectations in a multi-cloud world. Suppliers partner with the leading IaaS providers -- Amazon and Microsoft -- and most have plans to include Google as well.

rise of multi-cloud
If an organization adopts a multi-cloud strategy, its SD-WAN requirements for connectivity and traffic will likely shift.

Architecture options for multi-cloud, SD-WAN requirements

Most organizations now employ a direct-to-internet network architecture, which sends branch traffic directly to cloud environments to improve user quality of experience. SD-WAN suppliers employ several different technologies to accelerate and secure multi-cloud communications depending on which cloud platform is in use. As a result, SD-WAN technology is at the forefront of traffic decisions that determine which traffic a specific cloud-based platform sends or receives.

Most SD-WAN platforms offer traffic encryption and IPsec VPNs to help secure internet-bound traffic. SD-WAN providers can also partner with cloud-based security vendors, like Zscaler, to use their specialized traffic analysis capabilities.

Many SD-WAN providers work with leading IaaS suppliers to ensure streamlined application access on those platforms. Some suppliers enable their customers to spin up a virtual SD-WAN instance within an IaaS cloud or at a service provider point of presence (PoP) -- like Equinix, for example.

Supplier examples of SD-WAN connectivity to multi-cloud

All leading SD-WAN suppliers offer integration and traffic acceleration with the primary IaaS cloud providers. Some of these SD-WAN suppliers include the following:

  • Aryaka Networks. Aryaka SmartCloud is a managed multinetworking service for IaaS cloud environments, such as Microsoft Azure.
  • Aviatrix. AVX Orchestrator offers a simple workflow for organizations to deploy a complete AWS Transit Gateway, all Virtual Private Cloud attachments and Direct Connect across one or multiple regions.
  • CloudGenix. CloudGenix CloudBlades on an Equinix platform can route traffic to the closest Equinix PoP and then to a specific IaaS cloud.
  • Riverbed. Riverbed SteelConnect offers one-click VPN connections to both AWS and Microsoft Azure cloud platforms.
  • Oracle. Oracle Cloud Connect offers multilink visibility and bidirectional quality of service (QoS) for cloud and SaaS-based application access.

SD-WAN upgrades for multi-cloud

SD-WAN suppliers are rapidly moving to improve their multi-cloud capabilities through partnerships with leading IaaS providers, improved security with internal upgrades and partnerships, and traffic pattern identification of leading SaaS applications.

IT teams need the same capabilities to control and secure data in IaaS clouds that exist in private data centers. As SD-WAN requirements and technology advance, those capabilities include enhancements to how an IT team controls, automates and changes a public cloud environment's QoS. This dynamic traffic control means IT teams can shift workloads based on the time of day or pricing signals.

Microsoft and AWS -- with Microsoft Azure Virtual WAN and AWS Regions and Outposts -- have started to build out their cloud networks to enable faster IaaS-based application access for their customers. As cloud providers distribute the edge of their networks closer to customers, SD-WAN providers must integrate their offerings with new IaaS PoPs to accelerate application delivery.

Next Steps

3 important SD-WAN security considerations and features

Compare the leading SD-WAN vendors before you buy

Dig Deeper on SD-WAN

Unified Communications
Mobile Computing
Data Center