SD-Wan: Defining a Software-Defined Wide Area Network

An SD-WAN uses software to both define and manage an area network. Once it's activated, this system should allow for high performance, low cost, and tight security. 

What Is an SD-WAN?

Your network of employees, clients, and users is vast. In fact, your system could pull in traffic from all across the country or even all across the world. How should you handle all of that work? And how can you keep every bit of data secure?

Enter an SD-WAN, or software-defined wide area network.

A wide-area network (WAN) helps to connect far-flung users to key assets within your servers. When that approach just isn't enough, companies reach for software to help. 

SD-WAN involves applying software-defined networking concepts to your WAN. You'll deploy devices that enforce the rules you've designed to push traffic to its destination safely and securely. 

A prepackaged SD-WAN solution might include routers and switches you already own, or you might use virtual equipment. Everything within the system runs on software that can handle security, networking functions, and management. 

You'll install this appliance on your network edge to serve branch offices, remote workers, and data centers. 

When IP packets hit your SD-WAN service, they're analyzed and classified per your rules. They're then forwarded along according to the configurations you've set.

What Makes an SD-WAN Different?

Plenty of systems help organizations like yours to handle traffic from outsiders and branches. But an SD-WAN is quite different from the solutions you’ve likely used in the past. 

SD-WAN vs. WAN

A WAN also helps manage traffic, but a traditional system is limited to enterprises, branches, and data centers. If you adopt any kind of cloud technology and your traffic jumps accordingly, you could overwhelm your delicate systems and encounter catastrophic failures. 

An SD-WAN is specifically designed to handle traffic moving into and out of the cloud. It can also be configured on the fly so new issues that stem from the cloud can be addressed almost immediately. 

SD-WAN vs. MLPS

Multi-protocol label switching (MLPS) uses predetermined routes to handle traffic. It delivers guaranteed performance, and it's ideal for time-sensitive data. But it's difficult to program. If something about your traffic changes, you'll need time to fix the problem. 

SD-WAN may never replace MLPS. Both serve unique functions. But an SD-WAN can help you manage issues that are constantly changing and hard to react to. 

SD-WAN vs. SDN

Software-defined networking (SDN) has its origins in 2008, and IT managers have used it ever since. If you've ever used programming language to help define communication paths, you've used SDN.

SD-WAN is a form of SDN. People who take on SD-WAN use computing principles to define infrastructure elements and control how they communicate and pass data to one another.

SD-WAN Security Issues 

Programming embedded within your SD-WAN should keep your system secure. But plenty of traps exist, and it pays to proceed carefully and cautiously. 

The traditional security systems you've been using may not have the flexibility, interconnectivity, or speed that your SD-WAN system requires. You must ensure that each packet of data passes through your security tools. Programming routes makes that possible. 

If your SD-WAN vendor offers security protections bundled into the product, ask about:

  • Components. Does it include a firewall? Is unified threat management available?
  • Features. Are secure local breakouts available? 
  • Integration. Does the package include a router and firewall? 
  • Analytics. Will you be able to view data moving through network ports inside the SD-WAN?

Make sure you understand what's involved in the product you purchase, and ask about what it covers and what it leaves behind. Some IT managers buy a product like this, and they believe they have full protection. In reality, parts of their servers are exposed, and they may never know it until something terrible happens. 

Benefits & Drawbacks of SD-WAN Environments 

Should you invest in a product to handle your traffic? Or are you fine with the solutions you already have in place? Understanding the risks and benefits of SD-WAN can help you make a smart decision.

Common benefits attributed to SD-WAN include:

  • Connectivity. An SD-WAN is made to keep people in touch with your servers, even if they're hundreds or thousands of miles away. 
  • Management. All branch networks are connected to one interface controlled from one dashboard. 
  • Security. Protect data within your servers as it moves into and out of the cloud. 
  • Performance. A typical WAN can struggle with cloud-based traffic. Bottlenecks are common, and they can frustrate your users. An SD-WAN can handle the traffic, even if you're working with multiple cloud environments
  • Reporting. Understand how well your system functions with a dashboard that includes insights and data visualizations. 

SD-WAN drawbacks involve complexity. Many vendors tell potential clients that their solutions involve little more than plugging and playing. In reality, it takes a great deal of expertise to set up a system and debug it for users. If your technical know-how is lacking, you may need a consultant's help.

Basic SD-WAN vs. Enterprise SD-WAN 

Plenty of enterprises use SD-WAN to handle cloud traffic. Researchers say that security concerns drive adoption of this new technology. 

SD-WAN for an enterprise isn't remarkably different from a product made for a single-site company. An enterprise likely has more traffic, and companies with more locations have more complex setups. But the basic technology is much the same. 

Benefits for enterprise organizations include:

  • Automation. Programming used for one location might apply to others. Some SD-WAN solutions allow for machine learning and automation, so setups are a bit easier. 
  • Microsegmentation. An SD-WAN product can create secure zones to isolate workloads and protect them. 
  • Reporting. One dashboard contains information for every asset within the enterprise. Companies using multiple products right now might be amazed at the quick reporting that stems from a unified product. 

SD-WAN products could be right for your enterprise. But you must ensure that everyone working on security throughout the organization understands what the solutions do and what they do not. Security gaps may remain, even after you've deployed SD-WAN properly. Make sure you're aware of the gaps.

The Future of SD-WAN 

Experts say the SD-WAN market is hot, and many companies are expected to join in during the next decade. A robust market means more companies may develop products, and that enhanced competition could be good for consumers hoping for a robust product at a low price.

But some companies may need a slightly different product. SD-Branch, which is a different take on SD-WAN, could be ideal for them. 

SD-Branch is defined as a single platform that supports SD-WAN services. All functions are managed in one location, leading to operational agility and fast deployments. 

If you're working on security solutions for companies with dozens or even hundreds of branches, you may have a similar number of hardware sets and employees. By centralizing the management, you could save your organization money. And you could give your users a better experience on your cloud platforms. 

Whether you use SD-WAN or SD-Branch, you'll be in good company. Plenty of businesses like yours will be implementing systems just like this to protect data and ensure quick connections.

Get Help From Okta

At Okta, we offer a suite of robust security solutions that are appropriate for companies both large and small. Many of our solutions will integrate with your SD-WAN solutions, and we make integration really easy. Contact us to find out more about how we can help.

References

What Is SD-WAN, and What Does It Mean for Networking, Security, Cloud? (October 2019). Network World. 

SD-WAN. MEF.

What Is MPLS: What You Need to Know About Multi-Protocol Label Switching. (March 2018). Network World. 

What Is SDN and Where Software-Defined Networking Is Going. (April 2019). Network World. 

SD-WAN Creates New Security Challenges. (February 2019). Network World. 

A Quick Guide to SD-WAN Security. (January 2020). Security Boulevard. 

The 5 Biggest Mistakes in SD-WAN Security. (August 2018). Network Computing. 

What to Look for in a SD-WAN Solution Designed for Multi-Cloud Environments. Network World. 

Be Prepared for SD-WAN Implementation Complexities. (October 2018). TechTarget. 

SD-WAN an Enterprise Favorite for Securing the Cloud. (June 2020). SDX Central. 

SD-Branch: What It Is and Why You'll Need It. (January 2018). Network World.