What is SD-WAN?

by Christopher Yates, Principal Content Strategist, AT&T

When a business expands from a single location to multiple locations, its connectivity needs evolve. Software-Defined Wide Area Networks (SD-WAN) can be a solution to help meet these needs. So, what is SD-WAN? A Software-Defined Wide Area Network is a software, cloud-based version of a wide area network (WAN). It elevates network traffic management away from hardware and on-premises to next generation software in the cloud for enhanced agility, control, and visibility.

Here’s a great example. A small business has three plants within a region. It needs a Wide Area Network (WAN), a computer network that spans a wide geographic area, for connectivity between headquarters and manufacturing plants.

For agility, the manufacturer switches to a Software-Defined Wide Area Network (SD-WAN). This approach elevates network traffic management away from on-premises hardware to software in the cloud. Now the manufacturer benefits from better performance, cost savings, and enhanced security.

How does SD-WAN work?

To understand how SD-WAN works, let’s start with the traditional WAN. In a traditional WAN, each device has its own control plane (the “brains” that teach the router how to forward data to other routers) and its own data plane (the “muscle” that actually forwards the data). Administrators must configure each device and its control plane separately.

SD-WAN operates by using software-defined networking (SDN) principles to manage and optimize WAN connections. SDN separates the control plane from the data plane. It consolidates multiple control planes into one centralized policy controller. With centralized control, administrators can easily configure multiple devices and implement network policies faster. They can write rules and policies to deploy across an entire network.

SD-WAN architecture

Traditional WANs typically use a hub-and-spoke architecture, with a data center at the hub and the spokes extending to branch offices. Cybersecurity tools are applied at the central hub, which means data traffic needs to be backhauled to the central hub for verification before moving to its destination. Backhauling wastes bandwidth, adds latency, and impairs application performance. SD-WAN can alleviate these problems by removing the backhauling and allowing traffic to take a more direct route (for example, branch to branch or branch to cloud).

SD-WAN can have a variety of different architectures: on-premises SD-WAN, cloud-enabled SD-WAN, and cloud-enabled with backbone SD-WAN. This flexible architecture brings a variety of advantages.

Key components and functions

Key components of SD-WAN infrastructure include multiple interlocking pieces that help create a more intelligent and efficient network management system. They include:

  • Centralized policy controller: The network’s administrative hub. Operators can use this single interface to view the network and set policies for the orchestrator to execute.
  • Service orchestrator: The network’s virtual manager. Oversees traffic flow, applies policies and protocols.
  • SD-WAN edge: Entry and exit points of the network where devices reside. They can be located at branch offices, data centers, or cloud platforms. Edges receive data packets from the transport network and determine how those data packets should be handled and routed.
  • SD-WAN gateway: Variant of an SD-WAN edge. Sits in a cloud environment and improves connectivity to cloud-based services.
  • Subscriber web portal or application programming interface (API): A dashboard for the centralized management and control of the SD-WAN. If you have a managed service SD-WAN, you’ll typically have a web portal. If you have a do-it-yourself implementation, you’ll typically use an API.

Why SD-WAN?

Why are more businesses expanding their use of SD-WAN? Businesses are faced with a surge in video, mobile data, and other data-intensive applications where traditional WAN applications may fall short. Also, businesses are increasingly adopting newer technologies such as the Internet of Things (IoT), artificial intelligence (AI), machine learning, and big data analytics. SD-WAN solutions are crucial for keeping up with today’s highly dynamic demands for bandwidth and connectivity.  

Benefits of SD-WAN

SD-WAN technologies come with fewer limitations than traditional WAN. Before SD-WAN, businesses operated their WANs manually and statically. SD-WAN creates more control for optimized performance like improved network performance, cost efficiency gains, and stronger security protocols.

Improved network performance and reliability

SD-WAN boosts network performance in several ways, including optimized bandwidth, intelligent traffic steering, enhanced application performance, and centralized management.

SD-WAN can dynamically select the best path for traffic. For example, it can help ensure high-quality audio and uninterrupted video streaming by prioritizing voice and video over less critical applications. SD-WAN eliminates backhauling and uses direct cloud connectivity, which reduces latency and improves application response time.

Finally, SD-WAN centralizes network management. This means that you get a comprehensive view of network performance that you can react to on the fly. Instead of looking for data for multiple applications at different sites, your network performance data is available in one place. This visibility into your network and applications through remote monitoring gives you more control.

Cost savings and efficiency

In the past, WANs used Multiprotocol Label Switching (MPLS) to provide the best performance and reliability for last mile connectivity. But MPLS is less budget-friendly to deploy at scale or for redundancies. SD-WAN leverages MPLS circuits with low-cost broadband connections. Less-critical traffic can traverse cheaper data transport technologies like broadband internet or 5G wireless.

Improved security and secure cloud access

SD-WAN decouples security from hardware. Instead, security is moved to the cloud, where administrators can apply pre-defined policies on all traffic. A central web-based console allows administrators to manage and monitor the network holistically and drill down to roll out security services such as web filtering and malware protection to individual locations, users, or traffic types. This greater visibility and control over network traffic makes it less likely that malicious intent is able to disrupt operations.

SD-WAN vs. traditional networking

When you compare SD-WAN to traditional networking, it’s easy to see advantages in terms of cost, flexibility, and improved performance.

SD-WAN vs. MPLS

Both SD-WAN and MPLS are technologies used for wide area networking. MPLS came first, debuting in the late 1990s, while SD-WAN arrived later, around 2014. MPLS routes traffic using labels instead of network addresses. MPLS networks are considered reliable and secure, but aren’t as cost-efficient. Also, MPLS backhauls traffic to a centralized security point such as a data center, which consumes bandwidth, adds latency, and can impact application performance.

SD-WAN has the major advantage of generally being cheaper than MPLS, since it uses broadband internet rather than dedicated circuits. SD-WAN can secure applications at the branch, data center, or in the cloud, so backhauling is not required. SD-WAN’s intelligent traffic routing reduces latency and improves performance. SD-WAN can scale up or down quickly compared to network infrastructure that relies on physical hardware.

SD-WAN vs. WAN

As noted above, SD-WAN elevates network traffic management away from on-premises hardware to software in the cloud. SD-WAN reduces costs by using internet connections rather than less budget-friendly dedicated lines. SD-WAN is easier to manage than traditional WAN networks, which leads to cost savings with maintenance and support.

Aside from cost savings, SD-WAN brings operational simplicity, improved performance, scalability, and enhanced security.

If your organization chooses SD-WAN, how do you secure the network edge? While SD-WAN has some security features, it typically needs third-party integrations for comprehensive protection. AT&T Business offers a variety of these edge solutions, including SD-WAN Cisco, Aruba SD-WAN, and Networks Functions Virtualization (NFV).

Integration of SD-WAN with IoT

Many organizations deploying Internet of Things (IoT) solutions rely on SD-WAN to handle the massive volumes of data created and consumed by these devices. SD-WAN is ideal for IoT deployments because it takes a software-based approach to network traffic management to deliver and scale network services and capacity in near-real time. This gives businesses a flexible, cost-effective network architecture that connects IoT devices.

Benefits of SD-WAN for IoT deployments

SD-WAN can improve IoT security, ease IoT deployment, centralize IoT network visibility and management, and improve scalability of IoT networks.

Improved connectivity and bandwidth use

SD-WAN uses multiple connection types to increase network bandwidth and improve traffic flows, which in turn ensures that IoT devices have efficient data transmission. SD-WAN also reduces latency for IoT devices by routing traffic through the cloud rather than a central data center.

Security of IoT devices with SD-WAN

IoT devices are targets for today’s malicious actors due to the volume of devices and the lack of robust security controls. It’s less practical to deploy anti-malware, anti-virus, data loss prevention, and other security clients on thousands of devices ranging from thermostats to manufacturing robots compared to network-based solutions.

SD-WAN solves the problem by moving security out of the data center to the network edge, delivering services through the cloud. Predefined security policies based on rules can be applied holistically through a highly secure web gateway across the network, and users can drill down to roll out security services such as web filtering and malware protection to individual locations, devices, users, or traffic types.

Managed SD-WAN

SD-WAN adoption is on the rise for good reason. Businesses of all sizes, however, can face challenges while deploying SD-WAN. Fortunately, you can jump these hurdles by choosing a managed SD-WAN solution. A fully managed SD-WAN vendor can install and manage edge devices, procure and manage access links from multiple network service providers, and manage the solution’s day-to-day network management aspects.

Whether you’ve already implemented SD-WAN or are thinking of doing so, it’s good to evaluate its role in your business. What business outcomes are you expecting with SD-WAN? Improved network performance? Cost savings? Enhanced security? A managed service provider can help you design a solution that will prioritize these needs.

Key questions before you get started

If you haven’t started your journey to SD-WAN, how do you know it’s right for you? Here are some questions to ask:

  • Could you benefit from separating your data traffic into higher-valued vs. lower-valued communications, so you can apply different priorities and security policies on each?
  • Are you planning to use cloud-based applications?
  • Do you foresee a spike in data volumes for your existing WAN over the next few years?
  • Would your network benefit from additional security measures?

If so, SD-WAN might be in your future. Businesses of all sizes can benefit from network flexibility, cost savings, improved security, network reliability, redundancy, and user productivity. All in all, you can look forward to improved network agility that prepares your business for the future.

Learn more about AT&T Managed SD-WAN solutions. To connect with an expert who knows business, contact your AT&T Business representative.

Why AT&T Business

See how ultra-fast, reliable fiber and 5G connectivity protected by built-in security give you a new level of confidence in the possibilities of your network. Let our experts work with you to solve your challenges and accelerate outcomes. Your business deserves the AT&T Business difference—a new standard for networking.