A pervasive transformation factor for most businesses today has been the increased agility, flexibility and simplicity that cloud computing promises. Geographically distributed companies, in particular, have migrated more applications to multiple clouds in efforts to enhance customer experiences, improve efficiency and grow revenues.
With applications now residing, not exclusively in the data center, but across multiple clouds, new network performance and security demands are compelling enterprises to cut reliance on expensive Multiprotocol Label Switching (MPLS)-based WAN connectivity to branch offices.
Manyhave turned to software-defined WAN (SD-WAN) technologies, which provide branch-office connectivity in a more simplified and cost-effective manner. IDC estimates that the worldwide SD-WAN infrastructure and services market will see a 69.6% compound annual growth rate, hitting US$8.05 billion in 2021.
Augmented capacity, improved availability
“One use case of SD-WAN is to augment MPLS private network capacity by adding cheaper internet capacity and applying policies that route traffic through one link or another to meet bandwidth demands of cloud applications,” said Rolf Muralt, vice president of Product Management at Silver Peak (pictured right). This is where the Silver Peak Unity EdgeConnect SD-WAN solution provides the control, security and flexibility for enterprises to confidently connect users directly to the internet without requiring dedicated routers to be deployed and managed at every site.
And as consumption of cloud-hosted services grows, SD-WANs also minimize bandwidth wastage and performance degradation due to backhauling of internet-bound traffic from the branch to headquarters. “For a trusted SaaS or web application – Salesforce, Workday, Office 365, etc. – you could enable direct internet breakout for those applications from the branch office,” Muralt added. “It is really about improving the customer experience.”
Service-level policies can be set centrally for each application to keep the really important apps highly available. “We have customers, such as call centers, that had internet and MPLS, now using dual internet because they have found fewer dropped phone calls over two lower-cost internet links than they had over one premium MPLS link.”
To maintain application availability, the Silver Peak Unity EdgeConnect High Availability (HA) cluster approach configures two EdgeConnect devices or virtual machines for both WAN transport and hardware resiliency. “HA has existed with routers as well,” Muralt said. “But it used to be twice the cost and four times the complexity to configure it.”
Centralized orchestration, policy automation
Another business-critical SD-WAN use case is the need to deploy applications faster and get infrastructure of subsidiaries or merged entities to work together as quickly as possible. “The analogy we use is that of a VMware vCenter server administrator centrally deploying applications and managing hundreds of servers efficiently,” Muralt explained. “With SD-WAN, you get the same elastic agility of provisioning bandwidth when needed for the right set of applications from a central console.”
Unlike conventional router-centric WAN infrastructure that requires time-consuming device-by-device, CLI-based manual programming, the Unity Orchestrator empowers network administrators to centrally visualize and define secure zones, and segment users, applications and network overlays.
They can define and orchestrate granular security policies and push configurations to sites simply via an intuitive drag-and-drop GUI. Additionally, policy automation speeds up and simplifies the deployment of multiple branch offices while eliminating error-prone manual configurations.
Silver Peak also partners with cloud providers such as Amazon, Azure, Oracle Cloud and Google Cloud Platform so its EdgeConnect SD-WAN solution can be deployed in these multi-clouds more seamlessly. Customers can then move an application from one cloud to another because of the better connectivity across the clouds, Muralt said.
Security and interoperability
Still, in cloud-first enterprises, security remains a key concern. “MPLS was a closed, siloed network, like a castle,” said Muralt. “Now with multi-cloud, it has become more difficult to secure individual smaller castles with many firewalls.”
Again, this is addressed by centrally segmenting users, applications and WAN services into secure zones and automating application traffic steering across the LAN and WAN using encrypted IPSec tunnels. Traffic steering complies with predefined security policies, regulatory mandates and business intent. For example, utilizing First-packet iQ, network operators can identify, classify and direct known applications requiring further inspection to cloud security services and unknown traffic to next-generation firewalls located in corporate data centers.
Silver Peak has also addressed customers’ security concerns through its expanding security technology alliance ecosystem – whose members include Forcepoint, McAfee, Symantec, Check Point, Fortinet, OPAQ, Palo Alto Networks and Zscaler – that allows seamless service chaining to industry-leading cloud-based security services.
Strikingly, one crucial advantage of Silver Peak EdgeConnect is its interoperability with standard routing protocols that enable organizations to accomplish migration to SD-WAN at a pace that doesn’t put the business at risk. Instead, organizations can either replace routers completely, integrate with existing routers and appliances, or interoperate with legacy sites that do not have SD-WAN enabled.
When enterprises do eventually replace the router, along with other devices in a typical branch office – the firewall, WAN optimization box and switch – with a single Intel x86-driven device, deployments will be simpler and more rapid with zero-touch provisioning.
Anticipating 50% to 80% of router replacements to be driven by SD-WAN over the next two years, Silver Peak was boosted by a $90 million strategic investment from TCVin June 2018 that expedites its expansion plans and cements its leadership position in SD-WAN and cloud-first WAN edge solutions. This augurs well for further SD-WAN innovation and fulfilling of cloud computing’s potential to transform businesses digitally.
This is a QuestexAsia feature commissioned by Silver Peak.