Innovating networking with SD-WAN

Over recent years, cultural shifts have pushed at the restraints of existing technologies in the networking ecosystem and inspired a rush of innovation.

For example, the increase of remote working, IoT usage and digital transformation for many enterprises has put new kinds of pressure on software defined wide area networking (SD-WAN). How can organisations ensure they are adapting their infrastructure to cater for this shift?

SD-WAN is a crucial lever to connect, manage and optimise distributed enterprise networks and the hybrid workforce over Multiprotocol Label Switching (MPLS), broadband, and wireless cellular. It’s a cloud-first solution that can reduce the use of traditional MPLS, which has struggled to keep pace with the growing demands of the modern office.

A brief history of SD-WAN

Until the early 2000s, MPLS were highly useful at a time when organisations had a number of branches that all required access to applications in data centres, often held at HQ. With the rising adoption of software-as-a-service applications (SaaS) and complex, digitally dependent business communication, there was a strain on resources and demand for higher WAN bandwidth. MPLS takes a long time to set up and the bandwidth is expensive, stacking up costs for businesses and not providing much visibility or control at application level.

In response to this costly strain, SD-WAN became an innovative solution to ease the pressure on companies. SD-WAN can take advantage of multiple connectivity options building a secure, optimised carrier independent and transport agnostic overlay including efficient use of low cost internet links. The solution supports thousands of applications, allowing IT teams to manually configure traffic, ensuring that the most important cloud apps take priority, at a fraction of the cost.

SD-WAN was a revolutionary step forward for enterprises. It allowed IT teams to remotely replicate and manage site policies to new devices via the centralised SD-WAN orchestrator. Here, updates are made at a software level with automatic real-time configurations that reduce the risk of human error in comparison to manual MPLS programming. For example, with greater visibility and control at application level, IT Administrators could now create a policy that Microsoft Teams conference calls were a higher priority traffic than WhatsApp calls, enabling busy company networks to run more smoothly than ever before.

The limitations of SD-WAN

For a period of time, SD-WAN was largely successful at providing networking consistency for companies, ensuring that performance and security was maintained for all users. However, given the proliferation of applications, IoT devices, and the added networking and security pressure of remote employees over the past few years, this solution has been unsustainable. Traditional SD-WAN detects only a few thousand applications and each requires manually configured priorities. This is unsustainable now organisations need to secure and optimise tens of thousands of apps and any number of remote access users and devices.

The next evolution of SD-WAN must therefore be context aware. Organisations have suffered in the past because they have treated zero trust architecture and network optimisation as clunky add-ons to connectivity. An ideal hybrid office environment should seamlessly integrate zero trust security and optimisation as part of connectivity architecture.

Context goes a long way

Taking a look at the future, network connectivity will only get more complex, and the number of applications and devices will continue to explode. Every remote user, every branch office, every IoT asset and multi-cloud environment requires zero trust security and high performance communication, so organisations must adapt and this requires further SD-WAN innovation.

One solution that I have had a hand in developing is using automation to assess application risk, simplifying processes for IT architects. By assigning each application a confidence score, the enterprise readiness of a single application can be automatically defined and treated accordingly, removing the need for IT teams (in charge of tens of thousands of applications) to individually assess each application’s priority. With this automated solution, Zoom would be given a higher confidence score because it is important for business functioning, and it will be automatically awarded a high priority score in a company’s SD-WAN policy. By contrast, WhatsApp is given a low confidence score and is therefore marked as low priority against tools more important for businesses.

Consider a further solution for assessing device risk. Given the sheer volume of enterprise IoT devices today, IT teams need greater visibility and granular control than traditional SD-WAN segmentation methods. Here, fine-grained AI and machine learning techniques are the solution that can provide IoT visibility and dynamic segmentation. Take a camera installed inside a corporate network as an example. Whilst usually low risk, machine learning could pick up when it is sending anomalous traffic and respond quickly to quarantine the activity, segment it from the network, and apply the appropriate policy automatically.

Let’s consider this in practice. Picture a large insurance company with agents working remotely across the UK, all requiring the benefits of SD-WAN in their home. To achieve this, the company would need to ship physical SD-WAN appliances to them, and maintain multiple product points including VPN Clients, SD-WAN appliances and SSE. These are all separate technologies forced to work together by IT operations, and it takes a lot of resources to manage for zero trust access, security and application performance. Instead, the insurance company could run a single SASE agent on the employee’s laptop that delivers integrated endpoint SD-WAN and intelligent SSE, allowing for consistent policy with security and high performance connectivity for users wherever they chose to access company networks.

SD-WAN has been pivotal for connecting and optimising modern enterprise networks that are continuing to grow and innovate with demands of the hybrid workforce. Context awareness is the huge leap forward that will keep organisations functioning at optimal capacity for many years to come.

Related Articles

Top Stories