SD-WAN Technical Analysis
https://www.cnblogs.com/allcloud/p/6049843.html
1 Overview
The continuous improvement of broadband access and the capacity of the Internet backbone network has prompted the transformation of enterprise WAN technology. On the basis of the existing private line, SD-WAN provides a low-cost and fast solution, which is being sought after by the industry. This article introduces the evolution of enterprise WAN technology, SD-WAN application scenarios and solutions, SD-WAN status quo and challenges.
2. Evolution of Enterprise WAN Technology
Traditional enterprise applications, including E-mail, file sharing, Web applications, etc., are deployed in a centralized manner. Usually, enterprises deploy a data center at the headquarters, and lease operators' dedicated lines (including SDH, OTN, Ethernet, MPLS, etc.) Branches are connected to the data center (as shown in Figure 1). Operators promise SLAs for private line services, including bandwidth, delay, jitter, and packet loss rate, to meet the needs of enterprises deploying various applications (such as storage services, unified communication systems, etc.) in each branch. The availability of traditional private line networks is relatively poor, and fibers/circuits need to be deployed separately, which takes a long time; when the private line spans multiple networks/operators, the service provisioning cycle is longer; in addition, the private line is expensive, and services cannot be flexibly ordered, usually A relatively long contract period is required (also because the service activation cost is relatively high). In order to maximize the utilization of private lines, various WAN optimization and application acceleration technologies have emerged, including QoS flow control, TCP protocol optimization, protocol proxy, data caching technology, data compression technology, etc.
Figure 1 Traditional enterprise WAN network
With the popularization of Ethernet technology, operators provide Ethernet services, and can provide E-Line, E-Tree and E-LAN services, and the ordering of bandwidth is relatively flexible. Operators currently introduce SDN technology and deploy SDN controllers and coordinators in the WAN network, and the efficiency of private line service provisioning will also be significantly improved (as shown in Figure 2). The high reliability of the leased line depends on the operator's private network, or the operator allocates exclusive network resources for the leased line, and the cost of the leased line is still very high.
Figure 2 Carrier SDN-WAN network
Internet capacity continues to grow, corporate branch offices and headquarters are connected via the Internet, and it is gradually feasible, and Internet rental fees are affordable. The cost of renting an Internet link (xPON, xDSL, Ethernet, etc.) for an enterprise is usually 1/3 to 1/2 of the cost of an MPLS connection. Moreover, the service provisioning cycle is short and the lease is flexible. On the basis of traditional private lines, the enterprise connects the headquarters and branches through the Internet (as shown in Figure 3). This scenario, commonly referred to as Hybrid-WAN, requires the ability to dynamically distribute services to multiple paths between headquarters and branch offices based on the real-time status of the network. The original Hybrid-WAN solution, deploying complex CPE equipment at branch offices, usually integrating various network value-added services on routers, including WAN optimization, security (firewall, VPN), x86 hardware platform (expanding new network value-added services) service) etc. The configuration management of such traditional routers is complex and requires professional maintenance.
Figure 3 Hybrid WAN Network (Hybrid-WAN)
With the introduction of mobile office and cloud computing, the deployment of enterprise applications has undergone tremendous changes. In particular, various public cloud services, including Office 365, Salesforce, Skype (for Business), Box, Off Premise Storage, etc., have brought about a huge change in the traffic of the enterprise network - the access to the public cloud by enterprise branches is increasing. (As shown in Figure 4). Public clouds are usually deployed in a few data centers and accessed through the Internet. The network quality cannot be guaranteed, and the experience of some services may be limited.
Figure 4 Enterprise applications based on public cloud (/private cloud)
The SDN concept is gradually fermented in the ICT field and introduced into the enterprise WAN market, prompting the derivation of SD-WAN.
3. SD-WAN application scenarios and solution analysis
SD-WAN inherits the concepts of SDN control and forwarding separation and centralized control, deploys a software control system in the enterprise WAN, provides functions such as rapid business deployment and business intelligent management, and helps enterprises cope with the challenges brought by cloud services and office mobility. Typical SD-WAN application scenarios can be divided into three categories: Hybrid-WAN scenarios, public cloud access scenarios, and BYOD scenarios.
3.1. Hybrid- WAN scenario
In the traditional Hybrid-WAN solution, a centralized controller is introduced. As shown in Figure 5:
Figure 5 Hybrid-WAN scenario
This SD-WAN basic scenario application provides basic control and forwarding separation functions. By introducing the SD-WAN controller, the centralized management and automatic configuration of branch CPE equipment, including the configuration management of various Internet access and private line access, are completed. SD-WAN can provide visualization of enterprise WAN networks and applications, provide intelligent routing functions, and intelligently schedule data streams of various applications to various WAN links based on the real-time status of the WAN network, ensuring delay-jitter-sensitive applications ( voice, etc.) quality of service. SD-WAN controllers can be flexibly deployed on the enterprise side or in the cloud.
In the initial Hybrid-WAN scenario deployment, existing CPE equipment can be left unchanged. However, when enterprises deploy multi-vendor CPE equipment, SD-WAN controllers are required to provide relatively flexible southbound interfaces.
The functions of newly deployed CPE equipment are relatively simple, and complex functions can be deployed in the cloud. The CPE device has a plug-and-play feature—it can automatically connect to the SD-WAN controller after power-on, and complete the basic configuration. The CPE can provide real-time monitoring functions of various WAN link network statuses, or it can be implemented by deploying a probe (Probe) separately.
Network value-added services are deployed in the cloud and can be flexibly provided according to the needs of enterprise users. As shown in Figure 6, operators (/third-party service providers) usually connect branch offices to their (edge) cloud nodes, and provide various value-added services inside the cloud nodes.
Figure 6 Cloud deployment of network value-added services
3.2. Public cloud access scenario The
operator optimizes public cloud services, identifies public cloud data at the enterprise branch (or headquarters), carries it through the operator's private network, and accesses the data center closest to the public cloud. As shown in Figure 7:
Figure 7 Public cloud access scenario
In this scenario, operators can establish a private network to access various public cloud resources. The CPE device (or the operator's edge cloud node) at the enterprise branch (/headquarters) can identify the public cloud service and send the service flow to the operator's nearest public cloud access (/exchange) node.
3.3. Mobile Office Scenario
Enterprise employees can access enterprise applications from any location, including private clouds and public clouds deployed by the enterprise. Operators can provide secure access services to connect employees to the nearest service point. As shown in Figure 8:
Figure 8 Mobile office scene
Mobile office, especially the widespread deployment of BYOD, makes enterprise networks face more serious security threats. The SD-WAN centralized control system can push security policies to each branch. At the same time, it can deploy a variety of security protection functions, and can be combined with SDP (Software Defined Perimeter) technology. For user Internet access scenarios, operators/third-party service providers can provide secure access services such as IP Sec and SSL.
4. SD-WAN status and challenges
According to IDC's forecast, compared to traditional enterprise WAN solutions, SD-WAN can save at least 20% of the cost, and the SD-WAN market size will exceed US$6 billion in 2020. In the technology curve released by Gartner at the end of July 2016, SD-WAN services and SD-WAN products are regarded as hot technologies, and large-scale commercial use is predicted in the next 2 to 5 years.
In the field of SD-WAN services, DT, Verizon, SingTel, NTT and other operators actively responded to the challenges and carried out SD-WAN service pilots, hoping to make full use of the operators' own data centers (including the closest user's edge data center), providing network value-added services, including firewall, WAN acceleration, network security, etc. There are also some third-party service providers, who build their own WANs and core switching nodes by purchasing operators' private lines, and provide SD-WAN services to other enterprises.
The SD-WAN product field is a red sea. There is no unified standard for the solutions of various manufacturers, making it difficult for enterprises to choose when deploying SD-WAN.
SD-WAN itself also has certain limitations. The current mainstream solution is the optimization of the Hybrid-WAN solution. SD-WAN is a part of enterprise IT network. Enterprise IT includes various LAN networks of headquarters and branch offices, enterprise data centers, and enterprise private clouds. Enterprise IT networks deploy various applications. These networks and applications are a whole. Operation, maintenance and monitoring require unified coordination. Operators/third-party service providers providing SD-WAN services should need to use existing operation and maintenance systems, rather than deploying a new set of operation and maintenance systems.
5. Summary
The improvement of Internet access and backbone capacity has brought about changes in the traditional WAN market. SD-WAN provides a fast and low-cost deployment method, which is sought after by enterprises and operators. The SD-WAN space is constantly innovating and is fertile ground for startups. The overall SD-WAN solution involves enterprises, operators, and third parties. The openness of the solution is the focus and effort of all parties.
references
[1]Marcia Savage. SD-WAN Ramping Up In The Enterprise. 2016-07
[2]Jessica Scarpati. SD-What? Understanding SD-WAN. 2015-09
[3]Johna Till Johnson. What's the difference between hybrid, virtual and SD-WAN?, 2016-06
[4]Andrew Lerner, Mark Fabbi, Neil Rickard, et al. Cool Vendors in Enterprise Networking, 2016. Gartner. 2016-04
[5]Mike Fratto, SD-WAN 2015 Market Update:Vendor Snapshots Show a Crowded, Competitive Field Attempting to Diversify, Current Analysis. 2015-12