SDWAN is a networking tool businesses will often utilise if they’re spread out geographically. It’s been growing in popularity and used by Australian businesses for several years now, but there’s still a lot of confusing information surrounding it. When you first begin researching the topic, you may feel overwhelmed just trying to determine what SDWAN is in the first place. Not to mention whether you should go with Cisco SDWAN or opt for FortiGate SDWAN. We’re here to dive into SDWAN and unpack a heap of puzzling information for you.
What is SDWAN?
SDWAN―not to be confused with Obi Wan―stands for Software Defined Wide Area Network. And unless you have a technical IT background, that phrase is just as meaningless as its acronym. Let’s start with the ‘WAN’ part first. WAN (Wide Area Network) is a network that connects computers and systems that are spread across a large geographical area. Computers in close proximity―within the same room or building―are usually connected by a LAN (local area network). A WAN connects several LANs, typically within one organisation. This is generally when they have several branches spread throughout the city, state, or country.
WAN technology previously relied on special hardware to perform these long-distance connections. But the future is here! So now we have Software Defined WAN that utilises the omnipotent power of the Internet to perform these connections.
How Does SDWAN Work?
SDWAN works by connecting users on the network to one another via multiple Internet-based services (such as broadband or 4G). Instead of requiring a physical connection à la MPLS (more on that later), SDWAN utilises a bundle of Internet connections. It then intelligently chooses the optimal one at any given time to route traffic.
For example, your SDWAN may be a selection of various connections including a 4G network, NBN, fibre, and an ADSL connection. These can be provided by any combination of ISPs such as Telstra, Optus, or TPG. When you want to send data across the network to another location, the SDWAN identifies which connection currently provides the most efficient speeds and will route traffic that way. If that connection becomes overloaded or is otherwise unavailable, it will move to the next best connection available. This traffic shaping reduces network congestion.
This is why it’s also advised to use multiple ISPs in your bundle. If one carrier is down, e.g. Telstra is having an outage, then you still have other options on your Optus or TPG connections.
SDWAN vs MPLS
Let’s have a look at MPLS and how it differs from SDWAN. MPLS stands for Multiprotocol Label Switching. Again, this is a pretty meaningless phrase for anyone without a background in telecommunications or IT, so let’s unpack it a bit.
MPLS was (and in many cases still is) the reliable WAN solution for businesses before SDWAN rode into town. MPLS utilises telecommunications networks in order to transmit data. Essentially, the business pays a network provider (such as Telstra) to use their physical lines to transmit data from one branch to another, even internationally. This means there is a direct physical line between the networks, and as such, it’s secure, reliable and most importantly… very expensive!
Although MPLS provides a real solution to the WAN problem, it’s completely out of reach for 99% of businesses due to the exorbitant cost. Imagine renting your own private lane on the M2, and you’re starting to get an inkling of what’s involved. Essentially, the cost of this service serves as a barrier to most businesses. Consequently, it ultimately just serves bigger businesses. A rough cost of an MPLS service is $600-$800 per Mbps on average. Yeah, that’s not a typo! It’s easy to see why most businesses were completely unable to utilise this service.
SDWAN bundles often consist of various connections such as fibre broadband, 4G and MPLS.
As we mentioned earlier, SDWAN doesn’t utilise physical phone lines for these connections (though it might take advantage of a cable line). It primarily relies on internet connections to perform its networking. Therefore, it’s a far more accessible and affordable option for businesses.
The Top 11 Benefits of SDWAN
So what are the main benefits of SDWAN and how does it support your business? Is it necessary, or just a gimmick technology that you can do without? Let’s make a list:
SDWAN Benefit 1. Increased Bandwidth
With an SDWAN on hand, you’re not restricted to one ISP. SDWAN bundles multiple connections across multiple providers, so your available bandwidth is exponentially more than it would be without SDWAN. This is definitely worth a tick in the pro column.
SDWAN Benefit 2. Lower Cost
As mentioned earlier, MPLS is a painfully expensive option that is basically just accessible to high-ranking corporations with dollars to burn. Instead of paying exorbitant rates of nearly $1000 per Mbps, you’re paying the standard rates of Internet broadband and 4G costs. It’s a lot easier on the budget. Another tick.
SDWAN Benefit 3. Greater Choice of Connection Vendor
Since SDWAN utilises a bundle of connections, you have options in what vendors you go with for this bundle. Your business won’t be limited to just Telstra cable, you can also have Optus 4G, TPG Fibre, and an NBN connection.
SDWAN Benefit 4. Centralised Management Across Branches
When you have multiple branches of your business, there’s a huge benefit to being able to manage everything centrally. With SDWAN, you have more control over communications between sites, and you can implement changes across the environment instantly.
SDWAN Benefit 5. Carrier Redundancy
Having multiple vendors and connections means that you’re not dead in the water when one of those connections goes down due to scheduled or impromptu service interruptions. Therefore, SDWAN provides you with far more reliability in terms of your connectivity.
SDWAN Benefit 6. Better Security
SDWAN provides greater security for your business as you can encrypt all communications across your network by default. When all traffic is routed through your SDWAN connections with traffic shaping, they are secured by your encryption protocols.
SDWAN Benefit 7. Provides a QoS that’s Useful for Everyone
The best news about SDWAN is that it is not just for businesses with multiple sites and branches. You can utilise SDWAN for connecting from office to home, as well as office to office. Or without any secondary location at all. You can simply use it as a means to bundle your connections and provide a QoS (Quality of Service). This dedicates portions of your bandwidth to specific functions.
SDWAN Benefit 8. Auto Provisioning
You can send SDWAN devices to additional branches without them being configured beforehand. The device can download its policies, crypto-certificate, and keys, and begin learning traffic patterns immediately and automatically. The technology becomes very hands-off, which saves you time and headaches.
SDWAN Benefit 9. Intelligent Traffic Shaping
As mentioned previously, SDWAN evaluates the available pathways and chooses the optimal route based on several factors from time of day, port numbers, quality of service markings, and IP addresses. This traffic-management ability can be pushed out to all relevant SDWAN devices.
SDWAN Benefit 10. High Performance
SDWAN uses the Internet to create multiple secure, high-performance connections, so that even if you’re dealing with traffic congestion on your Optus connection, the SDWAN is still able to access high-performing connections on your TPG or Telstra connections.
SDWAN Benefit 11. Increased Uptime
SDWAN enables rapid deployment of its services without requiring specific IT staff to manually configure and install all aspects. Without the time-consuming aspect of older WAN models, your business has increased uptime and can get on with what needs to be done.
What are my SDWAN Options?
When it comes to choosing your SDWAN vendor, it can be difficult knowing who to go with. You’ll need to determine what your priorities are, what capabilities you need and―of course―take your budget into account. When searching for vendors, the top ones you’ll come across are likely Riverbed, Cisco, Citrix, VMware, FortiNet, Aryaka, and Silver Peak. To help you get started on your SDWAN research, we’ll have a look at a few of these in detail.
Cisco is probably one of the biggest IT networking vendors around. Their name has really become synonymous with cloud network technology and hardware routers. So, it’s only natural they have a share of the SDWAN market as well.
Cisco SDWAN boasts the following features:
- Choice of cloud-based or on-premise Cisco SDWAN.
- Available as a 3-year or 5-year subscription, with a variety of packages to choose from (Cisco DNA Essentials, DNA Advantage and DNA Premier).
- Cisco SDWAN supports third-party API integration, allowing for greater customisation and automation in daily operations.
- Centralised management dashboard called vManage.
- Transport independence: zero network downtime utilising multiple connections.
- Network services: WAN optimisation, cloud security, firewalls, intrusion protection, URL filtering.
- Cisco SDWAN OnRamp provides continuous uptime and connectivity by continuously measuring connection performances and provides real-time visibility of performance.
- vManage console allows you to automate virtual private gateway deployment in certain environments. You can also monitor underlay performance and harden your entire network.
- Cisco SDWAN segments your network traffic from end to end, protecting your data.
- vManage provides real-time analytics of applications and infrastructure, failure correlation, application performance, forecasting performance, bandwidth provisioning, and enact policy changes.
Where Cisco is the name in networking, FortiNet is the name in firewalls and endpoint security. FortiGate SDWAN is their solution to the modern WAN problem, achieved by bundling with several other FortiNet security services.
FortiGate SDWAN includes all the following functions:
- Path awareness intelligence to monitor application-level transactions and choose the best available path.
- Centralised management to simplify deployment, management, and monitoring.
- Improves cloud application performances by prioritising business-critical applications and enabling branches to communicate directly to the Internet.
- Integrates and supports over 3000 applications as well as granular visibility into sub-applications.
- Includes FortiGuard services with FortiGate SDWAN which covers application control and web filtering.
- Application control allows you to create policies to allow, deny or restrict access as required, enforce compliance and improve security. It includes real-time visibility of what users are operating.
- Web Filtering protects the business by blocking access to malicious, or otherwise inappropriate, websites.
- FortiSandbox Cloud is a threat-detection solution that performs dynamic analysis to identify new malware threats, and then actions said threats using controls within your network.
- FortiGate SDWAN is also bundled with the highly-rated FortiGuard Antivirus, which will protect your business against all the latest viruses, malware and threats.
- Intrusion prevention by utilising the FortiGuard IPS so threats are detected and eliminated before they reach network devices.
- Available as a physical device, virtual machine or cloud service.
- Easy to deploy and use, with a simplified UI and easy maintenance.
- Saves cost by integrating firewall and antivirus services with the SDWAN function and overall performs as more than just a replacement for MPLS.
Riverbed Technology is another name in networking, focusing a lot on both software and hardware products designed for network performance monitoring, application performance management, and WANs.
Riverbed’s SDWAN product SteelConnect includes the following features:
- Single-click set up of SDWAN capabilities in the Cloud and application acceleration in Microsoft Azure and AWS environments.
- Scalability for large environments, including data centres.
- Simple workflows for policy definitions.
- Fully automates secure connectivity between cloud vendors, cloud regions, and branch locations.
- Centralised management console for Cloud, WAN, and LAN―which also enables WAN optimisation.
- Management console lets admins view network health, deploy appliances, and enact policy changes.
- Riverbed offers a free trial for SteelConnect so you can evaluate if its the right tool before making a financial commitment.
- SteelConnect uses a line of physical and virtual secure WAN gateways to provide unified connectivity. It forces global policies, automated VPN management, and next-gen firewall capabilities.
- User-to-server control, whether the user is static or mobile, on-premises, or on the Cloud.
- Enforce application policies (such as path quality, path selection, QOS, and security).
- SteelConnect also includes integrated and third-party security providers.
6 Factors To Consider When Choosing Your SDWAN Solution
So, what factors should you be considering when trying to choose from the numerous SDWAN options out there? How do you decide between Cisco SDWAN and FortiGate? There are a few items you should consider in order to determine which product will work best for you and your business:
- Cost: Do you have cost restrictions? If you’re planning to migrate from MPLS, you’ll likely be saving costs anyway, but it’s good to have a realistic idea of where your budget lies.
- Security: What are your security requirements? Are you looking for a bundled security SDWAN solution (such as FortiGate SDWAN)? Otherwise, consider what security will be provided by alternate solutions.
- Reliability: Does the vendor offer reliability for their product? Some vendors will include an optional SLA to provide a guarantee of ongoing service with no interruptions.
- Scalability: Is your business growing or spreading out? Will you need to add additional branches/locations down the track? Look for a vendor that offers painless scalability.
- Existing Infrastructure: Are you looking to replace your existing SDWAN, or are you starting from scratch? Do you need a hybrid solution to integrate with your existing MPLS?
- Control: Do you require a tool that provides visibility and extensive control? Are you more hands-off and looking for something that automates itself? Or will you use some IT managed services to handle it for you?
To sum up, SDWAN is a very technical (and often confusing!) topic that can take time to fully grasp. And that’s totally okay. Ultimately, it’s a networking solution for your business, whether you have multiple locations or simply require bundled internet connectivity to optimise your connections and performance.
With multiple products and factors to choose from, it’s not something to rush into, and it certainly doesn’t need to be considered as a replacement to MPLS (though it’s certainly a viable alternative for many). Some businesses choose to utilise both SDWAN and MPLS, and some will choose one over the other.
Whether you choose to go with Riverbed, or Cisco SDWAN, you’re always welcome to chat with us at Stanfield IT about how these products can serve your business. We’re well versed in SDWAN technology here, and will be more than happy to chat to you about your network needs and how you can go about improving your productivity at home and in the office.