SD-WAN, or Software-Defined Wide-Area Networking, is a subset of Software-Defined Networking (SDN), which is itself an umbrella term encompassing several network technologies with the purpose of making the network agile and flexible. SDN includes the common network boundaries, or delineations, such as: SDA - Software-Defined Access works commonly in the campus network delineation such as wired and wireless access for endpoints SDDC - Software-Defined Data Center obviously encompasses data center network technologies such as high-speed LAN access for compute and storage SDWAN - Software-Defined Wide-Area Network focuses primarily on WAN technologies which includes public access circuits such as Direct Internet or MPLS Each of these delineations share the same four basic pillars, or goals: Abstraction - De-coupling the Management plane, the Control plane and the Data plane allows for simplified management in the User Interface while allowing for configurations to be executed but the complexity is hidden from human eyes. Automation - Rapid provisioning (centralized), on-the-fly traffic flow and data path selection, end-to-end configuration services Analytics - Centralized flow-based collection of data from network devices, real-time visibility and mitigation, telemetry (back-in-time visibility) Security - Microsegmentation, group tags, Network-wide end-to-end policy enforcement SD-WAN incorporates the use of "overlays" to accomplish these goals. The idea is to create a multi-path OSI Layer 3 network as the "underlay", or foundation. The underlay should be highly available and resilient, able to re-route in case of any path outage. Overlay technologies such as DMVPN and mGRe are used to create an OSI Layer 2 tunnel from end-to-end. As this statement implies, end devices are able to communicate with other end devices at Layer 2, ensuring that the complexity of the underlay is completely transparent. To manage such an architecture manually would be a very large undertaking because first of all one must manage the complexity of the underlay, then one must manage the overlay as an entirely separate network. This is the advantage of Abstraction and Automation. A centralized management platform is able to communicate directly to network appliances over the Management plane, while network devices can communicate with each other using the Control plane. Separating these planes out of the traditional single-use Data plane ensures that things like configurations, path selections and policy enforcement can happen unimpeded by events which may occur on the Data plane. Below is a high-level example of a typical use-case topology for SD-WAN:
... View more
