SD-WAN Simplifies and Secures Enterprise Hybrid WAN Management

Background

The increasing use of cloud and the continuous demand for bandwidth have driven enterprises to seek more flexible and simpler WAN solutions, which means the conventional WAN architecture relying on MPLS to rout traffic data between branch offices and data center will be history, just a matter of time. However, enterprises are reluctant to replace existing hardware infrastructure overnight. Thus, Hybrid WAN and then SD-WAN have emerged.

Hybrid WAN and SD-WAN are two different concepts, though some characteristics in common. Hybrid WAN is considered a step beyond the traditional WAN. Hybrid WAN leverages both Internet broadband and MPLS so that traffic goes alternate routes depending on path selections by vendors or network management personnel. In other words, the selection is manual by command-line interfaces and could be time-consuming.

Therefore, to fully explore the potential of SaaS or cloud service, enterprises must upgrade from Hybrid WAN to deploy SD-WAN, which forms an abstract network hardware management layer, allowing centralized control for network management personnel to deploy instructions or policies across all the existing network devices within the infrastructure. In short, SD-WAN simplifies enterprise Hybrid WAN management based on existing hardware environment.

Requirements

It is commonly suggested that enterprise SD-WAN can be best deployed by using white-box solution embedded with open architecture, design scalability and security engines.

White-box network hardware

Since most enterprises will be reluctant to replace their existing hardware overnight, seamless integration and compatibility with existing devices and WAN services becomes a key factor in choosing the right solution. Therefore, a white-box network appliance in open architecture is the most reasonable and cost-effective choice.

Hardware-based crypto acceleration (IPSec)

IPSec shall be an essential embedded security feature of enterprise SD-WAN, and shall be assisted by hardware-based crypto acceleration like Intel QuickAssist to offload AES-256 encryption, in order to maintain the performance in application delivery.

Application-visibility and SLA performance

A well-integrated enterprise SD-WAN shall enable application visibility and enhanced performance to meet SLAs for critical services while minimizing latency. With centralized management, the right SD-WAN solution provides visibility to network management personnel to diagnose and solve problems for all segments of the infrastructures, instead of manually inputting command line for each device.

Centralized Orchestration for direct policies

The right enterprise SD-WAN solution enables direct connection to SaaS or cloud and thus policies can be directly implemented, which boosts performance with any possible latency through MPLS. In fact, with centralized management, policies can be configured for all devices across the WAN environment.

Improved Transport Quality

With application visibility, network management personnel is able to monitor the whole WAN environment and configure the appropriate policies for transport, for instance, the traffic routing for consumer broadband.

Lanner’s SD-WAN Appliances

Lanner has a complete lineup of white-box appliances made for end-to-end SD-WAN applications. They feature latest Intel® processors, NEBS/K.21 compliance, DPDK libraries/drivers, SR-IOV technologies, and redundant powers design. Due to their open architecture nature, these white-box SDN-ready appliances are capable of running VNFs at remote, branch offices or data center.

For optimal SaaS and cloud service at SLA level performance, Lanner’s NCA-5510 is the ideal fit. The 1U rackmount server appliance is empowered by Intel® Xeon® E5-2600 v3/v4 series CPU, Intel® C612 chipset and DDR4 memory to deliver high core counts for virtualization and the optimal performance for WAN optimization. As an optimal enterprise SDN appliance, NCA-5510 comes with hardware-based crypto acceleration engine such as Intel® AES New Instruction for embedded security.

NCA-5510 also features Intel® virtualization technologies, improving transport quality and policies configuration across the WAN environment.

The bandwidth of NCA-5510 is expandable with 4 NIC modules slots. For high-availability consideration, NCA-5510 features 1 + 1 redundant power supply.

SD-WAN Simplifies and Secures Enterprise Hybrid WAN Management was last modified: July 15th, 2020 by Jorge Peregrina