Introducing a Software-Defined WAN (SDWAN)
The software-defined wide-area network (SD-WAN or SDWAN) is a specific application of software-defined networking (SDN) technology applied to WAN connections such as broadband internet, MPLS,4G or LTE,. It connects enterprise networks – including branch offices and data centers – over large geographic distances.
A wide area network (WAN) is a telecommunications network, usually used for connecting computers, that spans a wide geographical area. WANs can by used to connect cities, states, or even countries. ... Unlike LANs, WANs typically do not link individual computers, but rather are used to link LANs.
SD-WAN, on the other hand, utilizes the internet or cloud-native private network. SD-WAN decouples the network from the management plane and detaches the traffic management and monitoring functions from hardware.
Why using SD-WAN could help me?
1. Because it’s more flexible, open, and cloud-based WAN technologies, rather than installing proprietary or specialized WAN technology which often involves expensive, fixed circuits, or proprietary hardware.
2. SD-WAN is cheaper than more expensive legacy WAN technologies such as MPLS or T-1
3. Virtualization technology can apply security and virtual private networking (VPN) technology to broadband Internet connections, making them more secure.
4. Its scalability across numerous locations and its centralized management for both the public and private cloud ease the management of the multi-cloud.
And many more ...
Cisco Viptela SD-WAN components:
In Viptela solution the role of network controller is played by vSmart controller which is located in the cloud. vEdges are CPEs and every vEdge has to be connected with vBond and vSmart in order to be fully operational.
vEdge can be physical or virtual and they are typically located at customer location but can also be deployed on private and/or public clouds.
The vManage is the tool or simply kind of a dashboard that helps administrators to clearly define WAN communication rules and manage policies from a GUI. Using vManage, administrators are allowed to construct different topologies depending on their needs, such as branches with single or dual MPLS/Internet lines, hub and spoke topologies or spoke to spoke connectivity.
The picture shows how the functional modules are connected to each other:
The whole concept consists of four elements:
vBond – starts the bring up process of every vEdge device, at the first step it creates secure tunnel with vEdge and informs vSmart and vManage about it’s parameters like for instance ip address. It has to be fully connected with every device.
vSmart – this is a controller for your network, it is responsible for managing all control and data policies by using special Overlay Management Protocol (OMP).
vEdge – router which receive complete control and data policies from the vSmart, it is able to run routing protocol like OSPF, BGP to create connectivity on LAN side but also with MPLS provider if necessary. It establishes secure IPSec tunnels with others vEdges depending on selected topology.
vManage – fully manageable centralized portal to run and operate software defined network (SD-WAN).
Every piece of above list plays a separate important role in the whole puzzle, however to configure and operate the network typically we have to spent most of the time on vManage.
For learning more about SD-WAN ,please read part 2
TRADEMARK LEGAL NOTICE
All product names, logos, and brands are property of their respective owners in the Austria or other countries.All company, product and service names used on this website are for identification purposes only. Pheniix is notaffiliated with or an official partner of Cisco, CompTIA,Dimension Data, VMware, Amazon, Microsoft, Certified Ethical Hacker, (ISC)², Juniper, Wireshark, Offensive Security,Google, GNS3, F5, Python, Linux, Java, Openstack, Vagrant, Ansible, Docker, GIT, , Blockchain or other companies.Use of these names, logos, and brands does not imply endorsement.The opinions expressed on pheniix are personal perspectives and not those of Cisco , Dimension Data or any other company. Pheniix runs as an independent blog.