SD-WAN from the inside out – 7 terms you should know

Starting in 2000, SD-WAN was presented as an emerging technology for over a decade. The numerous tests associated with its implementation, its combination with other applications and the results achieved as a result of these activities have turned SD-WAN into an emerging technology since 2014, a technology that meets the needs of companies undergoing digital transformation. At the heart of which applications does SD-WAN lie? We have prepared a short elementary to learn about this technology from the inside. 

1. Orchestration and orchestrators

…or WAN custodians – controlling and managing the network. 

This fully centralised model of administrative services takes over the functions of the network operator, bringing them to an automated level. This means lower costs, less manual intervention, more control over the network and more time to focus on other projects. 

SD-WAN ‘as a service’ enables enterprises to access orchestration from a protected web services portal to manage and monitor branch (edge) SD-WAN deployments centrally. 

2 Extended Edge 

…when the boundary of an enterprise network extends beyond its physical perimeter.  

The increasing volume of services and data and the decentralisation of operations. These two factors have rendered the corporate network as a physical entity, connecting different types of locations in the WAN, obsolete. Enterprises have moved critical applications from data centres to cloud environments. Added to this has been the rise of remote or hybrid working over the past few years.

The ‘Extended Edge’ phenomenon is nothing more than accessing applications on remote networks outside the direct control of the corporate IT department. 

3 Multi-Cloud  

…i.e. a multi-cloud environment in which services from different providers work together. 

Mulit-cloud-based network infrastructure includes a range of services, both public and private. The multi-clouds are connected to each other and to the WAN. Management, maintenance, and security policies cover all providers in a similar way, making this environment a full-fledged part of the enterprise ecosystem. 

MultiCloud poses WAN management challenges in terms of guaranteeing application performance and security. These challenges can be met by new SD-WAN technologies such as cloud mesh. They enable secure and direct access to multi-cloud environments via SDI (software-defined interconnect). 

4 Cloud Mesh 

…a way to provide reliable connectivity in the cloud. 

The full-mesh network architecture is based on fully integrated communications that allow traffic to move directly between all locations on the network. This means connecting any site on the corporate network to any other site on the network. Cloud mesh enables companies to use SaaS and IaaS services without compromising network security and performance. 

5. SASE (Secure Access Service Edge)
…which is a package of cloud-based WAN technologies. 

SASE combines several technologies for WAN networks with cloud security at their core. These include secure internet gateways, cloud access control or zero-trust network access and a firewall with the ability to identify sensitive data or malware. SASE uses SD-WAN in many cases, but there are significant differences between the two solutions.  

SD-WAN connects geographically distant offices, head offices, server rooms and data centres, where security tools are located on customer devices. On the other hand, SASE focuses on efficiently and securely connecting individual endpoints – but does so with a focus on the cloud.  

6. FWaaS 

…or cloud-based firewall configuration. 

Firewall as a Service (FWaaS) is delivered in the cloud, away from the traditional network perimeter. Always up-to-date, it works with a unified orchestration platform to optimise network performance. As a cloud service, this function enables enterprises to monitor costs and capital expenditure.  

7. ZBF 

…which is a firewall that operates at a more detailed level. 

A Zone-Based Firewall (ZBF) is about centralising and automating network security. It enables policy-based topology isolation without network segmentation. It determines which site (or subnet) can communicate with another site (or subnet). With ZBF, an enterprise can separate the network between different parts of the organisation. 

And now about SD-WAN 

 We have left the most crucial definition for last. SD-WAN (Software-Defined Wide Area Network) is a WAN architecture that enables the optimal use of existing transport services, such as MPLS, LTE, symmetric or asymmetric Internet, to connect users and use cloud applications. The connection is also characterised by a high degree of security and reliability. 

SD-WAN solutions enable network administrators to strategically upgrade and manage their hybrid network with a single interface and orchestration tool. 

SD-WAN technology is the best solution for companies with multiple branches. It influences faster start-up of new offices, user security and quality of service for customers. It allows network administrators to develop the infrastructure remotely and efficiently, fully focusing their work on improving it.