What is SD WAN (and why it's replacing MPLS)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi i'm steve murphy and i'm a vice president at arg we're going to explore sd-wan in some detail this is important to i.t engineers networking engineers whether or not you're managing a thousand sites or just a single site sd-wan has a story that you might be able to incorporate into your wide area networking or other networking needs there's a lot to cover so we're going to break this conversation down into three three separate videos today's video is about what is sd-wan we're going to conduct an entire video just on the benefits of sd-wan and then we're going to look at the business case for sd-wan how do you describe this to your management team how do you look at the financial implications and how do you get approval to be able to deploy sd-wan into your organization so first to understand sd-wan you have to understand what we've been doing for wide area networking over the past several years and wide-air networking has been pretty traditional we're going to put a couple remotes and a data center that these remotes need to connect to now in the early days this might have been a private line or otherwise known as a point to point that could be um evpl which is uh ethernet virtual private line service could be dark fiber uh could just be in in the old days a traditional tdm circuit now today most people um might have a few private lines in in their network for specific types of traffic like replication or something in today's networking environment most people to connect their branch offices with a data center are using mpls mpls has been around for about 15 years and it is a standard tried and true private but relatively flexible wide area networking technology so we like private area networking in this regard because it controls the elements that we need to provide good service to our end users things like latency loss and jitter we have very good performance over these private networking topologies for these key performance metrics the challenge with mpls is it can be expensive one of the ways that we manage expense within our network today is that we are bringing all of the traffic to a data center which has a um a corporate security platform built into the data center so all of our traffic flows to the data center where it can be treated for security uh in a central manner and then be sent out to the internet so this keeps us very secure keeps us with a very consistent uniform security profile and platform that we can manage and that reduces our our risk beyond the cost one of the challenges of this network type is that generally for mpls you need a single provider so no matter whether the mpls service provider can get to a location or not or at what cost you have to use that mpos provider so you are locked in to a provider and you are locked in or held somewhat hostage to the cost structure that they have with each of these remote locations it's also inflexible when you need to open up a new location you might have to wait months for a new mpls connection to show up whereas today with internet you can order a broadband circuit and be up and running in probably a couple of weeks it's also management intensive uh it engineers have to map individual past individual locations to ensure that they are properly connected and properly managed the applications are properly managed with within the pvcs that we're putting over the mpls network so it works for now it has some limitations and there are some better options with within the sd-wan product set that can help us move into a more consistent topology for our for our users as they move out to the cloud and that's what's really been transforming the way we network today is um all the applications that are living out in the cloud because today our users really aren't going to the data center as much as they had in the past they want to go to azure or aws they want to access things like office 365 or salesforce or um or box any of the other sas applications that are out there and today they need to go through your central security platform at your data center to access these uh to access these applications that creates latency it creates congestion here creates points of failure that as an i.t organization we need to manage so there is a better way to allow our end users to connect directly to the internet to access those services and that's what sd-wan tries to accomplish so if we want to allow our end users to access these resources out on the internet the network gets very complicated if we're going to continue to pass traffic through our security platform we need to then very carefully manage the user experience as they're moving out and and utilizing some of these applications another complexity is what we have at the edge of our of our branch offices typically we're going to have a stack of appliances here at the edge that stack might include routers a firewall because even though we're providing security at the at the data center we're going to have a firewall whenever we're connecting a public internet connection uh to our network we're going to have potentially wind optimization and we're going to want some site to cite stuff uh some site-to-site connectivity so we might have a dmvpn so all of these services are being being deployed at each one of our branch locations creating a lot of complexity as i said and a lot of cost structure that we have to have not only are we putting individual appliances there to support those services but we have to we have to provide care and feeding of those services over time which further increases our cost management becomes tougher as your as your as the number of sites increases and it's really not the best topology that we can come up with in this day and age the primary benefits is that it's private and you only are using the public internet maybe when you have an mpls service issue and you're you're connecting over a vpn as a failover but most of the time the the internet connection from these branch offices is unutilized or under utilized uh while it's while we're showing you here connecting to the internet that's true we're really not utilizing those connections for access to the internet because we're still going through our security stack at the data centers or so if we need to we can use the internet to go to reach the data center get get security applied to it and then go back out to these applications we really haven't improved our performance metrics going to these applications by adding an internet link in this in this network so one objection that we can get when we talk about how we are constructing a bottleneck or uh a congestion point at the data center and hurting performance of accessing some of these resources that our end users want to reach are well who cares because these are not time sensitive resources typically i would argue that office 365 is getting very time sensitive but salesforce box [Music] accessing resources in azure or aws as an end user may not be time or latency sensitive traffic but we're putting more and more out out into the cloud not just these uh these resources but we're doing ucas which is essentially hosted voice or hosted pbx we're doing um collaboration which is frequently video and very much a real-time app application and again some of our applications uh productivity applications are becoming sensitive so because we are pushing more and more applications and more and more performance sensitive applications out to the cloud our traditional topology is becoming less and less relevant it's being challenged by the the changing nature of the traffic flows on our network so we need a simple and affordable solution that's where sd-wan comes in sd-wan stands for software-defined wide area networking it combines all of our requirements into a simple and affordable platform let's start the conversation here at the edge where sd-wan collapses all of these services into a single appliance that provides a number of advantages so uh sd-wan can clearly do routing most sd-wan platforms have a very robust security offering the the sd-wan device can do compression and duplication and it can support secure site-to-site communications now all these services are optional you don't have to utilize those services if you like your firewall platform and you want to keep it there's additional residual value left in the in that platform feel free to keep your firewall in place same with your optimization but as those age out you have the option of turning um turning those over to the sd-wan platform at a very affordable price aggregating all these services into a single device is that that you now have a single control plane where you can orchestrate the entire network through one user interface makes things very efficient and actually reduces risk quite a bit so once we're done talking about the the edge the network itself can become uh optimized today as i mentioned we are constrained by our and by our single mpls provider going sd-wan which is a traditionally an internet-based service you then get independence and uh you are agnostic as to who you use as your as your internet service provider you can use the most cost-effective uh provider at each of these locations and you can use different types of internet you can use fiber-based internet dedicated internet um you can use business class broadband which would be either a a cable connection or a low-cost fiber connection from some of the ilex or even going back to dsl in some hard-to-reach places you can also use wireless 4g or or 5g wireless is also a great add-on to an sd-wan platform you have to be careful about the usage you may not want to use that as your primary connection or you may not want to load balance too aggressively on that on that wireless but as a failover where you're only putting data on that wireless network when you need to do so to keep your costs down can be a very effective strategy to keep people up and running with it with their mission critical services so what do you lose when you go to when you go to a an sd-wan let's just say that we've gone from mpls to to the public internet so we essentially have redundant internet connections here what do you lose well you lose quality of service because we are no longer managing over a private network the packet loss the jitter the latency of services now it's been our experience that you can manage those very successfully going over the public internet with an sd-wan platform the sd-wan service will test each network and determine which application should ride which which network for the best performance or there are service providers out there that have sd-wan platforms but they also have a private network so you're going over the public internet for a very short period of time until you jump on their private network and then that private network is managed for quality of service just like your former mpls network so we do have options in terms of managing quality of service for your critical applications again it's been my experience that going over the public internet is sufficient for most applications we do have some great information from uh customers doing side-by-side tests of sd-wan in in their traditional production network including mpls networks to show that a private network can enhance the throughput and the performance of what people are currently using today so that's that's another option now a lot of our clients won't go to the internet immediately with their sd-wan deployment some will keep the mpls networks in place and slowly migrate applications to the internet side of the sd-wan device just to make sure that they're moving forward in a very logical and very uh thoughtful way and that's fine most sd-wan platforms in fact virtually all stwm platforms today will support mpls we'll support point to points so you can keep your private network for a period of time it gives you a very smooth migration path from the the traditional topology that you're running to a more accommodative topology for all of the services that are currently going into the cloud security as i mentioned firewall is typically incorporated but ipsec is used by all the sd-wan providers so that the traffic is is secure you get agnostic internet access providers as i said before it is simple and inexpensive and we're going to go through the actual benefits of sd-wan in the next video we'll go we'll jump into some some more detail about what you actually get out of sd-wan from a from a management perspective and from a performance perspective um if you like this video i think we've we've gone through enough at this point about why sd-wan is so important why the why the traffic is moving out to the internet and how else do you win uh assists organizations and getting to that traffic directly if you like this video please feel free to subscribe so you can come back and find the additional videos uh that we're publishing on these and other topics and if you want to leave a comment or like us i'd appreciate that as well if you're considering sd-wan as a project right now you can also reach out to me i'm happy to have a conversation with uh with you about what your what your ambitions are what your project looks like and we can talk about what some of the alternatives are that that you might have happy to have those conversations and i look forward to seeing you next time thank you so much bye-bye

Info

Channel: Steve Murphy

Views: 32,047

Rating: undefined out of 5

Keywords: SD-WAN, Wide Area Networking, MPLS, security, cybersecurity

Id: dq-qA4vEpN0

Channel Id: undefined

Length: 15min 26sec (926 seconds)

Published: Mon Feb 22 2021