Unify your clouds with SD-WAN 2.0

01 April 2019 | Patrick McCabe

Cover

Patrick McCabe

Blog Author | senior marketing manager, Nokia Networks

Cover

The adoption of the cloud by enterprise IT departments has been uneven. There are several ways that enterprises use cloud services, but the different approaches often relate less to an overall strategic vision than to opportunistic decisions made over time.

When the cloud is applied unevenly and without coordination between silos, it can lose many of its advantages. Fortunately, software-defined networking (SDN) and its wide area offspring, SD-WAN, can do a lot to smooth the bumps and ensure all parts of the enterprise cloud work together.

Enterprises were initially reluctant to abandon their investment in capital-intensive data centers and custom business applications. Data centers were virtualized applications that remained hosted on premise, but millions of dollars and years of lost effort trying to build applications finally convinced many of them to embrace software-as-a-service (SaaS) applications in areas such as CRM and, later, productivity software.

Figure 1: Different types of cloud computing (re-draw)

 As confidence in the cloud capabilities grew, especially around security, it led to limited or even full-scale outsourcing of the data center to infrastructure-as-a-service (IaaS) providers, especially in areas of business that needed to scale quickly, such as web hosting, big data and analysis.

Platform-as-a-service (PaaS) proved ideal for software development for business practices that needed to build innovative new digital services quickly. It reduced development time by providing a pre-configured server-side platform with support for multiple programming languages and easy collaboration between in-house and vendor development teams, often using DevOps methodologies.

The key problem for enterprise IT is to find a way to integrate all of these disparate cloud approaches, as well as any private data centre activities. This can turn into an operational headache and can undercut the cost benefits as well as the advantages of development speed and instant scalability.

For instance, if we look at PaaS, which is best suited for fast, collaborative software development, tends to use a modular approach to application development. This could mean the required supporting applications and workloads do not reside on a single server. An employee in a branch office, or a customer on a mobile device, may use an application that communicates with services hosted on different virtual machines, containers, across multiple physical servers, situated anywhere in the enterprise’s data centres or on the PaaS.

If you are an IT manager responsible for administering security and permissions for users and groups, or managing network connectivity, it becomes difficult to ensure the application doesn’t break because of a manual configuration issue. Similarly, you could be a DevOps team trying quickly to release a service module that supports a global application, but don’t have the time to ensure all permitted users of the application have secure connectivity from wherever they are, to all of the micro-services that make up the application.

Fortunately, SDN, the initial answer to similar problems in the data centre, has extended into the WAN and public cloud, thus allowing enterprises automated and secure access to services across the entire network. Referred to as SD-WAN, it enables enterprise IT teams to build networks that are secure, responsive and flexible enough to support highly distributed cloud applications, and it also keeps IT operating costs from exploding.

To accomplish this task, the underlying WAN transport networks have to behave seamlessly across all entities. With this in place, the SDN/SD-WAN connectivity model can program and automate the connectivity between users in remote branches and applications served by virtual machines or containers in the data centre or public clouds. SD-WAN 2.0, the next evolution of SD-WAN, presents a unified abstraction of the underlying complexity, effectively providing a single pane of glass for the governance and control of the entire enterprise network, automating IT tasks, simplifying the complexity, enhancing network security and reducing costs.

On the security front, classical perimeter-based security measures are inadequate given the dynamic nature of cloud-based architectures and the applications and micro-services that are supported across them. What is required is a seamless, end-to-end governance model that automates the extension of software-defined security across the entire network. In this way, SD-WAN 2.0 provides complete end-to-end protection, flow visibility and analytics to understand the network and the impact applications have on it. Micro-segmentation security measures can be dynamically applied to each application across the entire network leaving no segment unprotected. Finally, policies provide automated remedial actions when the network detects threats.

Although enterprises have embraced cloud unevenly, unlike basic SD-WAN offers, an SD-WAN 2.0 solution can provide a secure, predictable network platform that unifies cloud activities across the enterprise multi-cloud environment. Not only overcoming many of the operational headaches, it harnesses the dynamic capabilities of the cloud, such as rapid scalability and DevOps-style innovation, connecting employees and customers with full control over costs and quality of experience.