Professional Documents
Culture Documents
Software-Defined Wide Area Networks (SD-WANs) provide a secure, over-the-top VPN service
that addresses demands for efficient, agile and cost-effective networking solutions. SD-WAN provides
organizations with the tools to remove network complexity, reduce costs and focus on their core business.
SDWAN augments a traditional MPLS network with broadband by combining classic WAN
technologies with Software-Defined Network (SDN) features bringing more intelligence to the way all
traffic is transported across the network. This is enabled by intelligent appliances at branch locations and
a centralized service controller platform in the cloud.
SD-WAN solutions are extremely flexible and allows enterprises to take advantage of all the
associated benefits within a multitude of networking environments. Networks can include a mix of public
and private network platforms as well as a mix of access types including Ethernet, broadband (DSL,
cable) and fixed wireless data. Whatever the network transport design, the SD-WAN creates a secure
overlay network that brings more intelligence to the way that traffic is transported across that network.
All of this is enabled via intelligent edge devices at your branch locations and via a centralized service
orchestration platform in the cloud.
Table of Contents
I. Introduction ................ Error! Bookmark not defined.
II. Next-Gen WAN Requirements ........................ Pg 7
III. Background ................ Error! Bookmark not defined.
IV. History ........................ Error! Bookmark not defined.
V. Problem....................... Error! Bookmark not defined.
VI. Solution Overview....... Error! Bookmark not defined.
VII. Connectivity ................ Error! Bookmark not defined.
VIII. Routing ..................... Error! Bookmark not defined.5
IX. Reliability .................... Error! Bookmark not defined.
X. Cost ............................. Error! Bookmark not defined.
XI. Management ............... Error! Bookmark not defined.
XII. Conclusion .................. Error! Bookmark not defined.
XIII. References................... Error! Bookmark not defined.
XIV. Appendix..................... Error! Bookmark not defined.
XV. P .................................. Error! Bookmark not defined.
XVI. Cited References ......... Error! Bookmark not defined.
XVII. Appendices ................. Error! Bookmark not defined.
I. Introduction
Organizations, businesses and other large entities rely on communication between their locations.
These locations vary in size based on its function and amount of staff based at the site. These locations for
an organization can be retail stores, branch offices, laboratories, headquarters or even data centers.
Regardless of their individual functions, these locations must be able to communicate with other locations
within its organization. They must be able to send data, exchange information and other communications
such as voice calls between each other in todays modern world to stay current. This interconnectivity
between locations is what is known as a wide area network (WAN). Today, many large organizations
including large companies such as Fortune 1000s to small-medium sized businesses are looking for
improvements for their WAN to help them reduce costs and lower complexity.
One of these companies that has published its case study as it transitioned from a standard,
traditional wide area network to a software-defined WAN is Agilent Technologies. Agilent is a research,
development and manufacturing company which specializes in solutions and products for the entire
laboratory environment such as software, chemicals and instruments. Their products are focused on the
entire lifecycle and ecosystem of laboratories. Agilent was founded as a spin-off from Hewlett-Packard in
1999 as a successful startup from within a larger multinational IT company of HP, the IPO (initial public
offering) of Agilent stock was the largest in the history of Silicon Valley at the time. To this day Agilent
continues to grow as in 2016 they exceeded $4 billion in annual revenue. Pascal Heger is the Global
Network Architect responsible for ensuring and enabling their 12,000 employees in their 120 sites spread
out over 30 countries to communicate with each other as one functional entity.
Heger and Agilent Technologies use a product from their lone ISP (internet service provider)
called MPLS which allows sites with a MPLS circuit to establish a private connection back to their
particular service providers private cloud network. MPLS (Multi-Protocol Label Switching) appends
labels to identify each data IP packet on its destination and source to route it through the service
providers backbone network. This private cloud is secure and has no connectivity to the public internet
which secures traffic for the company by separating it from the internet where hackers and interceptions
broadband, wireless 4G LTE or DSL internet. The problem with these other modes of connection when
used for WAN access is that they suffer from congestion as they are shared with other customers. They
are impacted by frequent outages with no remedy whereas MPLS is built on diverse and redundant fiber
and backbone paths for maximum survivability. Service providers also include a SLA (service level
agreement) which guarantees a certain level of performance on that circuit such as committing to 99.99%
of uptime or low latency. Other metrics are also guaranteed at different levels such as jitter and packet
loss at low measurements. Packet loss is simply as it sounds, it is the loss of IP data packets when
transmitted over a wire. When packets are lost, it increases the sending and receiving time as the receiver
must notify the sender that they never received packet #4 and it must be re-sent. Jitter is the variation in
the delivery of data packets. If data comes in at highly unpredictable intervals, real-time applications such
as voice and video will experience choppy and delayed performance as certain words or images come in
As reliable and high-performing MPLS connections are, they do come with drawbacks that are
now becoming more visible in organizations. MPLS circuits often require 120 to 150 calendar days to
provision. This leads to opening a new location to require months of lead time before it can be functional
and tied back to the rest of the WAN. MPLS often times becomes a bottleneck for organizations as
smaller branch offices to even access the general internet, have to route securely over MPLS to a location
such as a data center with firewalls and security solutions in place before ultimately allowed to enter the
internet. Even basic services such as social media or internet content is deemed by end-users to be too
slow. Pascal Heger confirms this slowdown to exist in his own network environment before transitioning
to SD-WAN, look[ing] at the MPLS footprint we tend to break out our internet traffic today in the
MPLS cloud within region and we run all our traffic through a full suite of security tools there. Business
partners and 3rd party suppliers are also unable to connect to their customers such as Agilents private
MPLS network due to security compliance as well as requiring each partner to maintain their own MPLS
from a Tier 1 ISP such as Sprint, Level 3 and Verizon that comes with MPLS-like SLA guarantees are
significantly more expensive compared to lower tier offerings such as broadband and business internet.
100 megabit internet circuit for a residential user averages to around $80 a month whereas an enterprise-
grade internet connection can be $1500 a month. Heger notes this in his proof of concept findings that
they saw 85% to 90% cost savings when measuring cost per megabits for each location while drastically
improving their bandwidth capacity by being able to replace MPLS links with internet connections and
still achieve the same performance. For their Englewood Colorado location, they had an 8mb circuit
which cost them $1,836 a month and averaged out to $229.50 per megabit. They were able to replace that
8mb with a 50mb internet connection for only $1,013 which net out to only $20.26 per megabit. This was
an overall savings of 91.2%. This scenario was common as they noticed the same in their other locations
such as Boulder and Colorado Springs, Colorado where 20mb MPLS for $3293 was replaced for 50mb at
only $1,251. Colorado Springs achieved similar results with replacing a 615mb bandwidth circuit using
MPLS totaling at $47,363 to 200mb at only $1,560. This is over 85% in cost savings. Agilent
Technologies spends $720,000 a month on just MPLS bandwidth and connections. This does not include
the equipment, IT personnel or management to make this wide area network possible.
To further exacerbate this problem, mission-critical locations that must have 100% uptime such
as the headquarters or data centers will even need to order and provision two or three MPLS links to
further increase costs but MPLS circuits cannot be configured in an Active/Active manner to leverage
both circuits and its bandwidth simultaneously. In todays world, multiple circuits at one location can
only be deployed in an Active/Standby manner in which the standby circuit is never used unless the
primary is down. This leads to many companies having bandwidth and circuits standing by idle but still
costing them money in telecom expenses. Backup circuits become cost prohibitive and organizations must
debate internally whether a location is important enough and if they are financially able to protect them
from an IT stand point. Heger confirmed before SD-WAN, they were only able to provide fully diverse
and redundant circuits in 12 of their sites to achieve 100% uptime and reliability. Now that they are
transitioning to SD-WAN, they would like to increase it to at least 75% of their total 120 sites if not all.
To understand the limitations and evolution of the wide area network, it is important to start at the
beginning. It is critical to understand the drivers and mandates from leadership and architects such as
Pascal Heger on what is wrong with the WAN today and what their definition and requirements for a
next-generation WAN should be. These next-generation WAN requirements include zero touch
deployment of new sites, reduce cost, supporting transport agnostic solutions, enabling an application-
aware network, centralizing control management, increasing security, better support real-time
applications such as voice and video, provide access to public cloud computing services, prioritize
It has become more common that CIOs want a new branch up and running in a few days. The
office should have been connected to the rest of the WAN yesterday. Circuits must be installed as soon as
possible. The interval to activate a new location on a wide area network is lengthy. Circuits to a new
construction site or existing office solely depend on the fiber and infrastructure currently available at the
premise. If it is a location that is a hub for technology such as Silicon Valley in San Jose CA or Singapore
then one can expect the infrastructure to be ready from day-one and be proposed a short interval for
installation. But what about cities that are not as well known? What about a town in Idaho? Or a city in
North Dakota? Or even on remote locations such as the islands of Fiji where internet services are not as
ubiquitous? Then an organization can expect high construction costs to lay out cable facilities and with it,
a long interval time for services to be ready. Broadband connectivity provides a faster turn-up. 4G
wireless LTE is often available near-instantaneously as long as the site is close to a cell tower and a
wireless modem device is on hand. Not only is the circuit lacking to complete deployment but local IT
resources must be present. These technical engineers and technicians are often flown and sent on
assignments to activate new branches which further elevates cost as well as dependency on a few select
individuals.
MPLS and dedicated internet is more reliable and better performing but obviously not cost-
effective. Organizations must conduct internal reviews on cost of ownership and return on investment for
will set one back $1500 a month. Many organizations run their MPLS network at some, if not all their
branch locations. As the MPLS links are being used to backhaul basic internet traffic, it creates a waste of
resources in MPLS bandwidth capacity. For a majority of organizations, much of the traffic is already
internet-bound due to increased cloud-usage. Therefore when backhauling internet traffic over an
expensive MPLS service it adds latency and puts additional utilization on the MPLS circuits which are
Organizations need to be able to use WAN transport regardless of technology, so this includes the
support of both wired and wireless as well as public and private transport. So one can use broadband,
DSL, MPLS, fiber or even wireless 4G LTE, fixed wireless or satellite. These are access technologies but
the underlying transport may go to either the public cloud such as the internet or a private cloud such as
MPLS. SD-WAN solutions enable networks to be deployed over varying connectivity options and
support hybrid WAN scenarios in which a branch location may have both private and public network
connectivity.
The entire network must be application-aware. Applications should not take the route just because
it is available but the route that best meets the requirement of the application. Applications that are
sensitive to degradation such as jitter should prefer steering its routing over circuits such as MPLS links
must be configured separately and retain completely unique and different profiles. Businesses today
maintain a device terminal which has information on each router in its environment but it still requires
engineers to individually log in to each device to conduct changes. Organizations need a platform where
they can log in to as a single pane of glass management portal and conduct monitoring and updates from
it. This platform should be able to pull reports on the network and application performance in a real-time
manner. Updates and changes should be done on this platform so any configuration changes will be sent
decade. Organizations have grown comfortable with MPLS and other routing technologies. But routing
protocols today are not application aware. They only care for establishing connections and exchanging
routing information. Routing protocols do not have visibility on the circuits quality such as if packet loss
or jitter is severe or the very applications being sent over it. Circuits are unable to be operated in an
Active/Active manner today as it can cause routing loops and incorrect route messages being advertised
in the network. Therefore circuits are also unable to aggregate its total throughput amongst each other.
Two separate 10mb circuits should logically function as 20mb total but is not possible with todays
technology. Using cheaper or commercial-grade internet connections to replace MPLS is also not secure
and also suffers from lack of performance and reliability compared to MPLS and private connections.
III. Background
connectivity it requires complex technology in the form of data networking. This telecommunication
between two entities is as simple as three components. A sender device, a receiver device and of course
the medium which connects the two devices. This medium is often a physical cable such as fiber or
ethernet cable to enable data transmission over basic wiring. Network engineers and administrators
understand that when it comes to networks within an organization there are two different flavors and
environments: local area networks (LAN) and wide area networks (WAN).
A local area networks is named for its proximity in that the devices on that particular local area
network are usually under the same roof and building. A LAN for a computer network can be an office
building, university campus or even our own residence. The devices in a LAN can be printers, fax
machines, workstations, laptops, switches, routers and servers that all resides in the same location. One
can look internally at their own home as they realize they have a cable modem, tablets and even
televisions that are connected locally to each other in their own homes. To connect devices on a local area
network is fairly simple as many of us do it and manage it ourselves without even being aware. A few
years ago before the invention of wireless Wi-Fi, consumers had ethernet cable sprawling in their homes
homes as physical restraints. Before the days of Wi-Fi, one had to deploy equipment such as switches and
hubs to enable local communications by acting as a centralized point to share how to route between each
other.
Unlike the world of wireless mobile data, the wired WAN has remained stagnant for the last 15+
years with little to no improvements. The evolution of cellular services have started from 1G which
includes AMPS, NMT and TACS but only supported analog voice as traffic. The next evolution became
2G which used D-AMPS, GSM/GPRS and cdmaOne. 2G allowed both voice and data to be transmitted at
0.5 Mbps speeds. End users and the industry sought to improve which led to the creation of 3G
technology based on CDMA2000, EV-DO, WCDMA and HSPA+. 3G has seen 63+ Mbps bandwidth
speeds and was capable of supporting mobile broadband applications such as streaming media in the form
of audio and video as well as images. It was only a few years later that 4G LTE was launched in which
most people use today due to the capabilities of smart phones. Speeds up to 300+ Mbps were available
which delivered richer content. Previous video media was now capable of being delivered to end users in
full high definition in the form of 1080p. Clear audio and music was sent down to mobile devices in the
palm of our hands. All while this evolution in mobile connectivity grew and evolved in this 15 year span,
the wired side of data services in the wide area network remained untouched
IV. History
The field of data networking has seen dramatic change over its short history. The first technology
to be adopted in a large deployment manner was ATM, Asynchronous Transfer Mode in the 1980s. ATM
was a game-changer in WAN networking. It supported various multimedia traffic such as voice, video
and data or even a combination of other services over a single transmission. It was capable of even
supporting high speed throughput in Mbps and possibly reach Gigabits per second speeds. But ultimately
it had flaws that led to engineers and the industry looking for a better alternative. These flaws included
the inability for its data connections to establish and maintain quality of service (QoS) which allows
prioritizing video applications over less important email traffic to avoid video buffering delays.
In 1992, a new Wide Area Networking (WAN) technology was introduced in the form of Frame
Relay. Frame Relay was cheaper to deploy compared to ATM and was capable of supporting protocol
independence by supporting various applications regardless of its underlying protocol. It also supports
automatic re-routing in the event of a virtual circuit suffering an outage without human input or
administration. But Frame Relay had major disadvantages as well such as bandwidth speeds and
connectivity topology. It was only able to support Time-Division Multiplexing (TDM) speeds such as a
T-1 of 1.5 Mbps and DS-3 which was maxed out at 45 Mbps. Frame Relays biggest weakness resided in
how it created its routing topology. It restricted nodes on a network to a hub-and-spoke topology. A hub-
and-spoke topology is similar to what we see today in airports around the world. While larger airports are
considered international airports due to its size as a hub location such as San Francisco (SFO), Los
Angeles (LAX), and Chicago (ORD). These larger airports often act as hubs for smaller airports in its
region. For example, Los Angeles international will serve as the hub for its surrounding smaller airports
such as Santa Ana, Van Nuys or Torrance airports. These smaller airports have to reroute and send their
flights often to a larger, hub location before the flight can reach its final destination. In Frame Relay and
data networking, this is also true as smaller offices that may house a smaller amount of employees and
staff ranging from 10 to 50 employees will have to send its traffic to a larger hub location such as the
companys headquarters or a data center before it can acquire its routing information to reach its final
destination. Requiring locations to reach a hub before reaching its end destination is seen as ineffective as
it increases delay in sending the traffic as well as not using the bandwidth at the hub locations effectively.
The circuits at the hub locations are then utilized twice to accommodate both the incoming and outgoing
traffic for its smaller branch offices. Network engineers wanted a solution that would bypass hub
locations and even allowed offices to connect to any other office on its network directly without notifying
a hub.
In 2004, this solution came in the form of MPLS (Multiprotocol Label Switching). MPLS was
created in response to business and organizational needs for any-to-any connectivity, especially for voice
middle-man location first. As its name implies, MPLS simply adds labels to each data IP packet similar to
what shipping companies such as UPS and FedEx do to accomplish sending its packages to the correct
location. MPLS enables all locations within an organization to be bridged under one fully meshed
environment in a service providers private cloud. The service provider is then able to inform every
location how to reach any other location within that organizations network. MPLS is still the leading
WAN technology today and many major companies continue to use it. MPLS was able to address the
faults that ATM and Frame Relay could not by offering end-to-end (QoS) from site to site in the form of
CoS (Class of Service). It even supports a vast range of bandwidth options ranging from 1 megabit all the
V. Problem
As widely adopted as MPLS is today and how it has become the industry standard in terms of a
WAN technology, it still can be improved upon in the eyes of developers who seek to continue the wide
area network evolution. The sheer amount of technological advancement in regards to cloud computing,
mobility, voice, video and convergence has to the creation of Internet of Things (IoT). As more and more
devices need IP addresses so they are reachable on the public internet such as refrigerators, cars and other
smart devices, it becomes evident that our network backbones must change to accommodate this growing
space.
The current WAN environment is a complex one due to newer technologies. While MPLS is
secure and reliable in that it keeps traffic and routing on a private network, it does not have on-ramp for
organizations to reach cloud services that are hosted on the public internet from their private MPLS cloud.
This in turn leads to hub-and-spoke designs similar to previous Frame Relay iterations as large data
centers now become the on-ramp for remote offices to reach. An alternative solution is that each branch
office of a company will have to create its own virtual private tunnel to reach cloud services and providers
such as Amazon Web Services or Microsoft Office 365. This creates more administration tasks for
MPLS circuit and a broadband internet circuit. While the MPLS circuit is the best performing connection
as it has SLAs (Service Level Agreements) in which the circuit provider guarantees a certain level of
performance as opposed to cheaper broadband internet circuits which are only best-effort, it is still
difficult to configure the two circuits at a location to failover or share bandwidth between each other.
Todays router technology allows only an Active/Standby configuration in which only one of the circuits
can be used as the primary and in the event the primary link is down, then may the secondary connection
be failed over to and used. This leads to expensive designs as the backup link cannot be used in the
Applications in todays WAN also do not have the level of visibility developers and engineers
would like to see. The way IP packets are routed today is based on IP addresses and subnets. Routers
route purely based on source and destination. This address information is captured in the header
information section of an IP packet but it is the only sole information used to make routing decisions. In
an ideal world, organizations would like to monitor each application and how it performs on the network.
Organizations also want to be able to use their applications with any wide area connection whether it be
Every WAN transition starting from the early days of basic private lines to ATM to Frame Relay
to even todays current MPLS has been driven by the organizational and business needs to achieve
scalability, simplicity and cost savings. Technology evolves constantly. We see this in more well-known
and common fields of technology such as in the realm of media and data storage devices like VHS, DVDs
and Blu-Rays. As the advancement of technology evolves, it always leaves behind its predecessor such as
Blu-Rays replacing DVDs which in turn replaced VHS. The field of networking is seeing the exact same
evolution as obsolete products and services are relegated to museums in the same way floppy disks are no
WAN). The ability of SD-WAN to integrate software into networking is an advancement that has not
been done before. SD-WAN has added unprecedented visibility, agility and flexibility into the way
networks are viewed, built, managed and monitored. SD-WAN is changing the operational and
organizational job functions of network engineers. SD-WAN is leading to many organizations to rethink
their network architecture and design as to how they can capitalize on this new cutting edge technology
for their environment. SD-WAN can replace private cloud technologies such as MPLs entirely or
augment those private cloud services by adding broadband to bring more intelligence to the way all traffic
is transported across the network. This is service is enabled by intelligent edge devices at customer branch
locations and a centralized service controller platform that is hosted in the cloud.
According to Gartner Research, Inc. which is the leading advisory boards for IT which many
CIOs, IT leaders and decision makers consult with, they have come to a conclusion that for a product or
solution to be considered SD-WAN it must meet four criterias. Firstly, they must support multiple
connection types such as MPLS, internet, LTE. Second, it must be able to support dynamic path selection
to allow load sharing across multiple WAN connections. Third, it must provide a simple interface for
managing the WAN and include zero-touch provisioning and be as easy to setup as a home Wi-Fi. Lastly
it must support VPNs (Virtual Private Networks) to ensure the solution offers the same levels of security
as well as support 3rd-party services such as WAN Optimization, firewalls, web gateways and other
services.
VII. Connectivity
The wide area network to the end user of an enterprise sized organization is viewed as simplistic.
They see the WAN architecture as basic pipes in and out of an office. They understand it connects to a
data center and there may be internet connections but that is as far as most end users will understand of a
network design which in reality is far more complicated. The reality of a real-world deployment of a large
scale WAN to an experienced network engineer is much more complex. Those experienced in networking
understand that there is a vast amount of components within that diagram of a single, lone cloud. There
equipment and many more items that make the magic of world-wide instant communication possible. It
therefore becomes difficult to make changes and updates to a network as frequently as engineers would
prefer. Changes that were needed to be made must go through complicated bureaucracy with other IT
personnel and departments for approval. Updates to software and patches needed to be cleared with
security and compliance beforehand. Organizations need a simplified process and method to deploy and
manage their WAN. Thus SD-WAN was born out of this necessity.
End users do not see the underlying technology used to physically connect their digital services.
This physical connectivity is often deployed in the form of fiber, ethernet, TDM or private leased lines,
wireless 4G LTE or coax. SD-WAN appliances and products must support all methods of access type and
integrate them seamlessly. Some businesses such as construction or retail need to activate new or
temporary sites quickly and within a few days notice. In these scenarios, it is not realistic to wait three to
four months for a MPLS line to be delivered or even a few days to schedule a local ISP to dispatch a
technician to turn-up internet services. This is especially true for temporary locations where service
providers may require a minimum of 1 year of service for their connections. Should an organization
disconnect and terminate the service before their commitment is met then the provider can enforce early
termination penalties on them. As this is not ideal from a financial ramifications perspective,
organizations will wish to pursue leveraging wireless modems and devices often with USB ports to
VIII. Routing
In todays networking world, routing protocols are used to establish sessions and neighbors for
data transmission. These routing protocols are a standard for how routers communicate with each other to
share information on how to select the path between any two nodes on a network whether it be a large
The standardized routing protocols used today are not application aware nor path quality aware.
Routing protocols such as BGP, RIP, OSPF and IS-IS establish their routing information through
its routing table to use and then sort and prioritize certain routers for best path determination to ensure the
optimal path is used. IP addresses are used by routers to share within their routing tables they hold in their
storage memory. Routers do their best to understand and make determinations on the best path. This value
that is used by routers to make routing decisions is known as metrics. Metrics are based on various factors
such as the amount of hops to get from point A to point B. Bandwidth on the circuit and considering any
administrator values to manually alter its preference. Therefore routers are not aware of the actual
application being sent over it. Service providers and network administrators can make intelligent guesses
on the content their users are browsing based on the destination IP address but not to the actual
application being encapsulated inside the data packets. On the same concept, IP addresses themselves also
do not help a router determine if a route is of good or bad quality. Routing technology today builds route
based learned IP addresses in the network. If a route is learned properly but the circuit for that very
connection degrades at a certain time, the router will still attempt to send traffic over the route as it
believes it is a usable path. If the circuit on this path is in an unstable condition in that it is bouncing up
and down, the routers do not see this as an issue and will send traffic as if no issue is on the line. This
scenario is known as a brownout scenario and is difficult for routers to remediate and have visibility to.
Blackout conditions are supported today by routers as they are hard down statuses and routers have an
easier time in seeing this behavior and then marking that path as now unavailable.
When it comes to SD-WAN, it is critical for one to understand that there are two layers of the
network. SD-WANs goal is to add an overlay network over the existing WAN network. This separates
the control and data plane from each other so routing and change management are on separate layers. SD-
WAN solutions effectively divide and separate itself as an underlay routing. This underlay is todays
traditional routing topology where routers learn each others routes through circuits and announcements.
An overlay is the intelligence brought by SD-WAN. An overlay is simply adding routing features on top
of the underlay. The overlay effectively makes the entire WAN appear to be on giant router where each
location has its own interface to get out and send information to as opposed to operating as multiple,
separate routers.
SD-WAN solutions are also capable of offering continuous link monitoring by polling each
circuit constantly in a sub-second manner. The interval differs based on SD-WAN vendor but the typical
tests are done in the range of 100 milliseconds to 500 milliseconds. When a degradation to a circuit is
noticed in the monitoring, the appliances automatically enable remediation techniques depending on the
circuit issue. In the event of significant packet loss on a circuit, forward error correction can be enabled
for this specific event which will cause data packets to be duplicated and sent out multiple times on the
circuit in a redundant manner so the device on the other end of this transmission session will receive
multiple instances of an IP packet. The receiving device is then able to identify through the marking of IP
packet headers whether it has already received packet #50 for example. If it already has received this
particular data packet, it will ignore and discard and move on to the next. This remediation ability can
overcome large amounts of packet loss but obviously this is not a feature that should be enabled
permanently as it can cause additional utilization and queuing due to duplicate packets being sent out.
While forward error correction is used for brownout scenarios where the circuit degrades but is not in a
full outage (blackout), software also enables applications and data to link steer by using an alternate
circuit. When the polling of a circuit fails and shows it is hard down, it is intelligent enough to redirect
For voice traffic, a different technique is used in the method of jitter buffering. Voice traffic is
real time and cannot suffer from delay. If a voice packet takes too long to reach a location, the end-users
are often left with a voice call that is choppy and broken. Most people can identify with this problem from
personal experience as we find ourselves asking the individual on the other end to repeat what they had
just said. Therefore when jitter, also known as packet delay variation (PDV) is introduced to a circuit
during a voice call, it can create that choppy call experience. SD-WAN can remedy this issue by enabling
jitter buffering. When the packet arrival is not static and varies drastically, it can space out the receiving
and processing of these voice packets so it smooths out a voice call. It may appear that the person is
speaking slower but this improves the end-users experience when using the application. This is achieved
WAN through the use of intelligent software can identify the instances where these circuits will degrade
and only enable the features during these periods and in return, disable them when the circuit becomes
Certain vendors in the Software-Defined WAN space are able offer even better protection against
link degradation through the use of intelligent link and traffic steering. Traffic sessions in todays
networking is based and built only per-flow technology. This means that once a transmission session
such as a voice call or a file transmission is conducted, it builds a logical connection between the two
endpoints but pins that session on one physical circuit such as a DSL circuit. Should this DSL circuit
being used fails by having an outage, then all sessions including the voice call will be dropped and
opposed to restricting a session to route over one circuit, packets can dynamically and automatically steer
to a 2nd available link as the session is built end-to-end on appliances that belong to a particular vendor.
This interoperability enables both appliances to know both endpoints and the circuit paths available to
them and if either side suffers a degrading or outage on the circuit, to steer packets away the bad
connection. This enables session persistency and retains the call without the users experiencing an outage
X. Cost
SD-WAN is not necessarily cheap when compared to existing products for networking such as
routers and other appliances but its advancement in leveraging new and existing technologies helps user
achieve cost savings. This is done by lowering the bandwidth on more expensive MPLS circuits or simply
replacing MPLS circuits entirely with cheaper internet circuits. Organizations often times will see 50-60%
savings on their telecommunications bill. Organizations can also use MPLS for routing private traffic
such as corporate applications and sensitive data such as customer information but leverage the bandwidth
on cheaper broadband connections for non-critical traffic such as email, web surfing or as a back-up to the
primary link. As SD-WAN appliances are also more reliable due to its reliance on actual software to make
failure and will require less maintenance over its lifespan compared to routers today.
XI. Management
The appliances or devices that must be deployed at the sites should be lightweight with preferably
configuration through a graphic user interface (GUI) compared to configurations done in a command-line
interface (CLI). Command line has been traditionally the method for technicians, engineers and
administrators to log in to devices and make changes to it but they require extensive knowledge of the
programming language beforehand while simultaneously demanding that personnel to also know how to
make the changes they need into the platform. A GUI method allows engineers who may know the
routing techniques but may lack the knowledge to use a new system to make the changes they need
The configuration on active routers today are also static and local to the device unless backed up
via storage options such as physical drives or cloud storage. Should they be backed up, they also must be
manually pulled from the device. SD-WAN stresses a centralized model in which a centralized platform
that acts as the overlay controller retains all configuration information and automates the extraction of
these logs to a cloud storage facility therefore if a device is broken or files are corrupted, a new device
can be shipped to the site and the last configuration applied seamlessly without loss. Therefore all
configurations live in the cloud as they are hosted in the internet as opposed to being persistent and only
SD-WAN solutions often have a controller or orchestrator platform hosted in the internet with
redundant clusters to ensure if one platform fails, there are multiple versions with mirror images to ensure
constant uptime. A cloud-provisioned network SD-WAN appliance allows new and existing locations to
download configurations and push changes down to the device itself. IT staff can also build new profiles
and configurations for a location in the controller and assign that location a profile. Once the device is
shipped and installed at the branch office. The device will use its internet connection to call home to the
cloud-based orchestration platform to pull its configuration. This is known as zero-touch provisioning and
Management tasks will also be streamlined such as in the form of self-learning abilities built into
the appliance. The appliances should be able to conduct bandwidth tests on new circuits that are plugged
into the device. This will help the device learn how much bandwidth is possible for use. It can conduct
bandwidth tests on both download and upload in the scenario that the circuit is not symmetrical in
bandwidth but instead is asymmetrical and has different download and upload speeds. This is commonly
seen in broadband, DSL and even residential home internet services where ISPs only advertise the
download speed but will severely limit the upload speed. The service provider on a circuit can also be
automatically discovered by conducting a reverse IP address lookup against internet databases to extract
SD-WAN devices therefore must be able to function as a Swiss-army like device in the
networking world. These devices should be easy to configure as a home router. As a router-like device,
they are capable of being swapped in lieu of existing routers today or capable of co-existing within
existing LAN environments behind a designated WAN router to make routing decisions before handing
off the WAN router. As a possible router replacement, it must therefore have interfaces on the device
such as standardized ports such as Gigabit Ethernet interfaces to support common terminations such as
RJ45 copper cables or include SFPs, also known as small form-factor pluggable transceiver which are
capable of accepting fiber cable connections. Similar to residential home routers and modems, it must
also have multiple switched ports to connect local area network devices such as computers, phones and
XII. Conclusion
Software-Defined Wide Area Network products bring simplicity, efficiency and in most cases
will cut costs to the entire network oversight. SD-WAN as a service has demonstrated success in these
recent years as it helps organizations manage complexity and network costs while simultaneously
simplify network management and improve performance. As an overlay solution, SD-WAN accelerates
deployment and management of an enterprises WAN from a central location. As companies continue to
develop and advance their SD-WAN offerings to enable more features and abilities, organizations will be
Technology is changing the way businesses conduct business and connect employees, customers
and partners. Businesses must evolve over time to remain competitive and relevant in their markets.
Now, more than ever, businesses are dependent on their network to stay connected and competitive.
Software-Defined Wide Area Networks will help organizations drive ground-breaking flexibility,
efficiency and performance across the network, helping them easily maneuver through the complexities
of a network that must support distributed sites, a growing mobile workforce, and accelerating use of
Agilent, Detailed Results on SD-WAN Production Pilot (ONUG 2016). (n.d.). Retrieved June 13, 2017,
from http://viptela.com/resources/viptela-luncheon-speaker-series-agilent/
Bloomberg, J. (2017, March 20). SD-WAN: Entry Point For Software-Defined Everything. Retrieved
June 13, 2017, from https://www.forbes.com/sites/jasonbloomberg/2017/03/20/sd-wan-entry-point-for-
software-defined-everything/#3c668d3446ee
Butler, B. (2017, June 12). SD-WAN: What it is and why you'll use it one day. Retrieved June 13, 2017,
from http://www.networkworld.com/article/3031279/software-defined-networking/sd-wan-what-it-is-and-
why-you-ll-use-it-one-day.html
Gartner: SD-WAN providers to disrupt edge router market. (n.d.). Retrieved June 13, 2017, from
http://searchsdn.techtarget.com/news/450403303/Gartner-SD-WAN-providers-to-disrupt-edge-router-
market
Greenfield, S. G. (2016, November 16). Gartner predicts: SD-WANs to replace routers, but which SD-
WAN is the question. Retrieved June 13, 2017, from http://www.networkworld.com/article/3142053/lan-
wan/gartner-predicts-sd-wans-to-replace-routers-but-which-sd-wan-is-the-question.html
Market Guide for WAN Edge Infrastructure. (n.d.). Retrieved June 13, 2017, from
https://www.gartner.com/doc/reprints?id=1-3X6W6KF&ct=170404&st=sb
Mitchell, B. (n.d.). Top 5 network routing protocols demystified. Retrieved June 16, 2017, from
https://www.lifewire.com/top-network-routing-protocols-explained-817965
Tkatchuk, R. (2017, June 06). The rise of SD-WAN: what does it mean for your company? Retrieved
June 15, 2017, from http://www.networkworld.com/article/3199789/mobile-wireless/the-rise-of-sd-wan-
what-does-it-mean-for-your-company.html#tk.drr_mlt
Software-Defined WAN For Dummies. (n.d.). Retrieved June 16, 2017, from
http://www.velocloud.com/sd-wan-resources/white-papers/software-defined-wan-for-dummies
SD-WAN Architecture For Industry Solutions | Versa Networks. (n.d.). Retrieved June 16, 2017, from
http://www.versa-networks.com/enterprise/sd-wan/
Software Defined WAN (SD WAN). (n.d.). Retrieved June 16, 2017, from http://viptela.com/sd-wan/
Intelligent WAN - Software Defined SD-WAN. (2016, December 16). Retrieved June 16, 2017, from
http://www.cisco.com/c/en/us/solutions/enterprise-networks/intelligent-wan/index.html