Blog · 20 Nov 2018

SD-WAN 2.0: the delivery of enterprise IT services across any network and cloud

How to respond to the needs of enterprise IT today and tomorrow.

First generation SD-WAN solutions (SD-WAN 1.0) have focused on delivering automated IP connectivity and WAN management across different transport types.

These deployments were primarily constrained within the WAN itself and overlooked the end-to-end aspect of service delivery. Since then, enterprise IT needs have rapidly shifted to accommodate multi-cloud capabilities, leading to many models for enterprises to consume cloud services.  This environment has created a new set of requirements that legacy SD-WAN 1.0 deployments were not designed to address.

We’ve developed SD-WAN 2.0, which expands the SD-WAN 1.0 paradigm to a cloud based platform, delivering diverse IT services for modern enterprises. It transcends connectivity and allows enterprises to offer IT services across any IP-based networks.

The three key pillars that comprise SD-WAN 2.0 are:

1.  Multi-cloud access and policy: The modern enterprise needs to connect users in branch offices to applications in cloud - in a secure, programmable, automated transport-agnostic manner. SD-WAN 2.0 provides seamless cloud connectivity and the ability for end-to-end network governance including visibility and control of applications that span private data centers, SaaS and public clouds, and any remote or branch location across any WAN (IP/MPLS, LTE, 3G, Broadband Internet, etc.). This capability leads to an extremely efficient operational model as it achieved via a single policy pane of glass and platform for the entire network. It also provides for cloud transparency (workload flexibility) now and into the future as cloud services continue to evolve.

2.  Value Added Services (VAS): Enterprise sites require a range of networking value added services (VAS) in addition to WAN connectivity. These include security functions, VOIP gateways, IOT agents, Wireless LAN controllers etc. SD-WAN 2.0 provides a flexible approach to deliver these value added services via a unified platform API.  Options are also available for smaller sites with embedded built-in network functions such as IPSec, NAT/PAT, L4 ACL, Business Intelligence, and other functions that can be simply be turned on. Alternatively, enterprises can virtualize third party network functions (VMs or Containers) in a “branch in a box” model. Integrated lifecycle management and cataloging of VNFs removes the need for complex orchestration and management systems. Finally, enterprises can simply route specific application flows to a remotely hosted network function (including cloud security offers such as Zscaler) using a centrally programmed service chain.

With this flexible yet unified service delivery ability of SD-WAN 2.0, telcos can realize new business/revenue opportunity in the form of the ability to offer on-demand, programmable value added services alongside connectivity. The enterprise benefits from a dev-ops style agility of service deployment, resource allocation and cost.

3.  End to End Security: New cloud-based architectures have enabled a new breed of applications that can come and go in milli-seconds and can infect the network east to west within its virtual branch perimeter that extends across clouds, physical sites and mobile users. Beyond traditional security measures such as firewalls, SD-WAN 2.0 offers end to end security automation to protect against, detect and respond to this changing security threat landscape. This functionality comes in form of -

  • Policy based microsegmentation of application flows from users to cloud applications, to provide virtual/logical pan-network policy silos and protect against malicious unauthorized access to enterprise IT resources.
  • Pan network flow insight and visualization that detects all network communication across/within branch/cloud and provides contextualized information that can be used to detect anomalies, violation of regulatory policies and create security rules.
  • Closed loop automation, that generates automated policy/actions based on real time network events and patterns

In the extremely crowded SD-WAN market, it is important to be able to focus solutions that address enterprise needs today and tomorrow. SD-WAN 2.0 is all about meeting the needs of enterprise IT by providing a single platform to deliver IT services while ensuring end-to-end security of users and business applications.

Nuage is working with BT as part of BT’s Dynamic Network Services programme, which is designed to give customers more choice, security, resilience, service and agility in the roll-out of future networks that support digital transformation. The programme helps customers remove barriers to adoption of SD-WAN and NFV by answering questions about which technologies to use as well as when and how to implement, configure and integrate them with existing networks to create hybrid infrastructure fit for the digital age.

Find out more about how you can consolidate and optimize your IT.  Listen to the replay of our webinar on next generation SD-WAN.