How does SD-WAN work? In our previous segments, we explained what is an SD-WAN and the reasons why SD-WAN architecture are being adopted so quickly. In this segment I'll keep the discussion at a pretty high level and explain how an SD-WAN works. Now, there are a lot of SD-WAN offerings in the market which can make it very confusing for you. And there were a number of different underlying architectures. So I'll sometimes use our edge connect enterprise implementation as an example. Okay, so how does an SD-WAN work? First, again, in contrast to hardware based, device-centric WANs based on traditional routers and SD-WAN uses software to more intelligently route or steer traffic across the WAN. Instead of routing traffic based on TCP IP addresses and access control lists, an SD-WAN is application aware. It handles traffic much more intelligently to provide the appropriate priority, quality of service and security that business needs dictate. Also, traditional routers often include specialized hardware. Whereas most SD-WAN implementation run on off the shelf hardware. Usually x 86 based platforms as well as virtual instances on industry standard servers and even in public cloud services. So times have changed and enterprises are using the cloud and subscribing to software as a service. Again, like Office 365, Salesforce and Ring Central. While users traditionally connected back to the corporate data center to access business applications, they are now better served by accessing many of those same applications in the cloud. This is referred to as local internet breakout. As a result, the traditional land is no longer suitable, mainly because back hauling all traffic including that destined to the cloud from branch offices to the headquarters, introduces latency and impairs application performance. SD-WAN provides WAN simplification lowers costs, bandwidth efficiency. And a seamless on ramp to the cloud with significant application performance, especially for critical applications without sacrificing security and data privacy. Better application performance, improves business productivity, customer satisfaction. And ultimately consistent security reduces business risk via the use of IPsec tunnels when traffic between different branches of the organization need to be exchanged. SD-WAN architecture decouples or logically separates applications and the control and management functions from the WAN transport services like MPLS, broadband internet, LTE and even satellite or microwave. In SDN speak, this is referred to as the separation of the control or management plane from the data forwarding plane. And again, this is a very different model than the traditional router model where this was all combined in every device here is where some of the architectures differ. Our implementation virtualize is all of the way and services and treats them as a single resource pool. We then create virtual land overlays that we call business intent overlays that define the quality of service and security policies for groups of applications according to business requirements. For example, we might define a business intent overlay for real time applications like voice, video conferencing, call center applications and perhaps even a stock price feed for a financial institution or timeliness is critical to this real time overlay, we would assign any apps that must be delivered with high quality, high availability and very low latency or delay. We might have an overlay for business critical applications like accounting or backup in recovery that specifies high availability, but with more tolerance to delay and stringent security inspections, we might have yet another overlay for applications that handle point of sale and credit card information. This overlay would be created to segment or isolate this traffic to help an organization meet compliance requirements. And finally, we might create an overlay for guest wifi traffic that is given the lowest priority, receives only limited bandwidth and only uses broadband instead of the more expensive mpls. The edge connect enterprise S. D when then steers traffic to its destination using the appropriate combination of when transport resources that deliver the application to users with the priority quality and security needed to meet the needs of the business. Additionally, it continuously monitors the transport services for throughput, packet loss, latency and jitter and continuously and automatically adapts how traffic is handled to ensure that business requirements for those applications are being meant. This business driven approach gives every application exactly what it needs to deliver the best quality of experience for end users. Two other key features of advanced ston architectures are centralized orchestration and zero touch provisioning by centralizing the configuration of an SD when as well as application performance and security policies. Enterprises can significantly reduce when operational expenses. With zero touch provisioning configurations and policies are programmed once and pushed to tens or hundreds or even thousands of branch locations without having to manually program each device. This eliminates the truck roll or the need to send specialized I. T. Resources out to branch locations whenever a new app is added or a policy has changed. Zero touch provisioning reduces human errors resulting in more consistent policies across the enterprise. This more intelligent software defined approach to building wide area network infrastructure improves the quality of experience for users and for I. T. It improves business productivity and agility and it can lower land transport costs and I. T. Administrative costs. So in summary with an S. D. Whan the control function referred to as the control plane is centralized. The quality of service and security policies that dictate how an application should be delivered to the user are defined centrally and programmed automatically to hundreds or even thousands of S. D. When appliances at branch locations. And with a software model adding locations, adding applications, changing policies and more is much easier than with the old router centric model which makes an S. D. When the more intelligent cloud. First way to build a land
