Transitioning from a self-managed IPVPN network to an SD-WAN cloud-based IPVPN

A Wide Area Network (WAN) forms the backbone of a modern business enterprise. It connects the enterprise’s headquarters, branches and data centers together despite being geographically apart. This leads to improved productivity and effective operations of the enterprise. Over the years, the WAN has undergone numerous developments steered by the evolution of enterprises and changing communication dynamics. The need for better control, connectivity, visibility, security, and agility continue to beckon. Enterprises are consuming more WAN bandwidth and desire to shift towards cloud data centers, IoT and SaaS applications hence the desire for better network architecture.

Why transition to SD-WAN could-based IPVPN?

Self-managed IPVPN has the legacy WAN connectivity constituted by MPLS and the Internet. MPLS can provide both availability and latency SLAs. However, this commitment comes at a high cost according to the bandwidth. The Internet, on the other hand, is cheaper and quick to deploy but providers won’t commit to high availability and low latency. Actually, the Internet is prone to increased latency and packet loss when a packet of data hops through numerous carriers. This could lead to unpredictable application behavior. Both MPLS and the Internet require appliances such as routers and firewalls. This makes deployment and management expensive, tedious and time-consuming.

SD-WAN cloud-based IPVPN represents changes in network design. It brings the cloud into the network planning process by utilizing cloud-based technologies to move functions previously locked up in hardware appliances and runs them as a service. SD-WAN has numerous advantages:

  • It promotes connectivity - SD-WAN is transport agnostic and so able to accommodate MPLS, 4G or broadband(Internet). It presents these connectivity technologies to both applications and user direct to the Internet or site connection.
  • It is intelligent - It allows users to supplement or replace MPLS with the Internet with little sacrifice on bandwidth availability, latency control, security, and reliability. It detects and mitigates packet loss, low latency, and jitter by switching automatically to the best available path as detected from persistent, real-time latency, and packet loss measurements.
  • Reduces dependency on physical equipment - Just like routers, cost effective forwarders (server based appliances) handle routing and security.
  • It is centrally managed and monitored - SD-WAN controllers enable full control over the WAN to network administrators. They are able to monitor and manage the network and remote devices from a single interface, typically a web based portal. The controller also incorporates notifications which provide real-time insight into the health of the WAN.
  • Cloud connectivity - With the ease of path selection, SD-WAN is able to more successfully incorporate broadband as part of an enterprise’s WAN. The path selection assures performance and availability for demanding real-time applications. Using the features of SD-WAN, terminating VPNs to aggregation points in the cloud are enabling direct access to cloud based applications such as those that might be hosted in AWS or Azure.

This results in high performance, reliability and flexibility. This makes accessing remotely stored data and applications faster and more efficient hence efficient cloud computing experience.

Transitioning to SD-WAN cloud-based IPVPN

  • Remote sites and SD-WAN devices – If a remote site has an existing firewall, the SD-WAN device should be located in front of the firewall’s public interface. This way, it will be able to terminate the WAN connectivity and present aggregate bandwidth to the location’s firewall. The site can maintain the firewall and the existing security policies but now with access to more bandwidth.
  • Connecting new SD-WAN sites to data centers – Replacement of the existing WAN’s headend is not necessary.  SD-WAN should support the already widely used standard IPSec. It should provide a footprint in the cloud that terminates connectivity from SD-WAN devices meaning only one IPsec is required from the SD-WAN cloud into enterprise VPN headend.
  • MPLS routers with SD-WAN offload – The network is able to offload certain traffic to the SD-WAN without changing any configurations in the existing infrastructure. The SD-WAN device should be capable of attracting traffic it wants to send via the SD-WAN overlay. Routing protocols like OSPF enables the devices to advertise the subnet to process its traffic. Once the traffic arrives on the device, SD-WAN policy decides whether or not to allow the traffic through the SD-WAN overlay.

SD-WAN cloud-based IPVPN improves connectivity, cuts operational cost and reduces management hassles. If your organization wishes to adopt, Saas, IaaS ,Paas and IoT, then it should consider embracing this network architecture to reliable performance and connectivity.

Get in Touch!

Telephone: (919) 439-5000
1150 SE Maynard Rd
Cary, NC 27511
263 13th Ave S, Suite 340
St Petersburg, FL 33701

facebook linkedIn facebook