WAN Cloud Networking Beyond SDN and NFV

Software-defined networking (SDN) and network functions virtualization (NFV) are designed to automate network provisioning and management for cloud-based Wide Area Networks (WANs). Both are touted as ways to deal with broad-based IT trends, but both approaches have shortcomings in their ability to fully address those trends.

SDN is being extended beyond the datacenter and proclaimed as one of the key components for enabling a next-generation WAN. One paradigm of SDN is to separate the control plane from the data plane to enable faster innovation of new architectures. Businesses are even more interested in the prospect of using commodity hardware as a means to improve economies, increase agility and reduce vendor lock-in.

NFV is more narrowly of interest particularly to datacenters operated by service providers. The promise of NFV is greater agility in provisioning additional network services, such as network services, security, and routing.

But successful next-generation WAN approaches will both embrace and improve upon the tenets of SDN and NFV.

Trends Spur New Approaches

Business trends driving the need for new WAN approaches include:

  • Continued migration of applications to the cloud
  • Increasing mobility of workers and transient nature of remote worksites
  • Concerns about loss of IT visibility and policy control with bring-your-own-device and other consumerization effects
  • Lean IT and the desire to reduce effort and expenditure on networking infrastructure

Next-generation WAN designs will incorporate–but also go significantly beyond– the application of SDN and NFV design principles. Driven by these key business demands toward migration to the cloud and access by an increasingly mobile workforce, next-generation WAN designs should leverage the cloud itself. In other words, the new WAN architecture will not only be software-defined, but also cloud-delivered.

Leveraging the Cloud to Optimize for the Cloud

This new WAN approach adds two important components:

1. The network must be deployable in the cloud as well as on premises, to optimally support the migration to cloud datacenters and applications.

Along with the migration of applications to the cloud is the move toward migrating the entire datacenter to the cloud. Trying to use traditional WANs with cloud applications and datacenters requires backhauling application traffic via a private WAN to an on-premise datacenter before forwarding it to the cloud. This backhauling extracts a significant performance penalty on the application traffic.

A software-defined—or, more precisely, a business policy approach—allows the largest enterprises to select the closest-egress private datacenter to forward traffic to destinations in the cloud. However, these enterprises must still buy, operate and maintain their own datacenter locations. And only larger enterprises with many locations can truly optimize their egress points.

Some vendors are offering virtual-appliance versions of their datacenter network appliances, but this approach does not address the most difficult requirement: being able to locate the services in the optimal paths for many distributed cloud applications and datacenters. It puts the burden on the enterprise to distribute the network widely throughout the cloud; if this is not done, the backhaul issue still exists.

In addition, the use of virtual appliances does not address the upfront capital expenses, nor does it address the deployment complexity to cover many distributed cloud locations. It’s not the same as true cloud service delivery. Vendors must either partner with service providers or directly deliver a cloud-deployed network to ultimately provide the right architecture to support direct access to cloud applications for the broadest majority of businesses.

A cloud-delivered network provides the agility demanded by today’s businesses. These benefits can be extended all the way to the branch by enabling branch office WANs to use NFV principles to enable the easy deployment of virtual services. Instead of delivering services individually via multiple fixed-function appliances, necessitating service-provider truck rolls and IT effort on site to install and provision services, virtual delivery provides the same agility that datacenter networks have enjoyed.

2. The WAN architecture should leverage the “cloud” for transport—in other words, leverage the Internet in addition to private networks, in what is often called a hybrid WAN.

Traditional WANs have relied on private lines such as T1 with MPLS services — private circuits best suited for on-premise datacenters, not cloud datacenters. Adding broadband Internet provides direct access to cloud applications, dramatically improved bandwidth and economics, and faster deployment. Any next-generation WAN approach should enable the use of broadband Internet services, along with private networks, as both an integrated and active part of the WAN—in other words, a hybrid WAN.

Using broadband Internet simply as a separate network for guest web surfing, or as a standby network, does not capture the benefits that the circuit offers. Yet broadband Internet does not have the same predictable performance, capacity or reliability as private circuits–which is why businesses use it for less-critical purposes. Businesses want to leverage the cost and other advantages of broadband but require a private network-like experience.

Next-generation hybrid WAN architectures should not only integrate broadband, but also apply technologies to give the WAN enterprise-grade performance, availability, security and IT control.

A solution for providing enterprise-grade performance is “dynamic multi-path optimization.” With that feature, broadband, along with private network capacity and performance, is continuously monitored. Traffic is then dynamically steered, by application and business priority, to the best link and path at each moment in time.

This dynamic use of different services delivers the advantage of virtualization. If necessary, on-demand remediation techniques such as error correction and jitter buffering are also automatically applied.

Another key benefit is the enhanced visibility across multiple sites and providers. Optimized hybrid WAN also improves reliability over single MPLS connections, and better availability than MPLS with Internet failover that is not seamless.

Reinventing WAN Design

In summary, WAN innovations are being pushed by changing expectations:

  • Enterprise applications and datacenters are being migrated to the cloud.
  • Enterprises expect to be able to set up and manage their branch-office networks quickly, easily and affordably.
  • The increasing number of branch-office and mobile workers expect the same high-bandwidth, low-latency network experience as they enjoy with their broadband connections at home.
  • IT admins expect to be able to control WANs with the same enterprise-grade qualities as their headquarters networks.

Meeting these expectations is the need of a next-generation WAN, whose key elements include:

Cloud network

This means the ability to provide optimized access for both enterprise-owned datacenters and applications as well as cloud datacenters and SaaS applications. Mirroring the migration of datacenters and applications to the cloud, the network infrastructure supporting the datacenter and applications should also be deliverable from the cloud. In addition to providing the optimal, most direct access to applications for superior performance, additional advantages include ease of deployment; ability to monitor and control paths to distributed cloud resources; and scale, redundancy and coverage.

The combination of on-premise appliances and cloud-delivered services provides the ideal architecture for supporting the migration to hybrid cloud. An SDN architecture is an ideal complement. It provides a unified control plane for managing both the distributed cloud network as well as on-premise components.  For the on-premise services, a software-focused design delivers improved economics and opportunities for simplifying deployments with consolidation of functions.

Enterprise-grade Internet and hybrid WANs

Branch offices are being held back by the expense, complexity and lengthy provisioning times demanded by networks that are only private. At the same time, however, moving WAN traffic to public links has meant loss of crucial security, control and predictable performance. The answer is to provide seamless virtualization of multiple private and public services, and to make Internet links function with enterprise-grade quality and control.

Virtualized services

Branch offices need to be freed from the hassle and costs of using fixed-uses hardware boxes for access to vital networking services. Applying NFV principles—virtualized service to the branch premise as well as the head-end services—is a natural complement to a cloud-delivered and software-defined architecture.

WAN technology is changing in response to a number of significant business trends. SDN and NFV, while both offering improvements to current WAN architectures, cannot themselves enable a true next-generation WAN. A cloud-delivered WAN approach, which embraces–but also transcends–both SDN and NFV principles, is the approach best suited to responding to today’s business pressures and changing expectations.

Disclaimer: This article was written by a guest contributor in his/her personal capacity. The opinions expressed in this article are the author’s own and do not necessarily reflect those of CloudWedge.com

CloudWedge