Skip to main content

SD-WAN: The Definitive Guide (2020 Update)

November 8, 2019

sd wan guide

What is SD-WAN?

SD-WAN or Software-Defined Wide Area Network is a highly secure, cloud-delivered technology that uses SDN (Software Defined Networking) approach over a wide area network. It offers simple network management across branches, easy site deployment & configuration, centralized management, and the reduced cost.

SD-WAN facilitates easy management of routers, firewalls, upgrading internet lines, WAN links, leased lines/MPLS, public-facing infrastructure, VPNs and mobile clients through easy-to-use GUI interface. It also reduces the overall cost by lowering equipment and service related contract costs and minimizes the need for continuous upgrades and other time-consuming exercises.

Benefits of SD-WAN

  • Optimized Application Performance
  • Zero Touch Provisioning
  • Improved Branches Agility
  • Getting Smarter with Automation and Machine Learning
  • Centralized Management & Control
  • Matchless Quality of Experience

And, the list goes on...

Moreover, within a few years, the IaaS/ SaaS applications are continuously evolving. As a result of which, the graph of user experience is downgraded up to a certain extent. This is the reason that SD-WAN comes up with its inventory of benefits to help the enterprises and their customers. You can read more benefits of SD-WAN and figure out which pointer will improve “your” network/ customer experience.

Why SD-WAN is Required?

The WANs over the past 2+ Decades

# The Single Lease Line

That era was witnessing the use of MPLS line connections. Often, the branch offices (stations for almost 80% of business transactions) were connected to the data center (the headquarter) through the routers. The traffic glided between the source and destination was based on TCP/IP addresses, the access control list tables, and other complex routing protocols.

This model was good-to-going as all the applications were hosted in the enterprise data centers.

Nonetheless, with the inclusion of the cloud, the traffic patterns have been changed. The movement of applications towards the cloud had not supported the previous model anymore.

# Applications Towards Cloud

These applications (connected through Broadband) could be the enterprise apps that are hosted today in- AWS (Amazon Web Service) or Google Cloud or Microsoft Azure, or the SaaS applications, such as- Office 365, Dropbox, and Salesforce, etc.

However, during that era, the cloud traffic was being sent to the data center back, but not stay on the internet. As a result, it led to a delay that reduced the application performance, and it swallowed the expensive leased line bandwidth as well.

Traditional WAN

Precisely, what included was:

  • Enterprises and their branches were connected using single MPLS (Multiprotocol Label Switching), which was resulted in a single point of failure.
  • All remote site users accessed the internet via the main site. This feature led to expensiveness and inefficient usage of bandwidth.
  • The MPLS routers were needed to install at each location.
  • The network complexity made the upgrades challenging with long lead times.
  • It was essential to possess a secondary MPLS link in case of redundancy required.
  • The static network architectures were there that didn’t support cloud infrastructure.

The pace of technology has escalated and hence, with those transformations, it is quite challenging to manage your network today.

Didn’t make sense, right?

Therefore, if we dwell deep, then we can easily compare the traditional WAN vs Today’s SD-WAN. Let’ see...

Traditional WAN and SD-WAN

Traditional WAN has the following limitations:

  • Escalating cost due to the use of MPLS technology, including the managing price of MPLS network and remote location
  • Addition of a new site or changes in the existing one requires an exhausting manual process
  • Fully dependency on the internet service provider
  • Compromised Application Visibility and Security
  • Complicated and Static Network Configuration Management
  • The complete network failure, since, the backup link has come from the single ISP

This model that included improper usage of bandwidth and degraded productivity has driven the urge of a newer intelligent Software-Defined model for the WAN, i.e. the SD-WAN. And, these are the reasons that SD-WAN technology replaces MPLS. With this SDN approach come into being, a myriad of changes happens.

So, let us have a quick glance over those good changes with SD-WAN.

Transformations with SD-WAN

  • Separates the data plane and the control plane of the network
  • Centralized Orchestration, Control, and Zero Touch Provisioning (ZTP)
  • Deployed in branch offices and data centers in an organized way
  • Associating the cloud technology and mobile computing
  • Monetary savings come from infrastructure and transport cost
  • Improving Operational Efficiencies
  • Enabling agility and streamlining
  • End-to-End encryption over the entire network

These are some of the goods of SD-WAN technology when it is added to your WAN network.

No doubt, software-defined WAN offers an assortment of perks not only to the organizations but also gives a pavement to the next technology.


“Unified Communication” is an eminent terminology in the current era. Yes, SD-WAN also plays a pivotal role in enhancing its essence in the technology market. You can gather more information regarding this subject at- How SD-WAN Improves Unified Communications. You can take the best help from here to accelerate communication & collaboration among your multiple geographical locations.

SD-WAN Diagram


SD-WAN Architecture

SD-WAN Architecture

The architecture is defined as the complete art and science of an object. And, most of all, it is created with the intention to help and secure people.

SD-WAN Architecture is here to make businesses aware of the blueprint of how SD-WAN works graphically. Since the bandwidth mismanagement is the most crucial factor, so, but obvious, the right bandwidth allocation is the element that is focused on the illustration.

Initiating from the cloud to the agile environment to streamlining the process to the right bandwidth allotment- everything is covered, keeping the business requirement on the account. So, what you need to do is to palpate your business provisions and then acknowledge the SD-WAN architecture. If you want to optimize your network performance, then SD-WAN architecture is the key to the upgraded user experience.

How does SD-WAN Work?

The objective of the inclusion of SD-WAN is to connect the end-users and the applications, no matter where the application resides (even on the cloud). And, the networking approach may vary from MPLS to broadband to 4GLTE. The application runs on the basis of priority, performance, and QoS. In fact, the critical-mission applications are given the most priority and rest follow them.

Precisely, what matters is- how does SD-WAN work to improve business productivity, end-user quality experience, and along with the overall reduced cost.

Free Download: Increase your WAN insight to fit your high-level needs using this SD-WAN Playbook.

SD-WAN Features (Must-have)

SD-WAN has become the need of an hour today. Whether it’s a start-up or the SMEs, it is an essential component of your strategies. So, while opting for an SD-WAN model, just keep the following features into consideration. These will help you out in making your decision fast and correct.

  • Endpoints:

    Ensure that the SD-WAN solution must connect with every endpoint, such as- to any application, to any software, to other types of resources- IaaS/ SaaS or mobile users.

  • Encrypted Overlay Network:

    First, the traffic over the entire overlay network must be encrypted thoroughly to avoid any threats. And, the second part is that the overlay should be policy-driven.

  • Application-based Policies:

    The configurable policies must define for the applications, like- failover alternatives, and the maximum & minimum threshold for jitter, latency, and loss.

  • Policy-based Routing:

    SD-WAN must include those algorithms that can find out the most optimum path for a specific application, on the basis of the real-time statistics and the application- configured policies.

  • Data Services Independence:

    SD-WAN must connect with the multiple stations with various categories of internet data services, like- xDSL, 4G/LTE, fiber, cable, and hybrid deployments for the hybrid deployments.

  • Real-Time Monitoring:

    The equipment of SD-WAN must have the capability of collecting the real-time latency and the packet-loss statistics of the connected line.

  • Load Balancing:

    The load balancing technique manages multiple inbound and outbound traffic requests and makes sure that bandwidth will be properly utilized. If you are still keen to know more about the load balancing of SD-WAN, you will get the best keynotes, compiled for the users especially.

  • Resiliency:

    The SD-WAN must support redundancy and failover features. In fact, the network core must be full-fledged redundant with the users and should be automatically connected to the next POP (Point-of-Presence) in the case of any failure.

  • Dynamic Path Selection:

    Always be double sure that your SD-WAN has accommodated the real-time monitoring attribute. It studies the patterns, like- packet loss, latency, jitter, etc. And, according to that noted pattern, it selects the optimal channel among many so that the output will be productive and with no chaos.

  • Flexible Traffic Management:

    The control access and the traffic forwarding towards the WAN connections is a vital step, especially in the case of the limited bandwidth. So, ask your vendor for the support of the type of traffic shaping, rate limited, and the QoS (Quality of Service) between the user end and the provider’s edge.

SD-WAN Recommended Features

  • Advanced Security & VPN Features:

    Along with fundamental security features, it’s must that your SD-WAN have advanced security features as well. If networking and security are together equipped, then deployment will become easier, streamlined, and economical.

    In the absence of the advanced version of security attributes at the enterprise and its all branch stations, a threat always persists. That’s not meant to be there!

    So, always make sure that the following three pointers must be coupled with your SD-WAN:

      1. Next-Generation Firewall
      2. Secure Web Gateway
      3. Advanced Threat Protection

    For the branch locations:

      1. Local Security End Devices
      2. Virtual Network Function
      3. Firewall As A Service
  • Mobility Features:

    Mobility has become an indispensable element of the current technology era. It is actually a boon of the technology that has made the connection more interactive. This is the reason that mobility is a must-have component of SD-WAN.

    The inclusion of cloud makes mobility, the impossible-to-ignore component. It should be like- any SD-WAN should be in sync with the mobile and other resources/ users, irrespective of the time and location.

    The mobile users’ devices should be integrated with the client’s software to connect with SD-WAN securely. The next step is that the mobile user must be backed up with the same security policies, optimized routing, and management controls, as the office users possess.

    So, the following features should be there:

      1. Automatic Ideal Route Selection
      2. Advanced Security Parameter
      3. Access Control
  • Management Features:

    The control and management console is the must-checked element of SD-WAN. After all, it is the base of making all operations congestion-free and streamlined. It should be equipped with all routing policies, centralized management protocols, and access controls to watch and track the entire process.

    Hence, the following features must be the add-ons to the SD-WAN model.

      1. Management Protocols and APIs
      2. Analytics Engine and Integration
      3. Detailed Usage Metrics
      4. Comprehensive Real-Time Visibility
      5. Application-based Policies Definition

SD-WAN Deployment

Once you are acknowledged with all features of SD-WAN, it’s time to move towards the SD-WAN deployment. It’s true that no two SD-WAN models are designed and deployed equivalently. Each of them has its own considerations that are based on the enterprise network structure, the requirements, and the budget also.

Thereby, to acquire a full-fledged functional SD-WAN overlay, you need to consider the following imperative steps.

  • Number of remote sites
  • Right-size the deployment model (on basis of end-users count and expected WAN usage)
  • Assess all the applications, services, and workloads
  • Find out the available WAN connectivity options
  • Selection of a deployment model
  • Pre-plan for post-deployment WAN data-flow collection
  • Constant improvement w.r.t the analytics

In short, these are some pointers on the basis of which an enterprise can easily get the way to right SD-WAN deployment. If you want to dive deeper into the details of these points, then click here.

Frequently Asked Questions

What is the difference between WAN and SD-WAN?

WAN and SD-WAN are different approaches of the networking & security landscape. It’s actually a buzz that traditional WANs have some sort of issues, like the distributed configurations, the failover provisions, devices policies, slow deployment, and limitations in data centers.

SD-WAN overcome these issues by having a single simplified/ unified configuration, fast failover, the centralized management/ control, the fast deployment, and no restrictions on the underlying hardware.

In the nutshell, the SD-WAN is the crucial technology for enterprises with advanced capabilities within the internet and on the cloud, that the legacy WANs didn’t have.

Does SD-WAN work on layer 3?

Actually, it depends on a specific model that you are using with your SD-WAN. Let’s say- if you are using the Cisco one, then it will work on Layer 3; if it is Fortinet, then it works from Layer 3 - Layer 7; and the Martello is a Layer-2 device, and can also work on Layer 3.

Is SD-WAN better than MPLS?

Yes, it’s true. MPLS or Multiprotocol Label Switching is a known networking technique for traffic flow over WANs. It actually refines the flow that circulates across WANs and the service provider’s network.

MPLS is eminent, and it has some reasons. It maintains the quality of data during flow and has not acknowledged the term- “packet loss”. However, the bandwidth cost takes it down the way.

Here, comes the SD-WAN that reduces the overall operational expenditure, including the bandwidth cost. In fact, it is the flawless solution for enterprises, which are looking for cloud-based WAN technologies, open, flexible, and bandwidth-specific. You can click on - SD-WAN vs MPLS to know how SD-WAN is overcoming the challenges of MPLS and is delivering the productive outcomes.

Can SD-WAN replace VPN?

SD-WAN is an upgraded version of VPN (Virtual Private Network), integrated with features, such as- network agility, safe remote access, granular cost, and reduced cost. It is just to differentiate from the traditional VPNs.

VPNs weren’t a step behind than SD-WAN. It provides the same level of traffic encryption and prioritization, and perfect for the businesses having a single IP backbone. However, the businesses having multiple stations require something more than a VPN. Here, SD-WAN comes with improved bandwidth/ throughput, overcoming the VPNs limitations.

Every business has its own strategy and requirement. Some businesses have a single IP channel, while others have their multiple offices situated remotely. So, go with the option after evaluating your business prerequisites. For your help, you can visit- SD-WAN vs VPN and make your decision faster.

Is the SD-WAN solution expensive?

It depends on your business infrastructure. If it has branches in the urban area, then the number of private WAN and/or broadband carriers is more; while, the bandwidth limitation issue persists in the rural areas.

Is SD-WAN secure?

Yes. It is not simply secured but also keeps your future changes & outputs secured and the best fit for your business.

Does SD-WAN connect data centers also?

Yes, it also connects the data centers along with the branch offices across miles.

What are SDN and SD-WAN?

SDN or Software Defined Networking is an approach with programmability to adapt to the dynamic business requirements. IT automation with centralized management is something that drives the business’s potentials successfully.
In terms of layers or planes, it separates the control or management function (plane) from the data forwarding function (plane) of the network.
SDN and SD-WAN are correlated, but different elements of the networking sphere. They are similar in ways:
1. The Centralized Management
2. Distributed Data Forwarding
3. Application-Driven Traffic Protocols
4. Low Operating Cost
5. Boosting Up the Application Performance
Today, the provisioning and automating IT infrastructure are its two vital pointers that are assisting millions of businesses in leveraging the tangible ROI. In short, Software-Defined Networking is pushing the enterprises and providing value to businesses.

Who are the top SD-WAN vendors (OEMs) in India?

Following SD-WAN vendors are most popular in India:
1. Cisco
2. Juniper
3. Fortinet
4. Citrix
For more details, you can contact us here.


Return to top