Managed software-defined wide area network (SD-WAN) services is a software approach to managing and controlling the underlying enterprise network technologies to optimize costs and application performance. Underlying technologies can include direct internet access (DIA), wireless, broadband, Ethernet, and multi-protocol label switching (MPLS).
SD-WAN abstracts control and management functions from the data or traffic flows, thus allowing the controllers and management mechanisms to be placed in the edge, cloud, or traditional data center. Like Internet Protocol Security (IPsec), SD-WAN has tunnels that connect end-user devices to the controllers where the “intelligence” of the software can define traffic routes, priority, and management. These tunnels are for management of the data plane, not the actual traffic/data itself.
SD-WAN allows enterprises to mix wired and wireless connections, directing traffic over the optimal network technology based on the application need. Overall, the growing mix of providers and technologies – and the complexities of managing them all – pushes enterprises to the managed services space for SD-WAN.
The top five drivers for implementing SD-WAN per the 2021 Frost & Sullivan SD-WAN survey are to optimize IT resources, improve business productivity, improve customer experience, increase operational efficiency, and better support remote working.
Customer portals are essential tools and components of managed SD-WAN. Portals provide visibility, integration with enterprise IT service management suites, and tools to manage performance and service-level agreements (SLAs). The service provider and customer both benefit from portals, which track the customer journey from quote to order and help the provider by streamlining the quote-to-cash process and visibility.
Industry standards body MEF (formerly Metro Ethernet Forum) has established standards for SD-WAN service attributes. The providers that follow the MEF 70 SD-WAN standard and contribute to MEF 3.0 initiatives are the leaders in the space, providing the building blocks for this new era of software-defined networking (SDN).
In addition to MEF SD-WAN-specific efforts, the framework of Open Networking Automation Platform (ONAP) drives the integration of the portals. Per ONAP.org, “ONAP is a comprehensive platform for orchestration, management, and automation of network and edge computing services for network operators, cloud providers, and enterprises.” Customer portals and specifically SD-WAN reporting is the output of all these behind-the-scenes application programming interfaces (APIs) and integrations.
Frost & Sullivan found that most providers start their SDN journey with SD-WAN and then continue to offer more services including Secure Access Secure Edge (SASE), which represents the progression of SD-WAN, combining network services and security services such as firewalls, intrusion detection and prevention, and security gateways at the hubs and endpoints.
All providers are currently integrating their security, voice over IP (VoIP), and unified communication as a service (UCaaS) services in the service point of presence (PoP), often referred to as edge as well. It is where the clients have their SD-WAN tunnels terminated for management and control of the networks but also where the provider deploys the infrastructure that supports the virtual services.
For deployment within the PoP or customer edge location, service providers are positioning their own universal customer premises equipment (uCPE) as a vendor-agnostic device pre-engineered with the provider’s virtual network functions (VNFs).
As network function virtualization gains traction, the ability to configure VNFs on the uCPE, in the cloud, at the edge, or in any virtualized platform becomes crucial. Service providers are evolving the platforms to support network as a service (NaaS) thanks to the capability to seamlessly deploy and manage network functions on the client side or in the service PoP, as well as to connect and secure multi-edge compute platforms.
Worth noting is that most managed SD-WAN providers offer traditional security functions, including firewall, intrusion prevention system (IPS), and intrusion detection system (IDS) services, in both virtual and physical form factors. Most providers are offering or considering value-added security services as endpoint detection and response (EDR), managed detection and response (MDR), and overall extended detection and response (XDR) efforts. Artificial intelligence (AI) and machine learning (ML) tools give the provider visibility to the data and end-to-end network security and apply learnings from both the network they are observing and the collective knowledge of all customer networks.