Blueprint: What’s Wrong with the WAN?

by Khalid Raza, CTO, Viptela

Today’s WANs are built on largely the same infrastructure as they were 10 years ago.  Back then, demands by users and applications were more predictable, resulting in more expected traffic patterns and bandwidth requirements.  And there was no cloud.  And there was no virtualization.

But things are different today.  Delay-sensitive real-time applications such as VoIP and video are now enterprise staples. Network traffic patterns are shifting due to the cloud, data center consolidation, and remote and mobile workers. Added to this are the performance burdens introduced by desktop, server, and application virtualization. The result? Network professionals are having major challenges with traditional, rigid WAN architectures that cannot meet the demands of today's traffic and applications.

What’s more, the cloud has upset the status quo in which the data center is at the hub of the network.  Today's public, private, and hybrid cloud environments are expanding the boundaries of the enterprise network. As a result, ensuring connectivity and security across an enterprise is an extremely arduous task, and rolling out a new service for WAN users in this much more complex environment can take months.

The enterprise architect’s list of priorities is long, including:

• Delivering and managing connectivity across such disparate transport networks as MPLS, Broadband, LTE, and Metro Ethernet
• Embedding policy and control at every hop in the network 
• Mitigating network security vulnerabilities created by inadequate network-wide segmentation and weak encryption policies 
• Dealing with long lead times to provisioning new applications 
• Managing perennial performance issues related to public cloud, VDI, and bandwidth-hungry applications

WAN the New Way

Solving the aforementioned WAN challenges without added distributed complexity requires a comprehensive yet simpler approach. This is where Software-Defined WANs (SD-WANs) becomes an effective approach for the network architect. Essentially SD-WANs solve challenges related to scalability, performance, and rigidity.  And best of all the cost arbitrage between MPLS and broadband make this a compelling approach, with 50% savings right from the start. The essential building blocks of an SD-WAN are:

• An encrypted overlay of MPLS and broadband 
• Integrated routing and application-aware traffic steering
• End-to-end network segmentation 
• Centralized management of policy and control 
• Optimization of Layer4 – Layer7 network services and cloud applications 

The end result is an enterprise network that is agile and easy to control, and that provides secure segmentation of traffic from different lines of business and business partners. A network built in this fashion enables CIOs to significantly reduce costs, dramatically improve time required to enable new services, and raise the security threshold across the network.

Apart from improved capacity on the network, some use-cases for SD-WANs include:

• Guest Wi-Fi.  In industries such as hospitality and healthcare, where guests are granted access to the corporate network, IT needs the flexibility to establish a secure network segment that provides specific services to guests while keeping them isolated.
• Cloud performance. In addition to increased capacity, cloud performance is determined by efficient routes to the service provider. SD-WANs enable aggregated exit points to the Internet with local peering in colo facilities, bringing down latencies by more than 50% typically. 
• Business partners. Business partners may require access to portions of the enterprise networks, but are isolated from all sensitive content. Network-wide segmentation with centralized policies can prevent those risks.

Given today’s more complex networks, combined with the diversity of new devices accessing data on corporate networks, legacy WAN architectures are quickly becoming antiquated. Clearly, the range of benefits from a secure, high-performance WAN is immense across a wide range of applications.

About the Author

Khalid Raza is a co-founder and CTO at Viptela, a Sequoia-funded technology company focused on SD-WAN. He was a former Distinguished Engineer at Cisco and widely regarded as a visionary in Networking. In a career spanning over 20 years, Khalid has played an instrumental role in architecting the network infrastructure for Fortune 100 companies and Global Tier-1 carriers.

About Viptela

Viptela, Inc. is a software-centric networking company focused on transforming how Fortune-500 companies build and secure their end-to-end network infrastructure. Viptela improves the security, agility and performance of corporate IP networks for next-generation business applications. Viptela was founded in 2012 by a team of top-tier talent from Cisco, Juniper Networks,
Alcatel-Lucent, and VMware, who have decades of experience delivering multi-billion dollar networking products to market, and, architecting many of the largest and most complex networks in the world. Viptela is backed by Sequoia Capital and headquartered in San Jose, CA. For more information, visit: www.viptela.com