The next step in data’s evolution: Software-Defined WANs for the enterprise

As computing power increased, it was the server room which first saw the mainstream use of virtualization techniques that piggybacked the new hardware and software capabilities of abstraction.

Virtualized servers changed the way in which computing was physically deployed, making the OS and storage a virtualized service.

A single, powerful and well-equipped piece of hardware could represent many multiple instances of machines (images), creating a layer of software definition above the hardware which presented it according to demand.

Suddenly, rapidly elastic computing provision was a reality – this is the technology which helped power the rise of the cloud.

The benefits of highly scalable, on-demand infrastructure have since spread to network infrastructure with hyperconvergant technologies now becoming more common – if only as a part of the modern data center’s topology.

After virtual machines, virtualized desktops, and software-defined networking, the latest buzz phrase for enterprise IT is software-defined wide area networking. Often confused outside the IT department with CDNs (content delivery networks), SD-WAN technology is presenting the ability to the IT department to become a more strategic partner in the enterprise.

In practical business terms, what can SD-WANs offer? And how does such a seemingly complex technology stack present a simplified management system that can encompass the whole multi-site, complex network that runs many of today’s enterprises?

  • Benefit one: the bottom line

When a new edge deployment of a larger branch office is mooted to the IT department, the first call, traditionally, was always to the ISP, for a fast ADSL or MPLS line.

Turnaround times could run to weeks, especially for leased lines, and in some cases, there’d be a cost problem associated with over- or under-provision: either an MPLS would prove to be under-used, or a slower broadband service would creak under the strain of unexpected traffic, or need a synchronous connection where one hadn’t been provisioned.

With a software-defined WAN connection, intersite connections can be optimized, with the right capacity and bandwidth provided form a central controlling point. And, as needs change over time, unused or needed bandwidth can be assigned or moved from node to node – as the business dictates.

  • Benefit two – roll out, turn on

New edge deployments are easily configured and set up and running. With the correct providers of hardware & software, new branches can be connected by plugging in a couple of cables on site. With no truck-rolls, the new segment can come online quickly and seamlessly.

By the same methods, new cloud services (Azure, AWS, Google Cloud, etc.) can be spun up and integrated at will, with the increased compute, store and hosting capabilities amalgamated into the WAN.

  • Benefit three – application uptimes

With software abstraction of the entire network, IT departments can create per-application SLAs. How? With multiple hybrid links, traffic can be re-routed at will, and load-balancing for traffic can use prioritized routing.

  • Benefit four – keeping it safe

With an SD-WAN, all network traffic is internal, even when moving right across multiple hops across the globe.

The same security policies cover hybrid links, and any deployment of cyberdefenses can be applied anywhere in the agglomerated network.

In purest terms, there’s a reduced attack surface for attackers to address, plus segmentation is available on demand, as needed – think of quickly deployed, scalable VLANs irrespective of component parts. Whether it’s a new guest wireless provision at an event or trial IoT deployment, your security policies have it covered.

  • Benefit five – oversight and analytics

Rather than wait for users (and log files) to complain of poor service or overstretched resources, complete application and infrastructure visibility means that resources can be allocated as and where necessary, according to need.

There’s also the possibility of software-driven forecasting and what-if modeling. See the proposed results on your network of a new large branch site coming online, and plan its requirements before budgets are finalized.

The oversight and business-centric reporting from modern SD-WAN software give the enterprise insightful recommendations for changes in policy, based on real-life results and predictions, rather than on whim or “gut feeling.”

Here at Tech Wire Asia, we’ve looked at three providers of new software-defined WAN technologies that we think should be considered. If your enterprise is looking to improve its oversight and overall network management capabilities, look no further.


Founded only three years ago, Cato is undoubtedly a spring chicken compared to the other companies featured here. Its founders’ histories, however, point to the ideal make-up for a supplier of a modern, cloud and distributed infrastructure-as-a-service.: efficient application delivery, plus security baked in.

Cato Networks’ Cato Cloud SD-WAN differs from its competitors in several aspects. Cato runs its own global network, not just SD-WAN appliances. Firewall, IPS, and other network security capabilities are built into Cato Cloud; third-party security devices are not required. And Cato Cloud is self-healing, which means that instead of IT departments having to build-in redundancy with commensurate testing, the security and application layers of an enterprise’s functions merely continue to operate as the software configures itself around network problems.

Source: Cato Networks

The Cato Cloud Network is essentially an affordable, MPLS replacement. It creates an SLA-backed,  highly available   network from more than 40 points-of-presence (PoPs) worldwide. The PoPs are accessed by encrypted tunnels from Cato’s own SD-WAN devices and mobile client, as well as any product that supports IPsec. Access  to cloud data center services, such as AWS and Azure, is built-into Cato Cloud. .

With even the most modest digital transformation initiative entirely dependent on the network, you need a WAN-wide solution that provides the necessary control, right across the board.

You can read more about Cato Networks’ global SD-WAN services  that connect and secure sites, cloud resources and branch offices  by clicking here.


With much of the world still running on Cisco network hardware, the company is in a dominant position to deploy its software right across much of the enterprise’s existing provisions.

The company’s DNA (Digital Network Architecture) makes provisioning and managing distributed networks quick and straightforward. According to the company, results have shown a reduction in network provisioning time by 67 percent, issue resolution times reduced by up to 80 percent, reduced security breach impact by 48, and OPEX savings of 61 percent.

Source: Cisco

By leveraging Cisco’s Catalyst 9000 switch series and the Talos cyber intelligence system, even threats in encrypted traffic can be identified with very high (99 percent) degrees of accuracy.

The Cisco SD-WAN drops WAN costs on a per Mbps basis while boosting performance in access to crucial cloud services (from Office 365 to the enterprise’s own cloud-hosted applications). Additionally, uptime for connection to apps can justifiably be claimed to be 100 percent, as the abstraction layer can automatically reroute traffic onto available resources in real-time.

Cisco is one of the companies here that built itself on its hardware offering but is now realizing that the future lies in software abstraction of services. The massive investment by the major cloud providers in PaaS is a testament to the solidity of Cisco’s directional change, and the company is capitalizing on its well-deserved reputation for being the gold standard of networks – even in this abstracted age.


In an industry that’s fond of its grand statements, Nokia’s Nuage Networks recently announced what it terms SD-WAN 2.0, which the company defines as edge-to-edge unification.

Unlike several other providers which have been able to release SD-WAN offerings after acquisitions – and therefore a necessary stitching together of previously competing technologies – Nuage’s virtual network services (VNS) uses micro-segmentation that extends beyond the data center.

Nuage’s offerings support agnostic VNF (virtual network functions) on pretty much any of the same hardware already in place that will be running print services, call centers’ IP telephony and the like. This will keep the CAPEX costs down for any enterprise going down the Nokia/Nuage route.

Source: Nuage Networks

A single management interface can be used to manage the whole network: data center, edge nodes, branch offices, cloud provisions and so forth. In comparison to some SD-WAN suppliers, the same policy controller can be used to address abstracted systems both in the data center and the WAN – the solution is deployable just about anywhere (even on a temporary basis over LTE or 3G – at trade events and so on).

Nuage Networks’ network services gateway (NSG) is a prime example of plug-and-go deployment, where even complex, large branch office’s networking can be established and managed very quickly, meaning businesses no longer have to wait for new services to roll out over weeks.

*Some of the companies featured are commercial partners of Tech Wire Asia