Today’s business-critical applications run over internet connections bridging the world, on multiple architectures and in numerous settings — in the cloud, on edge installations, in data centers, and hybrid combinations of all of these. Business agility requires that each application or service instance remains elastic — in theory, from one day to the next, a critical application could move from a private cloud to a remote edge location, for example.

However, traditional wide-area network architectures were never optimized for this degree of flexibility. They can be constrained by limited bandwidth (to and from branch offices, for instance), possess limited security facilities, and be highly complex, like in bonded connections or when multiple VPNs need to be kept standing.

The upshot of this situation is an overall fragility and an inability to respond safely to the business’s needs. The physical constraints that the IT function works with can be a serious obstacle, one that’s historically required enormous investment to address. To get around a limited budget and few options, most companies have had impossible choices: ordering dozens of MPLS connections, dialing down security to wring the last bits of performance from the existing facilities, or limiting access to facilities for specific personnel who just happen to be in the wrong part of the country.

Putting security first

Businesses can, therefore, face unpredictable application experiences for users, so productivity levels fluctuate. Workarounds to surmount difficult situations are never optimal and open the business up to threats it should avoid. For broader business strategy, choices could be limited too (branch offices unable to use the SaaS offerings the rest of the business might, for example), and IT personnel find themselves maintaining complex systems just so the enterprise can “tread water,” as opposed to surging ahead.

The answer to differing levels of connectivity across the business lies in SD-WAN technologies, which create a network structure that is homogeneous and safe. SD-WANs can be controlled centrally and be altered quickly, according to the business’s need. The overall point of control is also the single place where security policy can be overseen for literally thousands of sites if required. As many security policies as needed can be rolled out across the entire network without manual configuration headaches.

Security functions in IT in 2019 were aware that perimeter security policies were less relevant than a few years previously, but 2020 accelerated the change in network shape. The recent scattering of most organizations’ workforces has shown to even the least technologically fluent decision maker exactly how wide a wide-area network must extend. Enabling remote work, ensuring edge connections’ viability, and protecting the data center and cloud access: that’s a tall order for any IT department that has to configure network access manually.

It is practically possible to hand-configure separate WAFs (web application firewalls), zero-trust environments, intrusion detection systems for the data center, and endpoint security software. But humans make mistakes; things get missed or forgotten, situations change, and the larger enterprise becomes more prone to risk. Plus, security posture pretty much has to remain static — not ideal.

The creation of trusted working spaces is a critical role for SD-WAN, whether that work takes place remotely, at a branch location, or in the cloud. The technology creates an overlay fabric covering all the distributed resources (people included) that comprise today’s networks.

The cloud solution & the distributed network

The fluctuations in service quality caused by factors outside IT’s direct control are removed by SD-WAN, so user productivity is boosted and predictable. Plus, the totality of the extended enterprise network can be subject to real-time analytics so further optimizations can be adequately planned according to the business’s requirements.

The one unifying factor in terms of IT frameworks is almost invariably the cloud. Few businesses or organizations today use no cloud services at all, and many base an increasing proportion of their IT in various cloud environments. It’s a logical continuation, therefore, that SD-WAN is best organized and deployed from the cloud.

Modern providers, such as VeloCloud from VMware, use the cloud as the hub from which the fabric overlay is rolled out. Remote edge installations such as branch offices, distant facilities, or remote workers become part of the broader network, with SD-WAN providing access to any application or service in even the most complex multi-cloud environments.

An automated platform in the form of a simple piece of hardware connects remote branches into the global wide area network. Its automated systems mean fewer remote IT visits and better working and productivity away from any central point. These connected nodes and all enterprise network elements can be optimized for throughput according to business needs, and expensive connection solutions like leased lines (MPLS) are no longer necessary.

The visibility of all parts of the WAN gives both the IT function and other internal stakeholders the insights needed into how systems are performing, where work needs to be concentrated, and how best to resource new products, services, and outcomes.

The evolution of technology in the data center over the last few years has led to software-defined networking. Now it’s the turn of the wide-area network. The bottlenecks and security problems associated with complexity can be abstracted away and centrally managed. Here at Tech Wire Asia, we recommend checking back here for an in-depth look at the VeloCloud SD-WAN solution. But until we publish, check out this page for more insight.