What is SD-WAN? Top Ten Things You Need to Know

08-02-2021_wide_what-is-sd-wan.jpg

10. SD-WAN Definition

Anyone who types “What is SD WAN?” into the search bar, looking for a simple definition, might soon stumble headlong into a sea of vendors, carriers, and providers touting diverse features and benefits, Gartner magic quadrants, and the sort of security concerns that accompany new technology. Our engineers explained that SD-WAN is a marketing term that can mean several things. On the surface, SD-WAN stands for “Software Defined Wide Area Network” which is proof that technical people are bad at naming things. We apologize for this. To make it up to you, let’s demystify this a little bit together.

A wide area network is a public one. The internet. The outside of the firewall. When we say it’s a software defined one of those, we mean that we’re managing the internet connection with external intelligence. This is a shift, because since the beginning of public networks, all of the intelligence was generally inside the expensive box you purchased. This is also true of classic router based solutions like MPLS and VPN. With SD-WAN, like many other solutions that reside in the cloud, the intelligent part of the solution is coming from somewhere else. That’s increasingly true of a lot of things lately.

9. Dumber Hardware, Smarter Cloud.

One of the weird paradoxes about “enterprise” IT is that the better hardware is simpler and dumber and does fewer things when compared to consumer grade residential information technology. If residential gear is like McDonalds, enterprise gear is more like In-n-Out burger. It does only one thing over and over, quickly and reliably. Quality you can taste.

The residential WAN gateway at your house is running millions of lines of code with insanely complex logic. It’s a radio transceiver, a web server, a DHCP server, a firewall, an authentication server, a router, and potentially many other things. Conversely, the firewall at your office is essentially running a set of instructions that says something like “always say no to everything always, unless this special thing happens.” Computers respond more predictably when we give them simple instructions. SD-WAN takes this logic one step further by abstracting internet connection management from the firewall and doing a much better job of it.

This principle is one of the reasons SD-WAN is special. These devices are intentionally very dumb. They really can’t do anything on their own without an internet connection, but as soon as you connect them to a WAN, they register with a controller in the cloud, and that remote controller starts using software to do amazing things for us. This design also means the tangible part of the solution is relatively disposable. The device is easier to deploy than a desktop computer, and can usually be plugged in by any end user with a reasonable degree of hand-eye coordination and a pulse.

8. SD-WAN Holds Internet Providers Accountable

For a long time, the ISP was a black box. And they liked it that way. Our technicians find themselves calling ISP support a lot, and those cats run the same play every time. Step one: they blame us/you, because the issue couldn’t possibly be on their end. Everything looks fine on their monitor that only they can see. Step two: if you won’t accept that answer, reset the modem or gateway. Step three: hooray, you get a new modem, because there definitely isn’t an entire super-complex network behind that device. Net, by the time the new modem arrives, the underlying condition has usually been resolved surreptitiously by someone in a network operations center. If the problem still exists, you can’t be mad because they’ve done absolutely everything they can do for you. It’s a terrible, unsatisfying, misleading, borderline malevolent process, but until SD-WAN existed, that was the hand we were all dealt.

7. Better Reporting

What if I told you that SD-WAN tells us in real time exactly how well each internet connection is working? That way, when we call the internet provider, we can tell them that it doesn’t appear to be the modem, but that there is sustained packet loss and latency happening on 20 minute intervals for a period of about 30 seconds, and we can e-mail them a chart demonstrating how often their network is failing? Game changing in terms of how long it takes to get issues resolved, and ends the running-in-circles unsatisfying chicken dance of replacing the modem every 6-9 months in areas where the network performs poorly due to over-provisioning by the internet provider. I was sold right there, but the story gets even better.

Remember what it was like to watch the season finale, and then wait several days for the next episode to show up in the mail?

Remember what it was like to watch the season finale, and then wait several days for the next episode to show up in the mail?

6. Delivers on the Promise of QOS

Until Netflix stopped mailing out the red envelopes, most of the traffic on the internet was TCP traffic. TCP is a great way to send a file, because it has built in error correction. One computer sends packets to another, and the receiving computer checks everything for accuracy. If some block of data is a little jumbled, it politely asks the sending computer to repeat that part until it checks out. That way the PDF of your quarterly financials that you send to your accountant doesn’t have pixelated garbage or cyrillic ASCII artifacts in it, even if you sent them from an airplane with nearly unusable satellite internet. When you want to do something in real time, like video or voice communication, error correction does more harm than good. You want the routers to just barf out all the traffic as fast as they can without worrying too much about accuracy, because delays on a voice call are more noticeable than imperfection. That’s what UDP is for. (This is also why your softphone might stutter when you’re on a full tunnel TCP vpn.) SD-WAN can look at not just whether something is TCP or UDP, but can identify and prioritize the service based on other factors such as destination or packet headers, or even time of day so certain types of urgent data can be prioritized. DNS requests, voice and video, stock trades, medical data, lots of sorting criteria can be applied in an automated fashion so that the important stuff gets sent first, and it gives us tremendous control over these factors. This is why some voice providers are now aggressively promoting their own SD-WAN services. It makes their voice service work better and gives them unprecedented control over the network.

5. SD-WAN Relays Traffic Through a Remote Datacenter

The way this usually works is that instead of having your traffic go direct to your carrier’s gateway, it ships everything off to a remote datacenter for distribution. This means that regardless which of your internet connections you’re using at any given moment, internet services see your traffic coming from the same public IP address. This means you can change ISPs as frequently as you want to without impacting uptime. Now this is getting interesting. Technically, you can skip over this part and still call it “SD-WAN” but then what’s the point? You would miss out on almost all of the benefits. This is the key to the entire thing.

4. Hidden Cost Alert

But there’s a catch. SD-WAN delivers on some big promises, but to do that, it requires you to relay your traffic through a remote datacenter. If you set up your own SD-WAN solution in Azure, AWS, or even a private datacenter, it can become unpredictably expensive to route that traffic. Some providers manage this by only sending certain sensitive types of traffic through the datacenter. Some hardware vendors are quiet during the sales cycle about how this part of the sausage is made, leaving well-intentioned sysadmins and their intimidating CFOs to figure it out after they’re already locked into a large nonrefundable capital expense. One of the things that we put a lot of thought into when we designed our SD-WAN solution was how we can deliver a straightforward fixed price that doesn’t fluctuate wildly if everyone in the office starts streaming the Olympics.

3. Carriers Put Their Hand on the Scale

Legacy carriers saw SD-WAN coming, and they turned it into a weapon. Because they have the expensive part of the design in their wheelhouse already, they often compete on price, because the cost of the remote datacenter is something they’ve already capitalized and recouped with their other services. In other words, Your local cable internet provider doesn’t have to rent bandwidth from Amazon to relay your traffic through a remote datacenter, but anyone else would. This way, when fiber, Elon’s satellites, and 5g become widely available, you’ll still be a loyal customer of the cable company, forever, because changing out your SDWAN would be expensive and difficult. Ideally, an SD-WAN solution should be carrier agnostic. If you’re buying SD-WAN from an ISP or carrier, make sure the savings are worth this tradeoff.

Few things are more impressive than a robot made out of robots, but SDWAN is one of them.

Few things are more impressive than a robot made out of robots, but SDWAN is one of them.

2. Bonding

SD-WAN is wildly popular in retail operations right now. Imagine you own a bunch of service stations along a dilapidated interstate. You might be able to get some DSL, some satellite, some aging LTE or third generation cellular. SD-WAN allows each service station to take several iffy and inexpensive circuits and assemble them like Voltron. (Pictured above.) Maybe the Speedee Mart on I-86 can get 9Mbps of cellular that works 80% of the time, 6Mbps of DSL that works 95% of the time, and 50Mbps of satellite internet that has 200ms of latency and can’t be used for voice calls. SD-WAN can puree that mess into 65Mbps of download speed with low latency and reliable VOIP. Sorcery.

1. SD-WAN Saves The Children

But here’s why you really want this: That Speedee Mart is online and processing credit card transactions with no calls to the helpdesk if ONE of those connections is passing traffic. So Speedee Mart’s managed service provider can transparently reset, troubleshoot, and remediate issues with their internet providers one at a time, but there’s never a moment when the clerk will have to break out the carbon paper in order to sell gasoline and questionable beef jerky. Despite a lack of reliable internet service, they experience 100% uptime because of SD-WAN. Basic failover was available in 2016, but because the public IP changed every time it activated, it caused a lot of 2 minute outages while phones re-registered and VPN tunnels reset. Not so bad if the primary connection stays dead for a week, but if it’s going up and down like a see saw during an earthquake, the connection is going to seem down more than it’s up, and that makes everyone grumpy. SD-WAN does what everyone thought failover could do, which is the very best thing about it. Services work better, and the connection just doesn’t ever die, which makes our support hotline ring less, which means we all can get more work done.

As you can probably tell, we love talking about this stuff, so don’t be shy about calling to chat. Furthermore, if you’re interested in a turn-key solution that gives you the best of SD-WAN with minimal hassle at a reasonable fixed price with a great team behind it, let’s have a conversation about how we can put SD-WAN to work for your business.