Over the past few years, enterprise Wide Area Networks (Wans) have focused on cloud-centric networks in their digital transformation to overcome new business requirements, such as COVID-19, which prompted the development of telecommuting models anytime, anywhere. Telecommuting involves a stable and reliable network environment between different office environments. In the past, there were two ways to solve these problems:

One is to use WAN technology, such as MPLS, which stands for multi-protocol label switching or obtaining leased optical fibers, commonly known as dedicated lines. This solution is highly reliable and can be customized to the company’s needs. But the premise is that it needs to be implemented from an ISP, and the cost is high. Here, if you need to access the Internet, traffic has to go through a data center, and there are security concerns.

The second option is to use the public Internet with protocols such as DMVPN to securely transfer corporate data over the Internet. This scheme is cost-effective but less reliable.

With the widespread adoption of cloud-based services by enterprises, there was a need for a highly reliable, highly scalable, and less costly solution, hence the SD-WAN.

Sd-wan, or software-defined wide area Network, is a software-based approach for managing wide area networks over large geographical distances.

SD – WAN characteristics

Sd-wan divides the base network into two layers: Underlay and Overlay. Underlay is the underlying network, responsible for the interconnection, ISP through the route. Overlay Virtualizes the Underlay network, distributes routing control and traffic scheduling through the SDN controller, and selects different routing protocols based on the enterprise networking scale or network topology.

  • Centralized control: The SD-WAN control layer abstracts physical network resources into independent logical networks by automatically obtaining network topology and other network resource data on the data forwarding side.
  • Network cloud collaboration: The traditional network cannot meet the quality requirements of internal network cloud, such as delay and packet loss, and there are security risks of data and information leakage. Sd-wan realizes the integration of cloud and network through the method of cloud on the private line of the enterprise, and then realizes the one-stop solution of connection service, communication service and cloud access value-added service.
  • Network access independent: Internet links are introduced based on the TRADITIONAL MPLS VPN WAN network to implement mixed links, and multiple links can be rationally utilized in active-standby or active-active intelligent uplink selection mode. In addition, the introduction of wireless WAN links (4G, 5G, satellite, etc.) provides greater deployment flexibility and reliability for SD-WAN.
  • Elastic SD-WAN: Combined with SRv6 technology, SD-WAN supports tunnel technologies such as VxLAN, GRE, and IPSec in Overlay, promotes the integration of Overlay and Underlay, and provides network programming capability.
  • Integrated LAN and WAN management: Integrates LAN switches, aps, and firewalls into the unified management of controllers, simplifying management and enhancing network visualization to facilitate network deployment, operation and maintenance (O&M).

Sd-wan and SASE fusion

What you’re seeing in the cloud investment space is a new trend of unified digital transformation, integrating networking and security capabilities.

First introduced in 2014, SD-WAN, or software-defined Wide area Network (WAN), is a next-generation technology that can control enterprise network connectivity, management, and services over WAN, reducing costs while improving network performance. But SD-WAN solutions often lack management of security modules, forcing many enterprises implementing SD-WAN to maintain their existing security infrastructure.

In 2019, SASE, or Secure Access Service Edge, is a new architecture that addresses this shortcoming in enterprise network security. This is a technology derived from the same core values of SD-WAN, but applied to hybrid networks or security models, enabling enterprises to adopt zero-trust anywhere working models. However, SASE is not a complete solution and networking technologies like SD-WAN are needed to ensure that the entire enterprise network, from physical locations to the cloud, is reachable.

The convergence between sD-WAN and SASE’s obvious networking and security features is something to look forward to. While the SASE offerings on the market are often all-inclusive bundles, many businesses are not yet ready to make a full switch, despite interest in some of the advantages. Some customers still need a separate network and security architecture, while others want an SD-WAN without security, or a new firewall with the same network topology.

The potential impact will be in the IT industry

Based on expertise in the industry, when new technologies or methods emerge, enterprises that see a need for such capabilities and innovation have a high adoption rate, while more common enterprises require more information, cases, and facts. Whenever enterprises embrace the convergence of networking and security, this is the new network norm. In the coming years, almost all businesses are expected to integrate SD-WAN and SASE to some extent as traditional network infrastructure becomes outdated and costly to maintain, especially in traditional industries. In addition, the transition to next-generation technologies will be further simplified as suppliers continue to fine-tune their products to reflect current demand and market trends, making the transition more acceptable to the market.

The convergence between networking and security has created new uncharted territory, causing companies to shift their focus from large suppliers to niche solution providers.

5G, ARTIFICIAL intelligence and automation will affect SD-WAN and SASE

An important part of the network life cycle is optimization, and enterprises are always looking for new ways to optimize their network environment performance and reduce costs. Providers are starting to leverage 5G and artificial intelligence (AI) to further enhance their offerings, combining 5G to further extend the capabilities of SD-WAN and AI to support the massive influx of metadata from contemporary network architectures. While it is uncertain when these technological enhancements will appear in products, it only takes one vendor to bring them to market for a domino effect to occur. So, the real question is — who will provide it first? But it’s safe to say that this is the future of the web.

The future of SASE and SD-WAN

In many ways, COVID-19 has been a catalyst for the anytime, anywhere approach that has led to the growth of telecommuting. Even most office-based businesses have found ways to support demand. Whether enterprises are adding or implementing new network architectures, SD-WAN is the cutting edge choice for expanding the number of locations with light edge devices by adding SASE to protect network edges.

Sd-wan may have more, as IT is based on software definition principles that apply to other components of the IT infrastructure. For example, there has been steady growth in the SD-Branch architecture, which applies choreography, centralized configuration files, and end-to-end visibility to other components of a Branch office infrastructure, including LAN and wireless.

Given that SASE is new to the industry, hopefully vendors will be able to do a lot of work on their products, resulting in new adoption, enhanced functionality and performance. That means SASE will continue to be in the spotlight for years to come. In addition, expect to see a plateau in SASE adoption as many enterprises adopt SASE quickly, ignoring optimizations and associated costs to ensure business operations remain viable in the event of a pandemic. As a result, you will see enterprises shift their focus from SASE adoption to optimization — performance improvement and cost savings.