There has been continued industry focus on Software Defined Networking this year, with all the big vendors demonstrating how to use their SDN and Network Function Virtualization (NFV) technologies in the cloud and enterprise datacenters. This post highlights how Peplink technologies can provide a software defined WAN (SD-WAN) to the enterprise as part of a SDN.

What is SDN?

Software Defined Networking is a process of abstraction where network administrators can manage complicated network infrastructures from a central location making decisions about logic traffic flow and direction. Decisions made in this central location (also called the control plane) are converted into configurations and settings that are passed to the physical devices that interact with the traffic – the data plane.

I saw SDN first when using server virtualization in vmware and I think this is a good simple example that demonstrates the power of SDN. Whenever I set up a Vmware physical host server I would always use a good number of physical network cards, 6 or 8 depending on budget. These physical ports could then be used for different network traffic types. At least a pair would be for the virtual machine’s application network traffic (citrix and email and file transfer), then a pair would be used for iSCSI SAN connectivity (the backend storage the VMs all ran from) and then there would be others used for the vmware management console and vmotion traffic etc.

Importantly all of the configuration of the network interfaces and the decisions about what traffic used which physical interface were made by configuring ‘virtual switches’ logical virtual devices that simplified the representation of the underlying physical connectivity.

The benefit of course is that if you need to add additional network interface cards, or when you change from 1Gb NICs to 10Gb interfaces, you don’t have to reconfigure the network settings of all of the 100 VMs on the host – just update the settings on a single virtual switch.

The Software Defined Wide Area Network (SD-WAN)

And here we are at the meat of this post – SD-WAN (which is a sub category of SDN really) is a solution that employs centrally managed WAN edge devices in branch offices that establish logical connections with with other branch edge devices. Or in other words, a wide area network where the configuration and settings that control the flow of traffic between remote locations are managed from a central controller.

Gartner’s SD-WAN definition requires that vendors meet four key requirements.

  1. SD-WAN solutions provide a lightweight replacement for traditional WAN routers, and are agnostic to WAN transport technologies (that is, they support MPLS, Internet, Long Term Evolution [LTE], etc.).
  2. Based on business and/or application policies, SD-WAN solutions allow for load sharing of traffic across multiple WAN connections in an efficient and dynamic fashion.
  3. SD-WAN solutions dramatically simplify the complexity associated with management, configuration and orchestration of WANs.
  4. SD-WAN solutions must provide secure VPNs, and have the ability to integrate additional network services and offload Internet-destined traffic closer to the edge of the network.

Peplink fulfills that definition in the following ways:

  1. With a full range of Multi-WAN products that are not only WAN link agnostic but simplify the use of MPLS, xDSL, Fiber, 3G/4G/LTE and Wifi as a WAN, Peplink routers have been designed from the start as intelligent multi-WAN capable devices providing full WAN virtualization capabilities.
  2. Peplink Multi-WAN Products support the use of 7 different load balancing algorithms as well as really easy prioritisation of WAN usage as well as bandwidth monitoring and scheduled usage profiles.
  3. Using InControl 2, complex global WAN deployments can be visualised, managed and reported on centrally via a single web interface. Automated point to point, partial and fully meshed WAN topologies can be automatically configured too, making InControl one of the most powerful SD-WAN tools available today – and a perfect fit for all sizes of business and Managed Service Providers too.
  4. Peplink’s VPN technologies use 256bit AES encryption by default, securing corporate data between branch offices. The powerful – yet easy to configure outbound policies allow for fine granular control of traffic leaving a branch office device. You can choose to force all outbound traffic to go out over a site to site VPN link (to subsequently break out to the internet at a central location) or break out to the internet locally to reduce the amount of site to site traffic. Using outbound policies you can also be very selective about how network traffic is managed and directed across the WAN, perhaps choosing to send all VoIP traffic over the reliable bonded VPN connection and everything else direct to the internet for example.

InControl 2 –  the SD-WAN Controller

InControl 2 is Peplink’s cloud based device management, monitoring, and reporting tool designed specifically for Peplink and Pepwave devices.

The full range of Peplink devices can be registered for InControl 2 providing advanced administration tools, unprecedented device visibility, and comprehensive reporting.

The key tool from an SD-WAN perspective is the VPN configuration tool which allows for fully automated secure WAN configuration. Below is a quick video showing how that works.

incontrol2-video-automated-vpn

 

Visit www.peplink.com to learn more about WAN virtualization, VPN Bonding, Load balancing and SD-WAN.