SD-WAN Today and Tomorrow

[[429002]]

Traditional network technology faces eight major problems in solving enterprise cloud migration, employee office work, and branch interconnection:

1) Branch network infrastructure deployment takes a long time;

2) Deployment and operation and maintenance are complex;

3) High bandwidth cost and low utilization rate;

4) Multi-cloud architecture has limited cloud access;

5) Security and compliance management are complex;

6) There is a lack of effective means of visual control of application traffic;

7) Enterprises have little control over the WAN;

8) Cross-border service deployment is difficult and data security cannot be guaranteed.

SD-WAN technology solves these problems efficiently. SD-WAN has fast and agile networking capabilities and efficient and reliable one-stop service capabilities, and is widely regarded as the network cornerstone for the digital development of industries and enterprises. According to the concept given by CAICT, SD-WAN is the application of SDN technology within the scope of the wide area network, which separates traditional network control and data forwarding to provide users with on-demand network resources. SD-WAN is built on the existing physical network architecture to provide users with "unnoticed" network services.

Gartner identified four major characteristics of SD-WAN in 2017:

1) Support hybrid link access: Provides a lightweight solution to replace traditional WAN routers. The terminal supports deployment in branch offices in a variety of soft and hard forms and seamlessly supports a variety of mainstream transmission protocols and links (including MPLS, Internet, 4G/LTE, etc.).

2) Support dynamic link adjustment to ensure key application experience: according to business and enterprise application strategies, data transmission is scheduled to the optimal path in real time.

3) Enterprise WAN management and business startup are simple and efficient, supporting remote control and zero-touch deployment.

4) Support virtual private networks and other value-added services, such as WAN optimization, load balancing, packet replication, virtual firewalls, virtual security gateways, etc.

Current development

As a universal platform for enterprise networks, SD-WAN runs through the "cloud-edge-end" application, ensuring data sharing, application integration, and inherent security of various infrastructures in the new infrastructure. SD-WAN integrates cloud networks and fixed-mobile convergence, and is an important tool for the implementation of 5G and cloud-network integration in wide area networks. SASE, as the 2.0 stage of SD-WAN converged security services, integrates FWaaS, CASB, SWG, and ZTNA technologies to create enterprise digital security services. SD-WAN services use a global network infrastructure combined with data security, identity security, reliable transmission and other technologies to protect and maintain the free trade development of my country's overseas companies.

Since the commercial application of SD-WAN in 2017, the SD-WAN market has developed rapidly. According to the latest IDC report "China SD-WAN Market (Second Half of 2020) Tracking", the scale of China's SD-WAN market in 2020 is 100 million US dollars, with a growth rate of more than 50%; it is expected to grow at an annual compound growth rate of 61% in the next five years, and the market scale will reach 1.1 billion US dollars by 2025.

The domestic SD-WAN market has gathered dozens of suppliers, including traditional network vendors, security vendors, WAN optimization vendors, MSPs and cloud service providers. Consulting firm IDC divides the major factions of players into two categories: infrastructure and operation services based on the solutions provided by the vendors. Among them, infrastructure players occupy the main market.

From a global perspective, statistics show that 65% of network providers worldwide already provide SD-WAN, and 95% of network providers will provide SD-WAN services in the next 5-10 years.

Domestic industrial development

1) In terms of business supervision:

Through the Telecommunications Business Classification Catalog (2015 Edition), SD-WAN services are included in the scope of telecommunications business supervision. According to the Telecommunications Business Classification Catalog (2015 Edition), my country's SD-WAN service providers providing domestic SD-WAN services should have the qualification of domestic Internet virtual private network business (IP-virtual private network) (B13), and customize the Internet closed user group network service for domestic users; providing cross-border data communication services should have the business license of international communication facility service business (A11-4) and international data communication business (A14-4) (only three basic telecommunications enterprises - China Telecom, China Mobile, China Unicom) have it.

2) In terms of industry maturity assessment:

In order to promote the maturity and development of domestic SD-WAN technology, relevant organizations have carried out two industry tests in China, including the SD-WAN Ready test and the SD-WAN service evaluation.

Among them, "SD-WAN Ready" is organized and implemented by the SDN/NFV/AI Standards and Industry Promotion Committee (CCSA TC610), divided into 7 modules in three dimensions: services, overall solutions and edge devices, and built an SD-WAN benchmark test method system. A total of more than 50 companies participated, including telecom operators (China Telecom, China Mobile, China Unicom), SD-WAN service providers (HuaKe Cloud, Lingrui Lanxin, HKT, etc.), infrastructure providers (Huawei, Sangfor, etc.), SD-WAN solution providers (Cisco, H3C), etc.

SD-WAN service evaluation is a technical evaluation launched by CAICT and basic telecommunications operators in collaboration with industry equipment manufacturers and service providers, aiming to promote the healthy, orderly and sustainable development of the domestic SD-WAN service market. SD-WAN service evaluation focuses on SD-WAN service networking resources, service performance, service capabilities, business innovation and service sustainability.

3) In terms of standardization construction:

On July 21, 2021, the Computing and Network Convergence Standard Working Group of the China Institute of Communications held the first standard project review meeting to review the SD-WAN2.0 series of standards. Eight SD-WAN2.0 related standards, including the "General Technical Requirements for Software Defined Network (SD-WAN) 2.0", passed the project review. The SD-WAN 2.0 standard focuses on technologies such as intrinsic security, IPv6+Underlay deterministic experience guarantee, and multi-cloud access. The successful convening of the review meeting marks that the construction of my country's SD-WAN standard system has entered a new stage.

International Market

Looking at the international situation, many companies are actively promoting SD-WAN layout.

Aryaka acquires German SASE provider Secucloud. SASE is integrated into its SD-WAN product. At the same time, it invests in more PoPs around the world. The company recently opened a PoP in Dublin to expand the European market, and PoPs in Paris and Moscow are also about to be opened.

Cato Networks has achieved a 200% growth for four consecutive years, becoming a unicorn with a market value of over $1 billion. The company has designed a new integrated protocol stack that integrates network, security and cloud-first architecture. Cato has carried out in-depth cooperation with operator KDDI, and SASE has gradually been accepted by the target market.

Cisco packages its SASE components, including Viptela, Meraki, Cisco Umbrella, Duo, and ThousandEyes for assurance, to facilitate enterprise adoption. Cisco enhanced its SecureX cloud-native platform to help enterprises deal with new threats. Cisco links its SD-WAN cloud with Megaport's virtual edge to enhance backbone access.

Extreme Networks acquires Ipanema from Infovista for $73 million to enter the SD-WAN market.

Fortinet released the 7.0 mainline version of the software, integrating SD-WAN functions and ZTNA capabilities, accelerating the transformation from an NGFW provider to a SASE provider.

Juniper Networks integrates AI into SD-WAN by combining 128 technology solutions and the Mist AI platform. In addition, Juniper has integrated WAN security and Marvis virtual network assistant into 128 technology. Recently, Juniper released the Security Director Cloud portal to enter the SASE market.

HPE Silver Peak and Netskope have joined forces to enter the SASE market, simplifying the security deployment complexity for Silver Peak users with Netskope's cloud backend.

VMware has integrated Workspace One, Carbon Black Cloud, and VMware SASE into VMware Anywhere Workspace. VMware has integrated SD-WAN into Azure Virtual WAN Hub.

SD-WAN Development Trends

The current mainstream SD-WAN solution architecture is relatively closed, with a network infrastructure that integrates software and hardware, low utilization, and lacks agility, making it difficult to adapt to the future development needs of cloud networks. SD-WAN is gradually evolving towards the 2.0 stage, which integrates inherent security, IPv6+Underlay deterministic experience assurance, and multi-cloud access. SD-WAN2.0 provides enterprise sites with a series of network value-added services (VAS), as well as security services at the overall architecture level, fundamentally ensuring the security automation, digitization, borderlessness, and elasticity of end-to-end communications.

There are four major trends in the future development of SD-WAN:

1) More WAN links: In the wireless access provided by 5G, by combining 5G's high-speed transmission and slicing capabilities, the network will have ultra-large bandwidth, ultra-low latency, and massive connection capabilities. In the wireless access provided by satellites, the satellite's digital processing capabilities and its complete cross-beam and cross-band communication capabilities make the network architecture more flexible, maximizing the network throughput and spectrum efficiency.

2) LAN-WAN converged unified management: Extension to the LAN side is the evolution trend of SD-WAN. On the basis of the SD-WAN solution, LAN-side switches, APs, firewalls and other devices are introduced to achieve unified management of the controller, further simplify the complexity of management, increase the network visualization dimension, and facilitate network deployment and operation and maintenance. LAN-side access provides more possibilities for traffic and applications within the network. In addition to common access methods such as Ethernet and WiFi, WiFi6's LAN access method and IoT access terminal devices have brought more traffic and application types to SD-WAN. Through the linkage of QoS policies, the unified management of LAN and WAN provides higher guarantees for end-to-end application experience.

3) SD-WAN's open ecosystem: SD-WAN's open technologies include the opening of various components and the common customization of various protocols. In terms of networking structure, through the open platform solution, service providers can integrate their own applications and business logic into the core of the SD-WAN router. In terms of structural definition: through the northbound interface standard opened by the controller to the upper-layer business applications, the efficiency of upper-layer application development and resource orchestration is improved. In terms of software open technology, with the help of open source projects such as Mininet under OPNFV, SD-WAN can completely solve the problems of interoperability difficulties and vendor lock-in in traditional WANs, forming an open SD-WAN framework.

4) Multi-cloud connectivity enhancement: SD-WAN service providers improve service quality through more refined access control. When IaaS providers establish local service points in edge computing strategies, SD-WAN suppliers will provide traffic management capabilities to ensure that traffic flows to the best network service provider point (PoP) to ensure consistent quality of service (QoS). SD-WAN suppliers will continue to enhance and expand their network security products, including remote access, ZTNA, CASB and SIEM capabilities. It will also improve the ability to set unified security policies across remote links, branches, LAN and WAN access.