VMware SD-WAN by VeloCloud Optimizes Edge Device Connectivity

VMware SD-WAN by VeloCloud prioritizes centralized, policy-based management and the ability to convert consumer-grade Internet connections into enterprise WAN links. The product enables enterprises to place edge devices closer to end users, which can present connectivity issues if it relies on a single consumer-based Internet service.

[[393846]]

Multiprotocol Label Switching (MPLS) WAN circuits are expensive and require a subscription-based service for each connected site. Software-defined WAN (SD-WAN) with consumer-grade Internet can significantly reduce WAN costs per site per month.

To avoid operational complexity, VMware SD-WAN by VeloCloud uses policy-based management. The SD-WAN policy engine is a cloud-based software called VeloCloud Orchestrator that enables the system to apply the same policy to multiple physical devices (called edge devices) in multiple locations. Edge devices check in with Orchestrator every few seconds to retrieve policy updates and report statistics.

Policies define how edge devices connect and control security, bandwidth, redundancy, and network paths between devices and the internet. VMWare SD-WAN by VeloCloud is highly automated, but it has its drawbacks.

Enterprises rolling out VMware SD-WAN at existing sites should exercise careful management; enterprises can gain the most value through broad deployment. This is true for any new WAN technology, as transitions can sometimes be complex. VMware SD-WAN supports a mix of existing MPLS circuits and Internet connections to assist in the transition process.

Optimizing SD-WAN for Edge Computing

Edge computing involves placing enterprise applications close to end users – outside the data center. The technology is like older branch office or retail store deployments, where applications are placed in offices without dedicated IT staff.

In the post-COVID-19 period, businesses will continue to maintain a “work from home” policy, and employees will need to access corporate applications and security policies from their home offices. Edge computing allows businesses to bring applications closer to employees by placing servers in a colocation data center near their home offices.

Another use case is remote sites that don't have IT staff and must access central enterprise resources to run applications. Enterprises can deploy VMware SD-WAN to each edge location (where these physical routers are located), and the central WAN team can control it using the Orchestrator console.

The physical edge devices are end-user deployable, meaning an administrator can click an email link from a laptop connected to the deployed edge to activate VMware SD-WAN. The edge devices receive their configuration from a web service and require no on-site management once deployed.

Advantages of Edge-Optimized SD-WAN

Traditional WAN designs include unified routing at each edge location and deliver data to the central office. The central office then makes complex routing decisions, such as whether to send traffic to another office, an internal server, or the Internet. In extreme cases, traffic from a branch office in California may flow back to the New York headquarters and then back to a web service located in California.

VMware SD-WAN puts intelligent routing in edge devices where network traffic originates, but controls that network traffic through central policies. An enterprise can route network traffic from Salesforce to go directly over an internet connection, but they still need traffic from unknown websites to go through a security appliance in headquarters or a virtual secure web service.

Administrators who make intelligent routing decisions at the edge can efficiently utilize network bandwidth and still provide complete security control.

VMware SD-WAN also includes a gateway, which is a network node that receives a secure connection from an edge device and forwards that traffic between devices. The gateway does not require a fixed public IP address. Higher-performance SD-WAN edge devices can also act as gateways to supplement the multi-tenant gateways that VMware operates around the world.

Disadvantages of Edge-Optimized SD-WAN

A circuit may come with a standard four-hour fault response time, but consumer internet service is unlikely to offer a faster response time.

Consumer internet connections may sometimes be unavailable for days at a time. To mitigate this risk, enterprises can pair multiple independent consumer services with an SD-WAN link failover strategy to improve availability.

If a digger accidentally cuts a fiber connection, it is likely to cut the backup ADSL service in the same conduit. In this case, choosing cellular as a backup is a good choice. Cellular backup relies on different physical paths outside the local data center.

Enterprises should also consider more downstream failures. If enterprises rely on a single telecommunications service provider to support their fiber and cellular connections, they are at risk of having their Fiber Channel and cellular connections fail when the provider's local Internet gateway fails.

Subscription-based product risks, such as increased long-term investment costs and lack of subscription lifecycle management. VMware may divest its SD-WAN product suite.

This is not a VMware-specific risk; it is standard behavior among software companies. Changes in the software market typically occur faster than in the telecom world. Often, telecom operators can keep older services running longer than the life cycle of software products.