A wide area network provides a connection between a headquarters location and remote branch offices. With a software-defined WAN, a software overlay sits on top of the tunnel created between the headquarters and the branch. This simplifies the management, security and access between the two entities.
Typically, SD-WAN is a point-to-point architecture, meaning an edge device sits at each endpoint and has a direct connection with the other devices. This creates a hub-and-spoke architecture, with the headquarters as the central hub. While this design is straightforward, it also means any branch-to-branch communication or branch-to-cloud service needs to pass through headquarters first, which adds latency for both the branch and the headquarters.
With the growth of cloud services, a second type of SD-WAN architecture is emerging. This model is cloud-based and adds an SD-WAN gateway into the architecture.
A virtual SD-WAN gateway sits in a cloud environment outside the headquarters and handles all the SD-WAN traffic and control. Branch-to-branch communication happens in the cloud, not at headquarters, which eases the traffic on the headquarters' networks.
Who should use SD-WAN gateways?
Enterprises using a large number of cloud-based services -- such as Office 365, Salesforce or applications running on AWS -- can benefit from an SD-WAN gateway, as it reduces traffic and latency. An SD-WAN gateway can insulate cloud applications from interruptions during circuit flapping because the end users are connected to the gateway. This keeps the session active during the interference instead of the session connecting directly to the cloud service.
Enterprises with long-term SD-WAN strategies to build out a meshed WAN design for all their sites -- perhaps because they have plenty of site-to-site WAN traffic -- will likely prefer the SD-WAN gateway options over a standard, point-to-point SD-WAN. An SD-WAN gateway eliminates much of the hardware and management costs of a point-to-point architecture.
One of the few downsides of an SD-WAN gateway is some of the usual SD-WAN service-level capabilities might not be available in a gateway model. Some capabilities -- like application-based traffic forwarding, quality of service or security policy management -- may require an SD-WAN endpoint on each end of the tunnel. An SD-WAN gateway environment has no common endpoint at the gateway location to manage that tunnel connection.
Dig Deeper on Software-defined WAN (SD-WAN)
Related Q&A from John Fruehe
While a bridge and router share some similarities, the difference between a bridge and router is significant, including how the devices interpret ... Continue Reading
The battle between VPN vs. SD-WAN returns. In this clash, see how realistic SD-WAN appliances are for remote and mobile workers compared to VPN ... Continue Reading
A few SD-WAN certifications do exist, but they're heavily focused on specific vendors and their respective products. Find out why market-wide certs ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.