This content is part of the Essential Guide: Building SD-WAN architecture into your world
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

What's the difference between hybrid, virtual and SD-WAN?

An expert explains the differences between hybrid, virtual and software-defined WANs and tells how they are each related.

Software-defined WAN (SD-WAN) seeks to bring the world of software-defined networking to the WAN edge of the network...

by using the same overall goals as SDN: decreased capital expense, by shrinking the "branch stack" and shifting to generic hardware; decreased operating expense, by using broadband only or folding broadband into the connectivity pool; and increased agility and flexibility. SD-WAN also aims to make the WAN more service-centric, with both monitoring and management of traffic focusing on delivery of applications.

Additionally, because it is based on SDN fundamentals, SD-WAN technology should (and sometimes does) separate the control plane from the data plane, provide a seamless integration of WAN and branch networks into a single end-to-end policy-driven management framework, and use generic data plane devices in the branch, from the edge router inward. Within this framework, SD-WAN products seek to offer better WAN bandwidth management and a secure pooling of dedicated and public connections. SD-WAN may involve both physical and virtual appliances.

CloudGenix, Saisei, VeloCloud and Viptela are among a growing group of emerging vendors that are offering SD-WAN services. Traditional WAN and application delivery optimization vendors such as Alcatel-Lucent, Avaya, Cisco, Juniper and Silver Peak have extended SDN functionality to their WAN products as well.

Virtual WAN

Virtual WAN (vWAN) technologies represent a subset of SD-WAN. They are on-premises products that permit users to supplement or replace their dedicated private WAN services with commodity broadband connectivity. VWAN technology -- either physical or virtual -- typically performs three functions: secure, aggregate and optimize. VWAN traffic is secured by encrypting transmission across public networks and the technology can provide additional layers of security through secure socket layer offload. Second, vWAN products aggregate WAN links, including broadband, making multiple dedicated or public network links function as a single large link from the perspective of applications using the connectivity. And finally, they optimize in many ways: They load balance across aggregated communications channels, they selectively route flows or packets based on link performance at the moment, and they can shape traffic by specific services, destinations or users.

Key emerging vWAN vendors are Elfiq, Mushroom and Talari. Traditional application delivery optimization vendors have extended their reach into this space as well, including Allot, Cisco, Ipanema, Riverbed and Silver Peak.

Hybrid WAN

A hybrid WAN is simply one that employs multiple connection types -- in the strictest sense, multiprotocol label switching (MPLS) plus carrier Ethernet plus T3s. In a looser sense (and probably the dominant sense now) it is a WAN combining dedicated (usually MPLS) private connections with Internet connections; that is, some branches have private connections only, some (and more all the time) have Internet only, and some (more all the time) have both.

Next Steps

Traffic management and automation with SD-WAN

SD-WAN case study

This was last published in June 2015

Dig Deeper on WAN technologies and services