BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
A wide area network (WAN) is a geographically distributed private telecommunications network that interconnects multiple local area networks (LANs). In an enterprise, a WAN may consist of connections to a company's headquarters, branch offices, colocation facilities, cloud services and other facilities. Typically, a router or other multifunction device is used to connect a LAN to a WAN. Enterprise WANs allow users to share access to applications, services and other centrally located resources. This eliminates the need to install the same application server, firewall or other resource in multiple locations, for example.
A virtual private network (VPN) facilitates connectivity between WAN sites. An IPsec VPN is more commonly used in continuously open site-to-site connections, such as those between branch offices and headquarters locations. An SSL VPN is often the preferred choice for enabling remote access for individual users because the data transmitted from users across the WAN is encrypted. Direct fiber optic links are also used to connect sites on a WAN – and they almost always offer greater performance, reliability and security than VPNs, but they are cost-prohibitive for most enterprises to procure and operate.
Types of WAN connections
WAN connections can include wired and wireless technologies. Wired WAN services can include multiprotocol label switching, T1s, Carrier Ethernet and commercial broadband internet links. Wireless WAN technologies can include cellular data networks like 4G LTE, as well as public Wi-Fi or satellite networks.
WANs over wired network connections remain the preferred medium for most enterprises, but wireless WAN technologies, based on the 4G LTE standard, are gaining traction.
WAN infrastructure may be privately owned or leased as a service from a third-party service provider, such as a telecommunications carrier, internet service provider, private IP network operator or cable company. The service itself may operate over a dedicated, private connection -- often backed by a service-level agreement -- or over a shared, public medium like the internet. Hybrid WANs employ a combination of private and public network services.
Software-defined WAN (SD-WAN) is designed to make hybrid WAN architectures easier for enterprises to deploy, operate and manage. Using a combination of virtualization, application-level policies and network overlays, on-site SD-WAN devices, software platforms or customer premises equipment (CPE) perform two functions:
- They aggregate multiple public and private WAN links.
- They automatically select the most optimal path for traffic, based on real-time conditions.
The latter function has historically required network managers to manually reconfigure their networks any time they wanted to shape the direction of traffic over multiple routes.
Latency and bandwidth constraints often cause enterprise WANs to suffer from performance issues. WAN optimization appliances use a variety of techniques to counteract them, including deduplication, compression, protocol optimization, traffic shaping and local caching. SD-WAN CPE or platforms provide another level of application performance control through the use of lower-cost bandwidth connections, usually in the form of commercial internet services, along with traffic shaping and quality of service tools -- to increase reliability.