BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Software-defined WAN is becoming the primary on-ramp for branch -- and other edge -- communications to the cloud. IT organizations are adopting a multi-cloud architecture in which applications run on the best platform, regardless of location. In response, SD-WAN technology providers are rapidly innovating their platforms to enable secure, reliable and high-quality SD-WAN connectivity to a variety of cloud platforms.
Multi-cloud is typically defined as the use of two or more IaaS platforms, like Amazon Web Services, Microsoft Azure and Google Cloud Platform. But many organizations now use an assortment of on-premises -- data center -- and cloud-based resources to enable their agile IT operations. According to a recent survey by RightScale, about 82% of enterprises have a multi-cloud strategy.
As a result, IT organizations must manage a range of private cloud, public cloud and SaaS platforms to provide their developers the flexibility to run applications on the most appropriate platform, regardless of location and with excellent user quality of experience.
How multi-cloud affects SD-WAN
SD-WAN is becoming the primary platform for distributed organizations to increase bandwidth, improve security and provide application prioritization to the edge of the network. SD-WAN may be deployed internally by IT teams with the help of channel partners or as a managed service. SD-WAN providers are continually improving the functionality of their platforms with traffic identification and routing, increased network security and better centralized management.
To support multi-cloud, SD-WAN technology is expanding beyond traditional hybrid WAN connectivity to enable application delivery where and when it is needed by the end user. SD-WAN must seamlessly connect users to private cloud, IaaS and SaaS platforms based on defined business policies and with proactive traffic steering and prioritization. As many cloud applications are business-critical, SD-WAN platforms need to provide high reliability and user quality of experience, like low latency, with appropriate security and compliance policies.
In order to meet these requirements and apply the appropriate policies, SD-WAN platforms must be able to identify traffic types. For example, policies vary significantly among real-time traffic, like video and voice; mission-critical SaaS applications, such as Salesforce; large file transfers, like data replication; and basic email.
Improved security and contextual awareness in the platform and through partners is essential to offset the inherent dangers of internet, cloud and IoT vulnerabilities. The SD-WAN platform needs visibility into the traffic's source and destination to whitelist and quarantine traffic flows.
Multi-cloud capabilities in SD-WAN platforms
SD-WAN suppliers are rapidly improving the ability to handle their customer expectations in a multi-cloud world. They have partnered with the leading IaaS providers Amazon and Microsoft, and most have plans to include Google, as well. Many SD-WAN platforms have the capabilities to recognize traffic -- using the IP addresses -- to and from the top 25 SaaS providers and to apply the appropriate security and compliance policies.
Multi-cloud security also requires microsegmentation to isolate certain traffic flows, applications and network segments. IoT traffic with low-latency requirements must be identified, secured and routed to the appropriate resource. Many SD-WAN providers have the ability to identify and prioritize real-time traffic.
Architecture options for SD-WAN connectivity to multi-cloud
Most organizations have moved beyond traditional hub-and-spoke architecture -- which sends all branch traffic to a central data center first and then forwards it to the cloud -- to improve their user quality of experience. SD-WAN suppliers employ a number of different technologies to accelerate and secure multi-cloud communications, depending on which cloud or SaaS platform is in use. As a result, SD-WAN technology is in the forefront of deciding which traffic should be sent to or received by a specific cloud-based platform.
Most SD-WAN platforms offer traffic encryption and IPsec virtual private networks (VPNs) to help secure internet-bound traffic. SD-WAN providers also partner with cloud-based security vendors like Zscaler to use their specialized traffic-analysis capabilities.
Many SD-WAN providers work with the leading IaaS suppliers to ensure streamlined access to applications based on those platforms. Some suppliers allow their customers to spin up a virtual SD-WAN instance within an IaaS cloud or at a service provider point of presence -- like Equinix, for example. Suppliers have also enabled their SD-WAN platforms to recognize the leading SaaS applications for appropriate whitelisting and traffic prioritization.
Supplier examples of SD-WAN connectivity to multi-cloud
Cisco. Cisco SD-WAN offers Cloud OnRamp for SaaS applications and partners with AWS and Azure for IaaS connectivity.
Citrix. Citrix has partnered with Microsoft to provide access between a customer's SD-WAN application-aware platform in a branch location and the Azure Virtual WAN service.
CloudGenix. CloudGenix AppFabric enables the deployment of cloud and SaaS applications to branch offices with application identification and automatic path selection.
Riverbed. Riverbed SteelConnect offers one-click VPN connections to both AWS and Azure cloud platforms.
Talari. Talari Cloud Connect offers multilink visibility and bidirectional quality of service while accessing cloud and SaaS-based applications.
Versa Networks. Versa offers direct cloud access optimization for popular cloud sites. Versa Director can spin up Versa instances in private clouds -- like VMware and OpenStack -- and public clouds.
SD-WAN connectivity upgrades for a multi-cloud world
IT leaders must provide their developers the flexibility to deploy on the best compute platform regardless of type or location. They must also enable high-quality user experience for many mission-critical SaaS platforms.
In a multi-cloud world, SD-WAN connectivity is essential to provide secure, reliable, low-latency access to data and applications. The SD-WAN platform must be aware of the application type and the traffic's destination or origin, and it must be able to apply appropriate security and routing policies.
SD-WAN suppliers are rapidly improving their multi-cloud capabilities through partnership with leading IaaS providers, improved security with internal upgrades and through partnerships, and by identifying traffic patterns of leading SaaS applications.