Advances in software networking virtualization have created the opportunity to combine a wide range of network functions onto a single platform. Applying software-defined technologies to branch networks -- to create what we can term a software-defined branch, or SD-branch -- simplifies network operations by consolidating WAN connectivity (SD-WAN and routing), network security, Wi-Fi and the local area network in a single platform that's easy to deploy and manage.
SD-WAN becoming mainstream
Software-defined WAN technologies are being rapidly deployed by distributed organizations to address the branch requirements for increased bandwidth, security and application prioritization. SD-WAN may be deployed by the IT organization -- through channel partners -- or as a managed service by service providers. SD-WAN providers continue to add to the platform's functionality with improved ability to handle real time, additional routing capabilities, increased network security and better centralized management.
Connecting branch networks
Many distributed organizations rely on operations at their branch locations to drive revenue and increase customer satisfaction -- for example, retail stores, restaurants and banks. For these organizations, deploying and managing WAN connections at their branch locations is a critical IT function. The WAN needs to be highly reliable, secure and able to keep pace with expanding bandwidth requirements (the average increase is 20% per year). Additionally, the WAN must provide predictable, high-quality connections to data center and cloud-based applications.
IT professionals report significant challenges in deploying, maintaining and troubleshooting branch networks. The following are the leading challenges:
- managing the number of network devices at the branch, each with its own management interface;
- deploying branch networks, which often requires a visit by IT to the location; and
- securing branch networks (many network breaches occur at remote locations).
Recent surveys indicate a majority of distributed IT organizations have six or more network or security devices at branch locations. Each device has its own unique interface for deployment and remote management. A branch network has many network or security devices, typically running as distinct appliances. Some of those devices include the following:
- Ethernet switches
- Wi-Fi controllers
- WAN optimization
- IP VPNs
- intrusion prevention systems and intrusion detection systems
Opportunities to deploy SDN to network branches
The software-defined branch uses the concepts of SDN and network virtualization to package all of the most popular network requirements into a software-based service that runs on a single platform. Its functionalities can include SD-WAN, routing, network security and networking (e.g., Wi-Fi). Like SD-WAN, SD-branch provides for rapid deployment, integrated security, and centralized monitoring and management. It provides the benefits of IT agility, reduced hardware costs and operational simplification.
Many SD-WAN, router, and Wi-Fi suppliers are positioned to deliver SD-branch products, including Cisco, Hewlett Packard Enterprise's Aruba Networks, Cradlepoint, Citrix, Silver Peak, VMware, Talari and Versa Networks.
Recommendations for IT Leaders
Most IT organizations find it difficult to deploy and remotely manage a complex range of hardware appliances at their branch locations. Implementing SD-WAN brings tremendous benefits, but may do little to specifically solve the branch-operations challenge -- because of the need to manage all the other boxes at the branch, like routers, WAN optimization, firewalls and Wi-Fi.
The advent of the SD-branch promises to simplify deployment and management of branch networking by collapsing multiple network functionalities onto a single platform. SD-branch offers advantages in terms of rapid deployment (branch-in-a-box), lower hardware costs and Opex benefits.
SD-branch technology is still in its early stages of development and will first be available as a single-vendor offering. Distributed enterprises will likely implement SD-WAN initially and can then evaluate internally deployed or managed software-defined branch systems as the technology matures.