Skip to main content

What Is a Software-Defined Wide Area Network (SD-WAN)?

SD-WAN is a software-defined approach to network connectivity that can lower operational costs and improve optimized business application experience.


What’s SD-WAN and WAN, and how does SD-WAN work?

Techopedia defines a software-defined wide area network or software-defined wide area networking, both abbreviated as SD-WAN, as “a wide area network that utilizes software components to control network operations”.1 Techopedia’s definition expands noting “[certain] management software virtualizes networking hardware in the same way that hypervisors and other components virtualize data center operations”.1

To better understand how SD-WAN works, it helps to first understand what a wide area network (WAN) is. Techopedia defines a WAN as a “network that exists over a large-scale geographical area, as compared to other network types, such as a local area network (LAN)”.2 LANs tend to be much more isolated than WANs, confining themselves to smaller networks in homes or business offices. WANs connect different smaller networks, such as LANs and metro area networks (MANs). This connection allows computers and users from one location to communicate with computers and users in different locations.

Techopedia notes that the SD-WAN’s software control mechanism helps manage all the different geographical pieces of its WAN, which helps to improve performance and efficiency. Specific protocols that the SD-WAN implements provide a user-intuitive interface and helps the WAN handle network traffic.1 SD-WANs can also support firewalls, gateways, virtual private network (VPN) tools and other features that increase privacy, cyber resilience and security.

SD-WAN versus MPLS

SD-WAN offers businesses an optimized application experience. This application experience includes benefits like high availability for critical enterprise applications, coupled with predictable service and several hybrid active-active configurations, as opposed to active-passive configurations, links for network scenarios. SD-WAN allows for dynamic directing of application traffic using application-aware routing, providing a streamlined delivery and user experience.

Cisco notes that SD-WAN offers an “improved OpEx, replacing expensive Multiprotocol Label Switching (MPLS) services with more economical and flexible broadband, including secure VPN connections”.3  For more than 20 years, MPLS technology has helped power private connectivity. SD-WAN evolved out of this MPLS technology. Cisco continues noting that “SD-WAN can be seen as a software abstraction of MPLS technology that’s applicable to wider scenarios",3 bringing security-rich, private connections that are link and provider agnostic, and cloud-aware.

Comparatively, SD-WAN handles future scenarios using centralized policy-based, real-time traffic steering and MPLS handles these scenarios using backup links. Because SD-WAN unifies the WAN backbone, it produces comprehensive analytics throughout the global network.

SD-WAN versus SDN

Often presented as software-defined networking (SDN) for the WAN, SD-WAN is arguably the most widely deployed use case in SDN. Cisco notes that the SDN paradigm “became popular for abstracting network infrastructure in the data center and other sections within the enterprise perimeter.” SD-WAN performed similarly to SDN, however SD-WAN needed to abstract diverse elements of infrastructure, including those from different link types, geographies and SD-WAN providers. 

While SDN is designed for working on LAN networks and for creating networks that can quickly be modified as needed, SD-WAN is designed for a WAN that connects different sites and supports a WAN from a large geographical area. Like an SDN, a SD-WAN removes the need for maintaining an abundance of network hardware. A SD-WAN can be used from an SDN where it provides the geographical capabilities of a SD-WAN and the scalability of an SDN.

While vendors control a SD-WAN service, an SDN is controlled by an IT administrator or user. Deployment tends to be easier for SD-WANs because users aren’t responsible for providing the service.

SD-WAN capabilities

SD-WAN has the potential to solve a variety of cross-industry problems by using the following capabilities to create solutions:

  • Central management and cloud-based controls help IT teams set up WAN configurations across multiple locations and virtual circuits. The SD-WAN controller also aggregates data, including performance metrics and error conditions, which can later be summarized in reports, used to trigger alerts and shared with trouble-ticketing systems and other like IT functions. 
  • End-to-end encryption helps boost security using Internet Protocol Security (IPsec) or similar encrypted tunnels that automatically shield virtual private WANs stretched across public, shared networks. Also, encryption on MPLS networks helps defend against data breaches and cyber attacks.
  • Multipath and multilink support with dynamic path selection helps with bonding multiple physical circuits into a single logical channel to boost aggregate capacity and reliability. Once bonded, these channels can support virtual routing and forwarding (VRF), allowing network segmentation and control over private network routing policies across publicly shared broadband networks.
  • Path conditioning and WAN optimization helps with data compression and deduplication, traffic shaping to control contention and latency, client-side caching and Transmission Control Protocol (TCP) optimization.
  • Security and firewalling services that range from simple TCP and User Datagram Protocol (UDP) port-based blocking to sophisticated malware detection and prevention.
  • Quality of service traffic prioritization with forward error correction offers bandwidth assurances for different classes of service. This capability can improve performance in certain latency-sensitive and loss-sensitive applications that include Voice over Internet Protocol (VoIP), video conferencing and screen sharing. Some solutions use path redundancy and error correction techniques to help detect and correct errors to avoid performance-sapping data retransmissions.
  • Policy-based controls and service chaining can provide intelligent, policy-based routing of traffic. This capability also offers the ability to dynamically insert virtualized network functions (VNFs) like firewalls, content filters, proxies and other L7 network functions into the traffic flow. It also inserts these functions without stifling the underlying network.
  • Local breakout for cloud services lets local inspection and direct routing of traffic destined for trusted cloud services like Salesforce. This dually removes the need to backhaul all traffic to a centralized location for inspection and helps save on bandwidth utilization while maximizing the use of cheaper local direct internet access. It also does this without compromising cybersecurity.4

How do different sectors optimize the benefits of SD-WAN?

With all the considerable capabilities and benefits that it offers, SD-WAN adoption is something that disparate businesses and organizations should consider when looking to improve their networks. SD-WAN deployment has greater potential benefits for enterprises that are reliant on IT applications that require frequent communication with the enterprise’s different geographic locations, individuals and devices.  

Retail sector

Retail organizations that have several branch or remote offices need security-rich, cyber resilient networks that help ensure the protection of the data that it’s transmitting. This data can include credit card numbers, customer information and similar data that’s processed during payments. 

Like most businesses with a wide array of employees, retail companies need networks that can support their employees and the work that they’re performing. Slow networks can result in numerous technical issues, many of which can impact productivity. SD-WAN technology helps provide organizations with the fast, efficient and security-rich networks they need to safely and reliably process transactions, and send and receive data, and for their employees to efficiently do their jobs.

Financial sector

Similar to the retail sector, the financial sector also benefits from the increased security and reliability that SD-WAN technology can bring to its networks. Financial organizations, such as banks, insurance firms and credit unions, require fast, reliable database access to process their customers’ transactions and information. For optimized functionality, financial networks need access to cloud services, an option not often found on private networks.

Education sector

Arguably the sector that benefits the most from digital transformation is the education sector, which uses personal devices, digital curriculum and online assessments to meet the needs of today’s students. ITProPortal notes that in addition to scaling with each school or university’s bandwidth management needs, “SD-WAN allows universities to prioritize academic traffic and applications over the wants of the student population, [for example, students’ access to] streaming services, such as Netflix”.5  SD-WAN also helps schools to identify the different types of traffic, such as student, teacher, administrator and guest, and to scale according to those needs. SD-WAN is helping the education sector produce modern digital learning experiences with a higher bandwidth at a reduced cost for schools, universities, and similar public and private education institutions.

What’s SD-WAN architecture?   

Network World notes that there are three main types of SD-WAN architecture, each with its own benefits that are generally rooted in how they use WANs. These three types of SD-WAN architectures are:

  1. On-premises only architecture
  2. Cloud-enabled architecture
  3. Cloud-enabled plus backbone6

On-premises only architecture

True to its eponymous name, an SD-WAN on-premises architecture is found onsite and established using a SD-WAN box or similar plug-and-play router that performs traffic shaping from its location in real time. This onsite SD-WAN box doesn’t connect to a cloud gateway and only connects to your enterprise’s sites.

What are the benefits of on-premises only architecture?

Some of the benefits for SD-WAN on-premises only architecture include the following:

  • Low to zero SD-WAN cloud-enablement monthly bandwidth costs
  • Multicircuit load balancing and failover
  • Internet service provider (ISP) load balancing
  • Real-time traffic shaping that helps increase WAN app performance
  • Increased connectivity backup, which helps with disaster recovery (DR)

Cloud-enabled architecture

Unlike on-premises SD-WAN architecture, cloud-enabled SD-WAN architecture uses an onsite SD-WAN box that connects to a cloud gateway. This cloud gateway networks to the major cloud providers, such as Amazon Web Services (AWS), Microsoft Office 365 or Salesforce, and helps increase the performance and reliability of your enterprise’s cloud applications.

What are the benefits of cloud-enabled architecture?

Cloud-enabled architectures offer some of the same benefits of on-premises architecture, including real-time traffic shaping, increasing the performance of all WAN apps, multi-circuit load balancing, and increasing connectivity backup that improves DR.

If your enterprise’s internet circuit fails when you’re using a cloud app, then the cloud gateway can maintain that cloud session’s activity. If there’s another internet circuit, then the cloud gateway can prevent any interruption by instantaneously rerouting the cloud app to that internet circuit. With cloud-enabled architecture, cloud gateways can help improve both the performance and the reliability of cloud apps.

Cloud-enabled plus backbone architecture

The next level of cloud-enabled architecture, cloud-enabled plus backbone SD-WAN architecture, provides an onsite SD-WAN box that connects your enterprise’s site with the SD-WAN provider’s closest network point of presence (PoP). A PoP is where your enterprise’s traffic gets on the SD-WAN provider’s private, fiber optic network backbone. During the period when your enterprise’s WAN traffic is navigating the SD-WAN provider’s private backbone, it’s more likely to maintain lower levels of latency, jitter and packet loss. Lower levels of latency, jitter, and packet loss usually produce increased network traffic performance, most often with voice, video, virtual desktop and similar real-time traffic.

The SD-WAN provider’s private backbone is also directly connected with major cloud providers, such as AWS, Office 365 or Salesforce. As with non-backbone cloud SD-WAN architecture, this direct connection to major cloud providers helps increase the performance and reliability of cloud apps.

What are the benefits of cloud-enabled plus backbone architecture?

In addition to increased performance and reliability of cloud applications and increased performance of all network applications, including real-time apps, cloud-enabled plus backbone SD-WAN architecture has some other benefits. Benefits include multicircuit and ISP load-balancing, and increased DR capacity, as a result of boosted connectivity backup.

How does SD-WAN adoption generate positive results?

A survey recently concluded that enterprises that followed through with SD-WAN adoption received positive results, and SD-WAN users experienced the following benefits:

  • 65% of users saw a cost reduction of 10% or greater.
  • 40% of users saw a network performance improvement of 10% or greater.
  • 33% of users achieved improved management through the implementation of WAN topologies7

How can you transform your network with SD-WAN?

It’s easy to get swept away in the rush to transform your network from a traditional and complex hardware-centric network to something flexible and modern. Today’s dynamic business needs must be met by networks that are agile and resilient, easy to manage and secure. These networks need to adopt the most recent innovations and cognitive capabilities and cut costs while fostering growth with newly enabled business models. Scalability is a must, and these networks require incorporated programmatic controls that can deploy applications anywhere from hours to minutes. SD-WAN helps meet these demands, delivering a veritable network transformation. It helps enable the application journey to the cloud with a service delivery platform that cuts cost through enabled automation, analytics and cognitive capabilities.8