I D C T E C H N O L O G Y S P O T L I G H T. SD- W AN : M o m e n t u m B u i l d s as Early Ad o p t e r s

Similar documents
I D C T E C H N O L O G Y S P O T L I G H T. SD- W AN : A C r i t i c al S t e p in Transforming the N e tw o r k for the Cloud Era

I D C T E C H N O L O G Y S P O T L I G H T

I D C M A R K E T S P O T L I G H T

Customizing SD-WAN for the Distributed Enterprise

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN

Intelligent WAN: Leveraging the Internet Secure WAN Transport and Internet Access

How the WAN is Driving Digital Transformation. An IDC InfoBrief, Sponsored by

How SD-WAN will Transform the Network. And lead to innovative, profitable business outcomes

Deploying Cisco SD-WAN on AWS

I D C T E C H N O L O G Y S P O T L I G H T. V i r t u a l and Cloud D a t a Center Management

Simplifying the Branch Network

SD-WAN. Enabling the Enterprise to Overcome Barriers to Digital Transformation. An IDC InfoBrief Sponsored by Comcast

SD-WAN 101. November 3 rd 2016 Rob McBride Marketing

Cisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018

SD-WAN: Aligning the Network with Digital Transformation, Cloud, and Customer Engagement

Workload Management Automation Drives Digital Business and Multicloud Expansion

SD-WAN. Bringing Scale, Agility and Robustness to Enterprise Networks

Secure Extensible Network. Solution and Technology Introduction

Cloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN

Hybrid Cloud for the Enterprise

Ret h i n k i n g Security f o r V i r t u a l Envi r o n m e n t s

MASERGY S MANAGED SD-WAN

Transform your network and your customer experience. Introducing SD-WAN Concierge

CTO PoV: Enterprise Networks (Part 2) Security for IoT & Cloud

Transform your network and your customer experience. Introducing SD-WAN Concierge

Fundamentals and Deployment of Cisco SD-WAN Duration: 3 Days (24 hours) Prerequisites

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

Cisco SD-WAN and DNA-C

Faster, Better, and Cheaper? Building the SD-WAN Business Case

I D C T E C H N O L O G Y S P O T L I G H T

SD-WAN Solution How to Make the Best Choice for Your Business

Wireless SD-WAN: A Critical Element of Industrial Internet of Things

What is SD WAN and should I know or care about it? Ken LaMere Ecessa

I D C T E C H N O L O G Y S P O T L I G H T

Cisco APIC Enterprise Module Simplifies Network Operations

Hosted Services: Providing SMBs with Access to Advanced Technology

Hybrid WAN Operations: Extend Network Monitoring Across SD-WAN and Legacy WAN Infrastructure

Mitigating Branch Office Risks with SD-WAN

Predictive Insight, Automation and Expertise Drive Added Value for Managed Services

HOW ADVANCED ANALYTICS DIFFERENTIATES CSP SD-WAN SOLUTIONS

Making Enterprise Branches Agile and Efficient with Software-defined WAN (SD-WAN)

Optimizing Infrastructure Management with Predictive Analytics: The Red Hat Insights Approach

90 % of WAN decision makers cite their

Windows 7 Done Right: From Migration to Implementation

Optimizing your network for the cloud-first world

Benefits of SD-WAN to the Distributed Enterprise

SD-WAN AND BEYOND: DELIVERING VIRTUAL NETWORK SERVICES

TREND REPORT. Ethernet, MPLS and SD-WAN: What Decision Makers Really Think

Why the Cloud is the Network

C O M P E T E A T Y O U R P E A K

Enterprise WAN Agility.

Flexible Network-Based, Enterprise-Class Software-Defined Solutions for Hybrid Public/Private Network Connectivity

I D C T E C H N O L O G Y S P O T L I G H T

Utilizing SD-WAN to Optimize Application-Driven Policy Management

Cisco SD-WAN. Securely connect any user to any application across any platform, all with a consistent user experience.

Our Virtual Intelligent Network Overlay (VINO) solutions bring next-generation performance and efficiency to business networks throughout North

Next generation branch with SD-WAN and NFV

Demystifying the Cloud With a Look at Hybrid Hosting and OpenStack

Introducing Avaya SDN Fx with FatPipe Networks Next Generation SD-WAN

Simplifying WAN Architecture

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Cisco SD-WAN (Viptela) Migration, QoS and Advanced Policies Hands-on Lab

Transformation Through Innovation

Voice of the Customer First American Title SD-WAN Transformation

Delivering the Wireless Software-Defined Branch

Modernizing Healthcare IT for the Data-driven Cognitive Era Storage and Software-Defined Infrastructure

Best Practices in Securing a Multicloud World

What To Ask Your SD-WAN Vendor

The New Enterprise Network In The Era Of The Cloud. Rohit Mehra Director, Enterprise Communications Infrastructure IDC

HYBRID WAN. Proof of Value Journey. WAN Summit Michael Becerra Singapore, 12 September Global Business Services Excellence. Simply delivered.

VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH

I D C T E C H N O L O G Y S P O T L I G H T

SD-WAN: A Simplified Network for Distributed Enterprises

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: V i r t u a l ization and Cloud C h a n g e s E ve r yt h i n g

Software-Defined WAN Does Not Grow on WAN Alone

Building a Resilient Cloud Network with SD-WAN

Scaling Large and Multinational Enterprise SD-WAN Deployments

Enterprise Workloads, Infrastructure, and

INNOVATIVE SD-WAN TECHNOLOGY

From Zero Touch Provisioning to Secure Business Intent

EdgeConnectSP The Premier SD-WAN Solution

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Overcoming Business Challenges in WAN infrastructure

SDWAN: Re-architecting WAN with Software Defined Networking

Dynamic WAN Selection

Analytics-as-a-Service Firm Chooses Cisco Hyperconverged Infrastructure as a More Cost-Effective Agile Development Platform Compared with Public Cloud

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

Data center interconnect for the enterprise hybrid cloud

Network Edge Innovation With Virtual Routing

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Ensuring a Consistent Security Perimeter with CloudGenix AppFabric

The Essential Guide to Preparing Your Network for the Cloud. How to meet your network requirements at every step of your cloud transformation.

Hybrid networking & mission critical Internet

Application-Aware Network INTRODUCTION: IT CHANGES EVOLVE THE NETWORK. By Zeus Kerravala -

Smart and Secured Infrastructure. Rajesh Kumar Technical Consultant

Cisco ACI Helps Integra Compete in Next-Generation Telecom Services Market

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Intent-Based Networking in the Limelight with Cisco's Launch of Catalyst 9000 Series Ethernet Switches

SD-WAN. Evolving Beyond MPLS in the Enterprise Network. 55 Water Street, 32nd Floor New York, NY (877)

Transcription:

I D C T E C H N O L O G Y S P O T L I G H T SD- W AN : M o m e n t u m B u i l d s as Early Ad o p t e r s E x p e r ience Tangible Benefits January 2018 Adapted from Worldwide SD-WAN Survey Special Report by Rohit Mehra, Rajesh Ghai, and Brad Casemore Sponsored by Cisco Systems This Technology Spotlight highlights the tangible benefits achieved by early SD-WAN adopters across key use cases and outlines a vision for sustained ROI and value creation from the solution. This paper also looks at the role of Cisco in the strategically important SD-WAN market. Introduction SD-WAN has arisen as the WAN's response to the migration of enterprise apps to the cloud. As the march of enterprise apps to the cloud gathers momentum, it is inevitable that SD-WAN gets the spotlight. Indeed, IDC's recent Software-Defined WAN Survey suggests growing momentum for SD-WAN, with two-thirds of survey respondents indicating that they are likely to deploy the solution within the next two years, as shown in Figure 1. FIGURE 1 Intent to Deploy SD-WAN Q. Does your organization have any plans to deploy SD-WAN technology solutions? Currently deployed Plan to deploy in the next 12 months Plan to deploy in the next 12 24 months No plans to deploy in next 24 months 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% n = 1,208 Source: IDC's Software-Defined WAN Survey, August 2017 US43517518

Not surprisingly, the same survey also indicates that cloud usage in all its forms within the enterprise continues to rise, with more than 90% of survey respondents indicating that they are planning to use the cloud for enterprise apps in the next 12 months (see Figure 2). FIGURE 2 Cloud Usage Q. What type(s) of cloud services or resources is your organization currently using and planning to use in the next 12 months? IaaS PaaS Currently using Currently using Plan to use in the next 12 months Plan to use in the next 12 months No plans to use No plans to use 0% 20% 40% 60% 80% 0% 10% 20% 30% 40% 50% 60% n = 1,208 Source: IDC's Software-Defined WAN Survey, August 2017 From a networking perspective, the importance of cloud usage as a driver of WAN technology choice is also growing. Considering that "security requirements related to web and internet applications" and "complexity associated with interconnecting multiple transport types" are the top 2 WAN challenges in the enterprise, it comes as no surprise that SD-WAN momentum is on the rise (see Figure 3). 2 2018 IDC

FIGURE 3 WAN Challenges Q. Select the three most important WAN challenges (from the following) that best relate to your company. Security requirements related to web and internet applications Complexity associated with interconnecting multiple transport types (MPLS, Ethernet, internet, leased lines, DSL, LTE) Need for better analytics and visibility into applications and resources delivered by the network Managing consistent user experience for onsite enterprise apps and off-premise cloud applications In-house management of enterprise WAN networks Cost-effectively delivering SaaS and other cloud services across the WAN Growing annual costs to provide additional bandwidth Audit and compliance related to the network Management of connectivity at remote branch offices Appliance sprawl at the WAN edge Time to provision a new service to a site 0% 5% 10% 15% 20% 25% 30% 35% n = 1,208 Source: IDC's Software-Defined WAN Survey, August 2017 The survey also suggests that "optimization of WAN bandwidth" and "consistent application security" are the top 2 motivations of early SD-WAN deployments. Importantly, from a CIO perspective, "agility of IT staff in support of business needs" is seen as a key benefit of SD-WAN adoption. In this paper, we further explore specific tangible benefits that have accrued to early SD-WAN adopters from popular use cases of the technology. Use Cases and Benefits SD-WAN at its core helps enterprises achieve dynamic alignment between business strategy, application policy, and WAN configuration. In other words, it enables the WAN to provide the application reliability, availability, performance, and security required by business, irrespective of the location of the apps the cloud or the corporate datacenter. Specific use cases and benefits experienced by enterprise customers in their early deployments include the following: Seamless, secure cloud connectivity. In the absence of SD-WAN, connecting users securely to public cloud apps is complex and expensive. In most cases, enterprises haul cloud traffic emanating from the branch back to a central internet security point in the corporate datacenter over expensive MPLS links. This also has an impact on app performance for all apps within the enterprise that may be leveraging the MPLS links. In cases where the enterprise accesses cloud apps directly from the branch (leveraging IPSec firewalls), in the absence of SD-WAN, the security paradigm is not ideal either. All cloud-bound traffic from a branch is transported over the same IPSec tunnel with no isolation for traffic originating from different business units or traffic intended for different public cloud segments. Application-specific network policy is then applied at either of the two endpoints. 2018 IDC 3

Early adopters of SD-WAN appear to have achieved a reasonable degree of control over these problems of providing seamless, secure connectivity to cloud apps at the branch. With integrated Layer 4 7 firewalls, SD-WAN makes direct internet access from the branch a nonissue. More importantly, SD-WAN enables an enterprise to segment WAN traffic based on its origin or its destination. Typically, all enterprise apps are segmented into virtual private clouds (VPCs) and traffic into virtual networks (VNETs) to achieve the necessary isolation that the business units owning the apps demand. SD-WAN enables pervasive segmentation to be achieved on the WAN by isolating traffic into specific WAN segments and mapping these WAN segments onto the specific VPCs and VNETs. Application policy can now be applied to each WAN segment, thus achieving seamless, end-to-end, secure cloud connectivity for all apps. A key benefit of using SD-WAN is that it enables dynamic policy-based routing for all application traffic at the branch. Depending on policy defined at the SD-WAN controller and on conditions prevailing on the network links at a branch, application traffic is routed in real time over the most optimal path to deliver the attributes of bandwidth/latency performance, security, or availability for all branch application traffic. User experience is maximized while ensuring the security posture is not compromised. Early SD-WAN adopters report that SD-WAN not only helps choose the appropriate path MPLS or a broadband link between the user and application destination but also helps determine the optimal broadband path to the cloud app for users at a branch. This feature has helped optimize the performance of a significant number of third-party apps at the branch. Secure segmentation of enterprise assets. A key use case/benefit of SD-WAN that has come to the fore in early deployment is segmentation of enterprise assets that can now be pervasively enabled on the WAN. With SD-WAN, mission-critical traffic and assets can be partitioned and protected against vulnerabilities in other parts of the enterprise. This use case appears to be especially popular in verticals such as retail, healthcare, and financial. With SD-WAN in deployment, new WAN segments can be provisioned much faster and application policy can be applied to each segment (see Figure 4). Not only can WAN segments be provisioned faster but different WAN topologies can be created per segment. A specific WAN segment at a branch needs to connect to other branches this topology can be specified in the application policy for the segment. If WAN traffic on a segment needs to be restricted from being routed to another branch, this can be specified in application policy and implemented at an enterprise level. Importantly, business partners can be provided secure access to specific business segments on the WAN and restricted from others. 4 2018 IDC

FIGURE 4 End-to-End Traffic Isolation Using SD-WAN Segmentation Private Cloud/ Datacenter HQ Regional Offices Branch Offices, Remote Sites, Mobile Workers Cloud Apps/SaaS CRM ERP Internet Cloud Services Management Provisioning Security Source: IDC, 2018 Application SLA resiliency. SD-WAN enables the enterprise to identify and set up applicationspecific policies and SLA criteria around attributes such as latency, jitter, and loss. Application traffic is then routed only on links meeting the criteria. With SD-WAN, applications and their users can now be isolated from network brownouts and outages with app-aware policies. If a specific link carrying application traffic goes down, the traffic is automatically routed over another link to preserve the SLA. If a broadband link shows unacceptable packet loss, mission-critical application traffic is automatically routed over a more reliable broadband or MPLS link to ensure the application SLA is not compromised. Future of SD-WAN The early SD-WAN value proposition and ROI was largely centered around lowering WAN operating expense by enabling a secure hybrid WAN that allowed an enterprise to substitute expensive MPLS with cheaper broadband connectivity options. Early deployments have delivered on this ROI promise and other benefits centered around the implementation of application-specific policy on WAN traffic at an enterprise level. IDC views the following as critical for sustaining SD-WAN's ROI beyond this initial "MPLS to hybrid WAN" ROI bump: Enablement of comprehensive "multilayered" security. Considering that the security threat vector continues to become more aggressive and considering that the migration of enterprise apps significantly enhances the cyberattack surface for any enterprise, the need for comprehensive "multilayered" security is likely to become critical in the future. IDC believes that given the placement of SD-WAN in the enterprise network of the future, the technology is in a unique position to influence the enablement of a comprehensive multilayered security model for 2018 IDC 5

any enterprise. At a fundamental level, most SD-WAN solutions feature an integrated Layer 4 7 firewall that provides a first layer of security. As mentioned in this paper, SD-WAN also enables the creation of secure WAN segments mapped to specific VPCs and VNETs, which can provide the necessary isolation and security to application traffic while it is in flow over the WAN and to the cloud. In addition, some SD-WAN solutions route all cloud traffic through a secure cloud gateway that provides an additional layer of security for cloud traffic. Pathway toward a software-defined branch. In the longer term, IDC sees the SD-WAN as a first step toward a software-defined branch. In this vision, IDC views SD-WAN as a broader platform for several virtual network functions at the branch edge. This model involves the hosting of several network functions that today are deployed as individual appliances on a common hardware platform in a virtual CPE model. The model confers several benefits to the enterprise. While the short-term business benefit may be in the form of lower technology acquisition costs, the long-term business case rests on the advantages that accrue from the simplicity, flexibility, and agility that the virtual CPE model bestows on the enterprise or the service provider delivering the network service. Use of machine learning (ML), artificial intelligence (AI), and intent-based networking systems (IBNS) for dynamic policy optimization. SD-WAN in its current form does a great job of optimizing the WAN for a set of application-specific policies. The application policy is, however, a snapshot in time, and it represents what is best for applications and users given current network conditions at that specific point in time. In IDC's view, a great opportunity exists for vendors and enterprises to optimize the network based on policy that is dynamic and changes with time. IDC believes the use of ML/AI techniques and associated IBNS philosophies offers the potential to make SD-WAN a driver of a self-learning, self-healing WAN that is also secure and path optimized based on a dynamic application policy. Considering Cisco In 2017, Cisco acquired private SD-WAN start-up Viptela to enhance its enterprise routing and SD-WAN portfolio of solutions. From a solution architecture perspective, Viptela's SD-WAN solution applies the latest advances in software-defined networking to the emerging cloud-networked WAN context. The solution features a complete separation of the control plane and the data plane. The SD-WAN Controller vsmart provides security, route, and policy management to on-premise vedge routers. Each controller instance supports up to 3,000 edge devices and can scale out for even larger deployments. The vmanage component provides centralized configuration management and monitoring across the network. Both vsmart and vmanage are cloud-delivered VMs operated as a service by Viptela. The vedge routers feature integrated routing, encryption, and other security functions, eliminating the need for additional hardware. The routers feature zero-touch provisioning, which adds to their appeal in large enterprise and service provider deployments. Currently, vedge is delivered in three hardware form factors as well as cloud VNF and x86 elements, which considerably enhances its appeal. Cisco plans to integrate the Viptela IP deeply into the Cisco Enterprise Routing portfolio to make the solution more compelling. As a first step in this integration process, Cisco announced in late 2017 that the Viptela SD-WAN Controller vsmart was interoperable with all ASR 4000 edge routers from Cisco, including those deployed at customer sites. Challenges The SD-WAN market given its attractiveness is highly competitive. There is a lot of hype around technology promise and vendor capabilities, which is not healthy for the market in the short term. Vendors such as Cisco have their work cut out for them in terms of making themselves heard and ensuring that their capabilities are fully understood by enterprises in the market. 6 2018 IDC

Conclusion IDC believes that the SD-WAN market has passed the hype phase and entered a period where early implementations have begun to deliver tangible benefits. To the extent that Cisco can execute on evolving requirements in a dynamic marketplace and address the challenges described in this paper, the company has a significant opportunity for success as this market becomes mainstream over the next few years. A B O U T T H I S P U B L I C A T I ON This publication was produced by IDC Custom Solutions. The opinion, analysis, and research results presented herein are drawn from more detailed research and analysis independently conducted and published by IDC, unless specific vendor sponsorship is noted. IDC Custom Solutions makes IDC content available in a wide range of formats for distribution by various companies. A license to distribute IDC content does not imply endorsement of or opinion about the licensee. C O P Y R I G H T A N D R E S T R I C T I O N S Any IDC information or reference to IDC that is to be used in advertising, press releases, or promotional materials requires prior written approval from IDC. For permission requests, contact the IDC Custom Solutions information line at 508-988-7610 or gms@idc.com. Translation and/or localization of this document require an additional license from IDC. For more information on IDC, visit www.idc.com. For more information on IDC Custom Solutions, visit http://www.idc.com/prodserv/custom_solutions/index.jsp. Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com 2018 IDC 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback