SD WAN Part (3)
Nowadays, every SD-WAN Technology supportive vendor provides the following core features such as
1️⃣ Data Plane Security Encryption and Method of Using WAN
2️⃣ Single Service Insertion
3️⃣ Application and Flow Visibility
4️⃣ Tunnel Performance
5️⃣ Per-flow Load Balancing
6️⃣ Dynamic Path Switching
In below, I would like to explain these core features, one by one.
➡ Data Plane Security Encryption and Method of Using WAN
When we setup site-to-site tunnels, here are the requirements that one admin in Head site and one engineer in Branch site. There may happen Human Error in manual tunnel key exchange. For these two reasons, we can face the problem of Tunnel for not being up.
In SD-WAN Technology, site-to-site encryption is done by using IPSec Tunnel. In tunnel setup case, SD-WAN featured devices (e.g, SD-WAN Routers) firstly synchronize with SD-WAN controller. After this, tunnel keys are sent to controller. And then SD-WAN controller automatically exchanges these tunnel keys between specific sites that we want to setup tunnel. So, we can reduce human error because of the auto key exchange process of SD-WAN controller and also can protect Man-in-the-Middle attack by predefining the timer to SD-WAN controller for key renewal.
➡ Single Service Insertion
When we want to inspect specific VPN traffic, we have to let them go through IPS or Firewall by using service insertion feature of SD-WAN technology. This service insertion feature is also known as traffic redirecting. By using control or data policy, we can make the process of traffic redirecting.
➡ Application and Flow Visibility
In traditional network, we have to use a third-party application to detect which applications are being used in our network. In SD-WAN technology, it includes the Application Aware Built-in feature to detect 3,000 applications. It is easy to monitor application traffic such as application using bandwidths and the link application passed through.
In SD-WAN Technology, we can check how many jitter, loss packets and latency between site-to-site tunnels in real or custom timeline. According to this way, we can take the process of link monitoring.
➡ Per-flow Load Balancing
In traditional network, it is difficult for routers to be able to do load balancing. We have to use Load-Balancers for load balancing. But SD-WAN technology can provide load balancing as built-in feature. For example, if there were four WAN links in our network, SD-WAN will definitely make these four links to be load-balanced. And we can get the benefit of bandwidth increasement.
Dynamic Path Switching
In SD-WAN Technology, if the link degradation happened which didn’t validate with SLA service while applications are going through, they can alternatively choose another path to continue streaming. By this way, we can also protect the application degradation.
These features as I explained above include as built-in features in every SD-WAN supportive vendor. But how much they can completely support these features depends on our chosen Vendors?
As our NEX4 SI, we are providing a better solution in implementing SD-WAN Features with our skillful professionals.Moreover, NEX4 also provides User and Admin Awareness Trainings to get easier understanding in implementing this edge technology.
Don’t forget to share this post!