David Hughes is chief executive officer at Silver Peak, the broadband and hybrid wide area network (WAN) company that has done much to foster wider adoption of software defined wide area network (SD-WAN) technology in enterprise branch offices over the past couple of years.
Silver Peak has now deployed its Edge Connect SD-WAN solution for more than 600 customers. But apart from continued traction for the technology as more organisations switch onto the benefits of replacing branch office routers with software defined equivalents, we wanted David to tell us what else is on the horizon for SD-WAN this year?
SD-WAN will alter enterprise security provision
We will see improvements in way security can be delivered enabled by SD-WAN in 2018. For years enterprises have been stuck with two choices – either backhauling all traffic via the ISP firewall or deploying firewalls at each local branch office – and neither of them are really very good.
The SD-WAN edge will typically include security functionality that lets IT departments decide whether to break out data traffic on an application by application basis. So rather than having an all or nothing decision, it will let the network administrator configure a granular adaptive application by application local breakout of that traffic -for white-listed software as a service (SaaS) applications from trusted sources for example.
The organisation might decide that there are people at the office doing their banking or shopping whilst they are at work. The IT department might not want to stop that, but it might not want that traffic on the network either because it cannot be certain about its origin, and would prefer to send it through a cloud based firewall or web services gateway instead.
For other types of traffic the organisation might prefer to backhaul it to the data centre and process it through its full multi-vendor security stack. Network administrators can also microsegment traffic across the WAN, keeping Internet of Things (IoT) separate from credit card details or backup and replication traffic for example, and configure individual policies for each of those traffic classes.
The evolution of the “self-driving” network
People often ask me what comes next after SD-WAN and I find the best way to explain that is using the software defined data centre (SDDC). The idea behind the SDDC is to pool all resources under a virtualisation and orchestration layer able to run any application on any server in the data centre, which gives much greater flexibility and agility and lets IT departments perform cost effective upgrades of underlying server hardware without having to take down the applications running on them.
In a sense SD-WAN does same thing but for network transport – it allows application traffic to be transmitted over any combination of transport whether MPLS, Internet, 4G or LTE wireless for example. IT departments can mix and match those transport technologies to deliver consistent network quality and availability for the applications that run in the virtualised overlay over those transport links.
Machine learning and artificial intelligence provide network insight
The idea with SD-WAN is that you have this virtualisation layer able to deliver a self-driving network that moves beyond automation to use machine learning and artificial intelligence to do several different things, one of which is to move further down the path to intent or outcome based networking [software that helps the network monitor, identify and react in real time to changing network conditions to deliver a specific business outcome]. Much of that intent can be translated directly with automation, but in some cases machine learning and artificial intelligence let us take that to a new level.
Another place I see machine learning making a difference is in the management of all the data the SD-WAN collects. With SD-WAN we are collecting lots of latency and jitter information every second from every path on the network – millions of data points a second. And that data can be very helpful when it comes to troubleshooting, understanding everything that is going on with the network and also monitoring every application. So IT departments get a great picture of how users are using both applications and the network.
But when you have all of that data where do you find the needle in the haystack, how do you know where to look? A lot of the work that has been done using artificial intelligence today can be applied to that network and application data to provide actionable insight for network administrators.
Cloud-based network management takes off
We are also going to see more organisations using cloud based management as the default method of managing network devices in 2018. The trend started a few years ago when they began deploying WiFi with cloud based management tools, and from there it has spread to the branch office and new SD-WAN edge. Cloud based management simplifies orchestration, makes it easier to deploy [WAN connectivity at] new sites and providers better ongoing network availability.
It is one less thing, one less virtual machine (VM), for the networking team to keep up and running in the data centre. And most importantly a cloud-based orchestration and management platform is backed with web scale storage and compute resources, and that enables new levels of analytics and machine learning techniques to be applied – those that would be really difficult to support in private enterprise environments without the same resources.
Single VNF becomes best use case for uCPE
2018 will see more telecommunications carriers and network service providers rolling out universal customer premise equipment (uCPE). So instead of deploying a router or dedicated network appliance they manage for the customer on site, they deploy an x86 “white box” appliance with a virtualisation layer which they can manage remotely and install virtual network functions (VNFs) on that uCPE.
There is a lot of hype in the market around customers being able to mix and match VNFs from different vendors, and the long and complex service chain that creates. We think the uCPE trend will really take off and it is great that it enables enterprise IT departments to switch between different vendors technologies much more easily than they can today.
But that is just one approach and we believe that the less VNFs there are out there on that uCPE the better. In most cases in fact we believe that just one SD-WAN VNF will be enough for most branch offices. It will become apparent as uCPE takes off that having a well thought out, simple edge based WAN VNF is going to be better and easier to manage than a service chain involving different types of functions from different vendors. It is easy to say you are going to service chain those functions, but it is much harder to do in practice.
More managed SD-WAN service models emerge
Most SD-WAN deployments we have seen so far have been DIY implementations from enterprises themselves, the idea being that if you are able to deploy your own edge devices you have complete control of your network and are able to mix and match different network transport links from different carriers at will.
Silver Peak has more than 600 customers doing this today with Edge Connect. But for every DIY implementation, there is another potential customer looking for a fully managed solution, perhaps because they have outsourced most of their IT or they don’t have the in-house expertise or headcount to do it themselves.
Others want assistance with deployment or break/fix but want to manage the network themselves, and there are those that want a co-managed solution where the NSP deploys the SD-WAN on their behalf and manages break fix but management is a joint effort with the customer.
In 2018 we believe there will be a lot more of those options to choose from, spanning NSPs, traditional value added resellers (VARs) and systems integrators for example. They are all going to be designing new SD-WAN services that will fill out the spectrum between DIY and fully managed.
Consolidation and IPOs on the cards
We anticipate demand for SD-WAN solutions and services will continue to see explosive growth in 2018 as the technology moves into the mainstream. At least one of SD-WAN vendors will pursue an initial public offering (IPO) and we are very likely to see one or more S-1 filing in preparation for those IPOs driven by the strength in the SD-WAN market.
Plus, the smaller SD-WAN players and start-ups that have not been able to build a business so far, it is going to be time for them to wrap up and find a home under wing of a larger and more established company. It will also be interesting to see what happens to those SD-WAN technologies and solutions which were acquired this year – which of the original products can be integrated into the parent offering and which ones end up on the scrap heap. It will be an exciting year.