SD-LAN Is All About Future Proofing Your Wireless Network
In this four-part series, I explain SD-LAN. Last week I published six problems that SD-LAN deployments solve. Today I underscore the benefits of an SD-LAN implementation.
Recognizing that the digital enterprise’s campus network is required to continuously adapt to the fast-paced changes brought about the digital transformation, SD-LAN (see Figure 1) came to be. It builds upon the principles of software-defined networks in the datacenter and SD-WAN to create a new approach to adaptable, flexible, and cost-effective wireless and wired access networks.
This approach builds an application- and policy-driven architecture, unchaining hardware and software layers while offering self-organizing and centrally managed networks that are simpler to operate, integrate, and scale.
SD-LAN offers a number of beneficial attributes for the next-generation networks of the digitally transformed enterprise:
1) Application optimized. SD-LAN prioritizes and dynamically changes the performance and behavior of the network based on the applications that use the network, focusing network resources where they best serve the organization’s most important activities.
2) Identity driven. The solution dynamically defines what individual users, clients, and “things” can do when they access the SD-LAN. Secure, granular, context-based access policies can be applied to just one user and device or to groups of users and devices.
Private Pre-Shared Key (PPSK) technology enables each device or user to receive a unique key that can be used to identify and onboard the device and will expire to securely eject a device from the network or limit its ongoing access. This protects against many of the risks of onboarding both IoT and BYOD devices.
3) Open APIs. The solution’s programmable interfaces allow tight integration of network and applications infrastructures, enabling the network to provide new insights and integrate with the rest of the operations framework.
4) Cloud managed: public or private. Cloud management keeps networks dynamic, tightly managed, and cost effective to operate. The solution achieves this through centralized management of operations and policies, with policy changes distributed in real time to switches and access points across the distributed access network infrastructure.
5) Adaptable infrastructure. Wireless access points and access switches can intelligently respond to changes that occur in network configuration and requirements. This adaptable infrastructure includes control protocols to deliver device behaviors such as self-optimization and self-healing that can be manipulated through software. Additionally, software-defined radio technology allows wireless access points to dynamically optimize coverage while delivering maximum capacity at all times.
6) Organized access. On the WLAN side, a “cooperative control” architecture, in which control functionality is shared among access points instead of being centralized in a physical controller, allows for a self-organizing, self-optimizing, and self-correcting WLAN.
This structure reveals that campus and branch architectures will ultimately benefit from cloud-managed and software-defined platforms to centrally manage and secure IT assets and applications at scale. SD-LAN directly addresses the challenges of optimizing connectivity, policy, and security for the vast and growing ecosystems of IoT devices and cloud-hosted business applications.
These factors join Wave 2 802.11ac to force a change in the way LANs and WLANs are architected, paving the way for enterprises to consider a new architectural mode such as SD-LAN. And SD-LAN will add to the benefits that many organizations, especially midmarket and distributed enterprises, have realized from cloud management.
Intelligent security will be an especially important benefit, as enterprises of every size grapple with IoT connectivity and security. The identity-driven access policies of SD-LAN simplify the creation of a more secure environment for IoT and BYOD without the use of guest SSIDs that are based on the more easily compromised WPA2-PSK.
This level of security and policy automation is one feature of SD-LAN that will help future proof enterprise campus and branch networks for the ongoing security challenges of BYOD and the quickly unfolding challenges of IoT. Adaptable infrastructure, application optimization, and open APIs in a self-organizing, cloud-managed network also hold great promise to provide the network agility required for supporting DX.
While SD-LAN is built to be user-friendly, and this extends to the initial implementation process, any transition to a new network architecture comes with a learning curve and the perception of adjustment challenges. Implementing a new LAN or WLAN architecture represents a change from potentially long-established methods of managing the network and requires the learning of new skills and an adjustment period once the technology is implemented.
Deliberate education and change management efforts may be necessary to weather this transition. Where applicable, it is important to seek resellers, integrators, and/or service partners that have a proven history with successful transitions, in addition to leveraging vendor resources.
Digital transformation requires a reassessment of the enterprise campus network’s ability to support next-generation applications, devices, and “things.” Legacy LAN and WLAN infrastructure often lacks the automation, programmability, application visibility and automation, API compatibility, network segmentation, and analytics capabilities that enterprises will require on the 3rd Platform.
Enterprises not only are increasingly seeking these capabilities in their networks, but also are seeking to manage the capabilities on the public or private cloud. SD-LAN is a viable solution to be considered for organizations implementing an enterprise campus network in the digital era.