Over the past few years, SD-WANs have become the Kardashians of the tech industry. That is, it’s hard to go anywhere or talk to anyone without the topic of SD-WANs coming up. Unlike the Kardashians, SD-WANs deserve this level of attention, since the technology is useful by lowering the cost of running a WAN and improves application performance. However, for all the hype and chatter about the topic, its primary focus has been to improve connectivity to branch offices.
It’s been well documented on this site and others that the cloud is not only mainstream but also the preferred strategy for many organizations, so a WAN must not only address connectivity to branch offices but also cloud services.
This week SD-WAN vendor Viptela, which was acquired earlier this year by Cisco, announced Cloud onRamp, which enables businesses to connect sites and users to a wide range of IaaS and SaaS cloud providers. The new service, part of Viptela’s Fabric, is a virtual overlay that can deliver a wide range of services, including SD-WAN, network as a service, AppUX and the new Cloud onRamp.
Although Cloud onRamp addresses both IaaS and SaaS providers, it does operate slightly differently for the two types of cloud. With IaaS providers, such as Amazon AWS and Microsoft Azure, Viptela automatically instantiates an instance of the virtual vEdge router inside the customer’s cloud domain. While there are other vendors that do this, Viptela extends the connection from the branch to the cloud rather than the data center. It’s commonly said that the shortest distance between two points is a straight line, so a branch-to-cloud link will be shorter and most likely higher-quality than a cloud-to-data-center-to-branch connection. For SaaS applications, such as Microsoft Office 365 and Salesforce.com, Cloud onRamp connects to the closest vEdge router in a branch, regional colocation facility or data center to monitor the performance and availability of each possible path and then dynamically chooses the best one to the SaaS provider. Since there’s no way to drop a vEdge router into something such as Salesforce, Viptela chooses the closest, best path and then routes the traffic over its Fabric proving optimized performance. Viptela is constantly monitoring network and application performance and can change paths best on evolving network conditions.
Regardless of whether the connection is to a SaaS or IaaS provider, Cloud onRamp enables businesses to segment workloads through policies that can create multiple overlay VPNs on top of the Fabric. This has obvious application performance benefits but also security implications, particularly in a world where IoT devices are being connected at an accelerated rate. With Cloud onRamp, it’s feasible to set up dedicated network segments down to the device so there’s no concern of the device being compromised, causing a back door in the company network.
Legacy WANs were never designed for wide-scale cloud adoption, so using an SD-WAN to replicate a legacy WAN is a little like using PCs to connect to mainframes using mainframe emulators. You can do it, but it’s a waste. Instead it’s important for vendors to consider what SD-WANs can do that legacy WANs could not, and extending secure, optimized connectivity to the cloud is certainly at the top of that list.