As organizations continue to embrace cloud computing, the traditional wide area network (WAN) architecture is struggling to keep up with the increasing demand for fast, reliable, and secure access to cloud applications and services.
Gartner analysts Simon Richard and Sumit Rajput recently addressed these challenges in a Gartner for Technical Professionals research note, Optimize WAN Architectures for Workloads That Span the Hybrid Cloud and the Multicloud 1. Richard and Rajput note that “When they first started deploying workloads in the cloud, most IT organizations realized the WAN that they built when most of their applications were hosted in their datacenters was not fit for hybrid cloud and multicloud computing. They transformed their WANs to make them cloud-friendly.” They did this by extending their existing WANs to cloud service providers via dedicated cloud connections and MPLS-based extensions, but the datacenter was still the center of network gravity.
As enterprises reach the tipping point of hosting more applications outside of the datacenter than inside, and in many cases even shuttering legacy datacenters altogether, Gartner is now finding that “Today, enterprises want to optimize their cloud-friendly networks to make them cloud-centric.”
The technologies needed to enable this next phase of evolution include software-defined WAN (SD-WAN), secure access service edge (SASE), and software-defined cloud interconnection (SDCI). So how do you bring these three technologies together with the right WAN architecture to move from a cloud-ready WAN to a cloud-centric WAN?
Let us explore these technologies and how they underpin the recipe for achieving a more efficient and secure cloud-centric network.
Step 1: Deploy SD-WAN
SD-WAN is a technology that uses software to control the routing and prioritization of traffic over multiple network links, including Internet, broadband, MPLS, private lines, and wireless (LTE/4G/5G). It offers a centralized management console to orchestrate the cloud-centric WAN overlay. By optimizing routing for each application based on user and application policies, SD-WAN improves application performance, reduces latency, and optimizes bandwidth utilization.
Step 2: Embrace SASE
SASE is a networking and security architecture that combines the functions of SD-WAN and distributed security into an integrated service at the network edge. SASE provides a secure and seamless connection to cloud applications and services by integrating software-defined networking (SDN) with cloud-based security functions such as secure web gateways (SWG), cloud access security brokers (CASB), and zero trust network access (ZTNA). By integrating networking and security functions at the edge, SASE simplifies network management, reduces costs, and improves security posture.
Step 3: Leverage SDCI to Aggregate Edge Access
SDCI is a technology that extends the principles of software-defined networking to the cloud edge and interconnection. SDCI allows users to automate and orchestrate the deployment and management of physical cloud interconnections using software instead of manual processes and physical infrastructure. By abstracting the underlying infrastructure, SDCI offers a more flexible, scalable, and programmable cloud networking environment. SDCI interconnection points also serve as cloud-centric points of presence, supplying carrier-neutral edge access aggregation and interconnection.
The final hurdle an enterprise’s IT team faces when moving toward a cloud-centric WAN is uncoupling the local access from their MPLS or Dedicated Internet Access (DIA) services and providers. Traditionally, enterprises have relied on their MPLS and DIA providers to source and manage the local access links at the edge. The service providers connect the local access to their proprietary points of presence (POPs), integrated as a part of the MPLS or DIA service, thus controlling access to all network services. The resulting WAN remains both datacenter and carrier-centric, rather than cloud-centric. Leveraging SDCI-based interconnection points to terminate local access decouples the access services from the network services, shifting the gravity of the WAN toward the cloud, while opening the entire market of network services to the enterprise, and eliminating control by a single vendor.