ONUG Blog: Your Digital Transformation Needs SD-WAN

Companies across industries of all sizes require solutions that enable fast, easy deployment and real-time, centralized operations management. SD-WAN is strategically positioned to make the digital transformation a reality. Vinod Kumar Balasubramanyam of VMware spoke at ONUG’s Fall Conference, providing insight into why SD-WAN is the ideal choice for companies of any size. In addition to the benefits of using a scalable cloud architecture, he focused on how VMware SD-WAN by VeloCloud is different from traditional approaches and how it interacts with legacy infrastructures. Here are some highlights from his keynote.


VMware’s Balasubramanyam first addressed why SD-WAN is the logical choice. He noted that if we look at the current state of SD-WAN, most applications are hosted in a data center. With the rise of cloud computing and Software as a Service (SaaS), applications that were formerly hosted in data centers are moving to the cloud. Users must go out to the internet to access their applications. This process introduces a lot of latency because those users are still going through the data center to access their online applications.

For example, popular real-time applications, such as Office365 and Skype, are commonly being used. They are hosted in the cloud, but many companies are still backhauling all this traffic through their data center, an inefficient process that creates a lot of latency.

In addition, this SD-WAN architecture is going to decrease MPLS (Multiprotocol Label Switching) expenses. SD-WAN reduces operational expenses by using the internet to transport traffic. SD-WAN also saves costs by classifying application traffic before sending it off to a particular destination, instead of depending on a Layer 3 destination, as is the case with legacy applications.

SD-WAN extracts the complexity of the “data center set up” to present a simplified process to the end user. 

Key Capabilities of SD-WAN

Balasubramanyam emphasized the key capabilities of VMware’s SD-WAN solution. He summed them up in these four bullets. 

  • Transport Independent: When you deploy an SD-WAN device from the branch, you will have MPLS, broadband and/or LTE connections. 
  • Secure Overlay: Wherever the traffic is going (i.e. data center or cloud solution), a secure overlay is provided.
  • Dynamic Path Selection: Certain paths should be available based on certain criteria. Each category of applications has different requirements. You should be able to categorize the traffic and use multiple links to send that traffic out to the internet. 
  • Simple interface: You want to keep your operational support lean. If you deploy a new device, it should be as easy as possible. You should not need a networking expert to handle the new deployment. SD-WAN is set up to just have one orchestrator that communicates with network management devices.

Top Benefits of SD-WAN

While the benefits of SD-WAN are extensive, Balasubramanyam boiled them down to these three pillars upon which VMware’s solution is built. 

  • Simplified WAN Management: WAN enables a policy-based configuration model. That means you do not have to configure each branch device. Instead, you can just say, “for this application, this should be the treatment across branches.” 
  • Assured Application Performance: Applications that used to be based on the data center now have assured performance when operating in the cloud, in addition to decreases in overall operational expenses. They are going through a more reliable MPLS connection, enabling the real-time applications to be carried out in an assured way. 
  • Managed On-ramp to the Cloud: There is a gateway component to VMware’s solution that greatly reduces the unreliability of the internet. This allows cloud-based SaaS applications to run securely and at peak performance. 

Components of VMware’s Solution

Three main components make up VMware’s SD-WAN Solution. Balasubramanyam broke them down for the audience like this:

  • The Edge: This is the box that literally connects the internet to the branch and local area network.
  • Orchestrator: This is a single place where you can go and do all the configurations. It also allows you to view all data, including application performance from one location. 
  • Gateway: These create an optimized cloud on-ramp to the doorstep of SaaS and IaaS applications. The gateway greatly simplifies VPN topologies. By simply clicking “enable cloud VPN,” you will automatically create VPNs between all the devices in your profile. For example, if you use a cloud security service, you don’t have to create a tunnel from each branch. Simply create a tunnel from the cloud security service to the gateway. The “edges” will talk to the gateway automatically. It’s as easy as saying, “these are all my internet applications that need to go to the cloud security service for inspection.” Once a business policy is defined, the “edges” will send the traffic through the secure tunnel to the gateway, and the gateway actually sends the traffic to the cloud security service. 

VMware offers two available deployments to fit the individual needs of clients, allowing architectural flexibility. One is an enterprise-based deployment and the other is service provider-based. Whether the customer is using the internet or MPLS, VMware is able to aggregate that traffic to a single point of presence, which is the gateway. 

Additionally, Balasubramanyam explained that VMware provides top security architecture, including being able to integrate with security provider selections, such as Zscaler and Forcepoint. The solution has a built-in firewall, a firewall VNF and a centralized firewall. 

Dynamic Multipath Optimization – What Is It?

Dynamic Multipath Optimization is a suite of implementations VMware has internally to ensure application performance. This suite is made of up five key parts that work together to guarantee your applications run at peak performance. 

  • Deep Application Recognition: Identifies the application and what network it is on, placing it in the proper category.
  • Secure Overlay: Determines what paths or tunnels are available.
  • Link Qualification: Gateways allow the monitoring of traffic in and out of the link. This allows VMware to identify any delays in the path. 
  • Application Steering: Helps identify the best path for the application.
  • On-Demand Remediation and Aggregation: Troubleshooting helps identify links that are not good, allowing an immediate reaction to deteriorating link conditions. Problems are fixed before they are even felt by the user, optimizing performance. 

Balasubramanyam showed a slide of Dynamic Multipath Optimization in action, demonstrating how it helps guide the best paths, identifying latency, packet loss and jitter. 

The key takeaway from Balasubramanyam’s keynote was that SD-WAN is enabling enterprises to reach any kind of cloud, including private, public and hybrid. It’s doing so securely and at scale. The presentation concluded with VMware’s vision for the future and how the company has contributed to ONUG validation testing and advanced load balancing projects. 

Gain More Insights

Gain more insight into the present and future of cloud computing during ONUG’s FREE digital live event on May 6 and 7. This fully immersive, interactive networking and learning experience will allow you to tap into the insights of the industry’s biggest names in Enterprise Cloud Computing. Register for free today. 

[contact us]

Author's Bio

Guest Author