Cooperation between SD-WAN vendors and cloud service providers contributes to easily managed cloud connections across multiple cloud providers and creates a secure, low-latency multicloud environment.
With SD-WAN becoming remote users’ primary access to cloud-based applications, and with organizations deploying multicloud environments to optimize performance, it’s important for IT pros to choose SD-WAN technology that supports secure, low-latency, and easy-to-manage connectivity to their cloud providers.
What is multicloud?
Multicloud is the use of two or more cloud providers for the purpose of enabling the flexibility to run applications on the most appropriate platforms, and most enterprises have embraced it.
Most IT organizations have a mix of internal data centers, applications deployed on infrastructure-as-a-service (IaaS) platforms, and multiple best-in-breed software-as-a service (SaaS) applications. These multicloud environments may have come about by choice, via merger/acquisition with another company, or by end-user desire to rapidly deploy new applications on cloudbased platforms. Regardless of how they got there, IT organizations are now responsible for the security, management, and quality of user experience for all cloud-based applications.
Each cloud environment has its own set of strengths, weaknesses, and cost profiles. For example, most legacy applications and some new ones are likely to remain on internal data centers for reasons of security, compliance, and cost. Each IaaS platform has a unique development environment and associated ecosystem that makes it appropriate for certain types of applications. For example, Amazon AWS is suited for E-Commerce applications, Microsoft Azure for applications designed around SQL and Active Directory, and Google Cloud for Kubernetes-based container applications.
Each SaaS platform has best-in-breed applications and cost profiles for unified communications, office suites, CRM, accounting, etc.
The challenge for IT leaders is that each IaaS or SaaS provider has a unique set of services, security mechanisms, APIs, and management tools. To optimize quality of user experience, IT must navigate the connectivity offered by each IaaS and SaaS provider, such as the provider’s local point of presence. Most IT leaders report that managing this complex mix of multicloud resources is very challenging.
SD-WAN combines multiple physical WAN links into one logical network and provides traffic prioritization to accelerate application performance to on-premises and cloud-based applications. Using network abstraction, SD-WAN improves the economics of branch connectivity by enabling organizations to leverage inexpensive circuits such as the internet to address growing bandwidth requirements. SD-WAN is an overlay technology that maps new services—application prioritization, security, management— on top of existing physical networks.
SD-WAN may be deployed internally by IT pros or delivered as a managed service by a range of service providers. SD-WAN technology continues to improve features that include enhanced traffic identification and routing, increased network security, and better centralized management.
SD-WAN to improve multicloud access
SD-WAN leverages its application-identification and trafficsteering capabilities to better support secure access to multicloud environments. IT pros can set specific business-policy metrics per application and cloud environment and have them enforced by the SD-WAN platform. They must prioritize mission- critical applications according to how much latency they can tolerate. For example, IT can set different policy profiles for low-latency traffic like unified communications, voice, video, office-productivity applications, and general email.
To improve security, IT can set policies about what traffic should traverse which WAN link: for example, private MPLS vs. public Internet. SD-WAN platforms provide visibility about traffic sources and destinations that can be used for blacklisting to block and whitelisting to accelerate. They can also quarantine suspicious traffic flows. Encryption and micro-segmentation at the application or platform level can be employed to improve security as well.
Responding to customer demands, SD-WAN suppliers have improved their ability to recognize and route cloud-based traffic flows. They have partnered with leading IaaS providers to accelerate traffic to and from their local points of presence. They can spin up virtual instances of their SD-WAN platform on leading IaaS platforms (most support Amazon AWS and Microsoft Azure). SD-WAN platforms can also recognize the IP addresses of most leading SaaS providers to apply appropriate business policies.
SD-WAN is a mainstream technology to enable secure and reliable remote and branch user access to applications regardless of location. SD-WAN’s application identification, traffic steering, and security capabilities can help IT connect to and manage access across multicloud environments.
IT pros with multicloud environments should judge SD-WAN providers on their ability to identify IaaS and SaaS traffic and apply appropriate traffic steering, prioritization, and security policies. SD-WAN providers should have strong partnership with the leading cloud providers to accelerate and manage traffic to/from cloud on-ramps.
By Lee Doyle