This is a summary of an article written for MSP Insights by Satish Madiraju, Director, Products & Solutions at Fortinet. The entire article can be accessed here

SD-WAN promises several benefits, including the ability to deliver an optimal application experience for branch offices and remote workers. In other words, these solutions are designed to connect a remote or branch user to an application – no matter where either is located – as quickly and reliably as possible. But just as important, it also works to secure these connections to ensure an ongoing positive user experience. 

The ability for SD-WAN solutions to accelerate the delivery of cloud-based resources across multi-cloud environments plays a critical role in fulfilling this promise of an optimal user experience. This is always true, regardless of whether assets are deployed in a private or public cloud environment or if users require access to business-critical Software-as-a-Service (SaaS) applications such as Salesforce, Microsoft Office 365, streaming video, or others. Providing reliable access to this range of cloud-based resources requires granular controls, including dynamic failover, SLA-based application steering, and application availability, even during brownout or blackout conditions. 

SD-WAN Requires a Cloud On-Ramp

However, even with these tools in place, the main challenge is that the internet was not designed for performance. Further, most traditional methods used for steering traffic through public networks (i.e., border gateway protocol (BGP)) don’t redirect traffic to avoid congestion. The answer to this problem is a cloud on-ramp solution that joins colocation sites to a cloud-based application accelerator – such as Equinix – for accelerated cloud connectivity. There should also be a simultaneous focus on middle-mile optimization using sensors embedded in backbone networks by providers like Teridion. When service providers combine SD-WAN acceleration with backbone-based route optimization and protocol acceleration, they can stamp out the inherent performance issues associated with traditional internet routing. 

Another challenge associated with SD-WAN is that most solutions must be looped in with a vendor-specific cloud connector that manages matters like traffic steering and internet access before connecting to an application acceleration point. This element adds extraneous distance and delays to a system already unfavorably disposed to latency, jitter, and packet loss. With this in mind, it is recommended to leverage an SD-WAN solution featuring a built-in connector to enable intelligent connection flexibility without the need to backhaul application traffic through an SD-WAN vendor’s remote cloud connector.

Enabling Security Without Hindering Performance

SD-WAN solutions featuring built-in security functionality should also be able to use open APIs to connect to identical virtual security solutions offered in the core provider’s marketplace; this enables point-to-point connections that are fast, reliable, and secure. In addition, these direct cloud connection capabilities help organizations address the challenges of unauthorized Shadow IT and data loss by pairing their SD-WAN solution to a cloud access security broker (CASB) solution. This enables deep visibility into and control over application access, usage, and traffic across a multi-cloud environment without hindering performance. 

Most SD-WAN Solutions Struggle with Performance  

While SD-WAN promises flexible direct connectivity, advanced application steering, robust connection management, and full-stack security, most solutions struggle with a lack of horsepower required to appropriately scale these functions. Part of the reason why vendors deploy their connectors in the cloud and relegate security responsibilities to their customers – leading to the deployment of overlay solutions – is that their SD-WAN solutions have been built using standard, off-the-shelf processors, limiting their ability to deliver the necessary level of power and performance.

Most technology-dependent solutions from leading vendors (i.e., smartphones and cloud platforms) rely on custom central processing units (CPUs) for acceleration and scalability to meet the needs of applications and the environments where they are used. For SD-WAN to meet expectations around flexible, scalable, reliable, and secure connectivity, those who manufacture these solutions must also work to fulfill these promises. If not, they will continue to offload performance responsibilities to service providers, cloud providers, and even customers, producing unsatisfactory results and increased overhead. 

Choosing the Right SD-WAN Solution

Organizations are adopting new applications within their SaaS and multi-cloud environments daily, meaning establishing a secure posture around this access is more critical than ever – this is especially true for applications deployed in the cloud. With this in mind, organizations require an SD-WAN solution that can dynamically select the optimal path to SaaS applications in the cloud, optimize those connections, and also deliver full Layer-7 security and advanced security capabilities, all without impacting scalability and performance. And while this may seem like a daunting task, there are solutions that feature these elements – organizations just need to be aware of what they’re actually looking for. 

Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.

Current partners can visit the Partner Portal to find important updates from Fortinet and our partner program.

Sourced from Fortinet

Recommended Posts