This article was written by Nav Chander, Head of Service Provider SD-WAN/SASE Product Marketing at Aruba.

Let's explore the guitar, an instrument which will symbolize SD-WAN, an important foundation for building a modern enterprise WAN network that supports secure connectivity and high performance for business applications. The macro driver of SD-WAN is the digital transformation effort worldwide which is manifested by enabling an efficient, cloud-first IT strategy.

A software-defined wide area network (SD-WAN) is a virtual WAN architecture that allows enterprises to leverage any combination of transport services – including MPLS, LTE and broadband internet services – to securely connect users to applications.

An SD‑WAN assures consistent application performance and resiliency, automates traffic steering in an application-driven manner based on business intent, improves network security, and simplifies the WAN architecture. An SD-WAN uses a centralized control function to steer traffic securely and intelligently across the WAN and directly to trusted SaaS and IaaS providers. This increases application performance and delivers a high-quality user experience, which increases business productivity and agility and reduces IT costs.

An SD-WAN enables cloud-first enterprises to deliver a superior application quality of experience (QoEx) for users. By identifying applications, an SD-WAN provides intelligent application-aware routing across the WAN. Each class of applications receives the appropriate QoS and security policy enforcement, all in accordance with business needs. Secure local internet breakout of IaaS and SaaS application traffic from the branch provides the highest levels of cloud performance while protecting the enterprise from threats.

So, what's the difference between a basic SD-WAN solution and a best-in-class SD-WAN solution?

A basic SD-WAN solution does not always provide full end-to-end orchestration of all WAN edge functions such as routing, NGFW, micro-segmentation, SD-WAN and WAN optimization. When enterprises deploy new applications or when a QoS or security policy change is required, an advanced SD-WAN supports centralized configuration, enabling the required changes to be deployed in a few minutes instead of weeks or months. Centralized orchestration greatly minimizes human errors that can compromise performance or security.

Think of a basic acoustic beginner guitar compared to a high-end acoustic guitar like a Gibson, Taylor or Martin. The excellent sound quality, playability and musician's experience is much better with these high-end guitars, analogous to a business-driven SD-WAN that provides a higher quality of experience, more WAN deployment flexibility and supports higher performance for all applications.

An SD-WAN platform with advanced networking capabilities, such as the EdgeConnect SD-WAN can support today's WAN edge requirements and help enterprises with a key foundation for their journey to a SASE architecture. These SD-WAN capabilities include:

  • Identification of application traffic on the first packet and granularly steer it to enforce both QoS and security policies as defined by business intent
  • Business intent overlays that simplify the creation of application-aware policies that are individually customized to enterprise applications and network requirements
  • Continuous self-learning and automatic daily updates to cloud application definitions and TCP/IP address ranges
  • Intelligent monitoring and management of all underlay transport services, using tunnel bonding and adaptive forward error correction (FEC) to actively use multiple forms of WAN transport
  • Zero trust network segmentation of the traffic based on identity and context so that users and IoT devices reach destinations consistent with their role in the business
  • Next-generation firewall (NGFW) with fine-grained segmentation and identity-based access control capabilities, as well as IDS/IPS and DDoS defense
  • Comprehensive, end-to-end security capabilities that orchestrate and enforce end-to-end segmentation spanning the LAN-WAN-Data center and the LAN-WAN-Cloud
  • Automate orchestration between the SD-WAN and cloud-delivered security services from a single console
  • Automatically failover to a secondary cloud security enforcement point to avoid any application interruption
  • Enabling customers to adopt cloud security services—and their SASE implementations—at their own pace

So, when it comes to a high-end acoustic guitar, there are many capabilities that make them stand apart from a basic acoustic guitar. High-end guitars will have premium inlays, binding, rosettes, and premium wood material, detail finishes along with the handcrafted construction that combine to enhance the guitar's overall look and playability. These features combine to make a high-end guitar instrument that produces the best sound quality.

Similarly, like the high-end acoustic guitar, Aruba EdgeConnect SD-WAN is an advanced SD-WAN platform that provides a secure network foundation for Zero Trust and SASE. It includes a first-class SD-WAN paired with a next-generation firewall, which replaces branch firewalls delivering unmatched quality of experience and advanced security, similar to the rich sound produced from a high-end guitar.

Learn more about SD-WAN and Aruba Connect with a WWT Expert