中文
Because of its policy-based forwarding, inherent security and centralized management, SD-WAN (software-defined wide-area network) is viewed by many enterprises as their on-ramp to the cloud. IDC research projects “robust growth to resume post-COVID-19 in 2021.” The Federal News Network observes the government sector is especially receptive to the SD-WAN opportunity, citing IDC research forecasting the SD-WAN market will grow to $5.25 billion by 2023. Powered by the explosive growth of the cloud, Appledore Research sees SD-WAN growing rapidly (~100% YoY), predicting strong growth through 2024.
In the first wave of SD-WAN adoption, enterprises took responsibility for designing, deploying, and operating their SD-WAN networks. Since 2019, SD-WAN managed service providers (MSPs) have emerged as the predominant deployment model, forgoeing the earlier DIY (Do It Yourself) approach, while enterprises continue to migrate their applications and data from the data center to the cloud. In Futuriom – Future of Cloud Tech’s 2021 SD-WAN Managed Services Survey (February 2021), 90.8% said that SD-WAN technology will grow as part of the strategy to replace alternatives such as leased lines, and in the same report, 82.5% are researching MSP offerings. MSPs, however, must win over enterprises whose expectations are conditioned by the cloud, leading to demands for tailored services and specific SD-WAN vendors. To capitalize on the opportunity, SD-WAN MSPs must be able to rapidly integrate specific SD-WAN capabilities across multiple vendors, while reducing both the costs and time to new services. To achieve that, they must address the elephant in the room: taming the complexity inherent in SD-WAN.
SD-WAN MSPs must be able to rapidly integrate specific SD-WAN capabilities across multiple vendors, while reducing both the costs and time to new services. To achieve that, they must address the elephant in the room: taming the complexity inherent in SD-WAN.
SD-WAN’s rapid evolution created a proliferation of SD-WAN vendors, each striving to differentiate based on specialized features including security, policy, WAN optimization, etc. Over the past four years, network equipment providers including Cisco, VMware, Juniper, Oracle and Palo Alto Networks made major acquisitions, to begin to consolidate the SD-WAN equipment. Yet, despite this consolidation trend, the SD-WAN market remains fragmented, with a wide variety of service offerings and products, each with differentiated feature sets and proprietary SD-WAN controllers/managers. For some, this is an opportunity. For managed service providers, it’s a source of serious heartburn.
Normalizing SD-WAN’s unruly and evolving landscape
While SD-WAN managed services dramatically reduce complexity for enterprises, proliferating vendor offerings and a multi-layer architecture create significant challenges for MSPs. The situation is exacerbated by a growing number of cloud providers and a wide variety of offerings from dozens of vendors increasingly label their products simply as ‘SD-WAN’ (aka ‘SD-WAN Washing’). Thankfully that’s all changing with new standards that verify SD-WAN conformance. Working closely with MEF, Spirent developed the industry’s first certification for SD-WAN.
Keep reading to learn our set of best practices to tame the complexity of SD-WAN: tame the stack, tame the risks and tame the lifecycle.
Tame the stack
Validate the layers. Evaluating only the network connectivity is no longer sufficient; service providers must now validate multi-vendor underlay and overlay network layers, as well as the service and virtualization layers in between.
Ensure service readiness. Service Readiness Testing (SRT) is required to complement Service Activation Testing (SAT), to proactively identify and mitigate issues before the customer experience is degraded.
Certify for certainty. The MEF SD-WAN certification program validates conformance with the industry’s first SD-WAN standard, utilizing a common test suite, standardized by MEF, to enable multi-vendor SD-WAN ecosystem.
Tame the risks
Validate security readiness. Identifying security vulnerabilities during deployment is essential so they are alleviated before going live, to avoid disrupting service availability.
Assess operational security. Proactively monitor operational networks, endpoints and applications to enhance security by ensuring security functions are behaving and performing as expected to protect against the ever-changing threat landscape.
Certify for security. Going forward, it’s critical that security certification adopts new methodologies that blend network and security testing in both the lab and operational networks, using test agents that emulate real-world attacks and proactively identify vulnerabilities.
Tame the lifecycle
Optimize before deploying. Extensive testing in the lab offers an opportunity to exercise policy management, product configurations, and assess key features to optimize performance.
Proactively assure service levels. Proactive, SD-WAN multi-layer active testing verifies service levels to enhance the user experience.
Automate lifecycle troubleshooting. Ensure SD-WAN solutions are readily integrated into DevOps pipelines using a range of frameworks to facilitate overall orchestration and automation.
Not sure if it's worth the effort? Here are some benefits of taking our best-practice approach to taming SD-WAN complexity:
Coverage spanning the lifecycle and traversing the entire SD-WAN stack
Flexible deployment models scaling across the technology and a wide array of network environments
Blends security testing based on emulated, real-world applications and threat traffic with simulated network traffic, to accurately assess policies, data loss prevention, performance and availability, across the entire SD-WAN network
Verifies SD-WAN managed services and products conform with emerging SD-WAN and security standards to enable product differentiation, streamlined deployment, and ultimately simplifies the multi-vendor environment
Leverages best practices and advanced security testing methodologies to ensure security functions are performing as expected
Empowering the realization of SD-WAN’s promise
SD-WAN ushers in a new era of cloud-based services, which tailor the network to the application demands. However, migration to the cloud incurs challenges of reliable interoperability and inherent inefficiencies. This includes new risks and vulnerabilities as the potential attack surface increases dramatically with an explosion in endpoints and increased use of publicly accessible networks. Taming the complexity of SD-WAN services is further complicated by the virtualization of SD-WAN endpoints and controllers, which introduce a new set of challenges. Any organization attempting to address these complexities on their own, without a deep bench of expertise and technology capabilities, faces serious challenges. Having a vendor-neutral partner is essential to success.
Our original Taming SD-WAN eBook has been updated and expanded to examine the new challenges posed by Covid and other developments in technology. For additional details on how Spirent's SD-WAN Test/Validation/Assurance approach may benefit both MSPs and their vendors, download the new SD-WAN eBook Paving the Way to Secure SD-WAN.
