We\u2019ve started to hear a lot about SD-Branch as a natural successor to SD-WAN, which makes sense as the centrally-orchestrated model is attractive to many enterprises. However, just as we saw with SD-WAN, the term \u201cSD-Branch\u201d is being adopted by many different vendors and service providers to mean what they want, in the absence of any \u201cofficial\u201d definition.\nWhat is SD-Branch anyway?\nBased on most definitions, SD-Branch means delivering more IT infrastructure to branches under a programmable, centrally orchestrated model. Think of it as \u201cSD-WAN plus\u201d \u2013 just as you can create templates or profiles in an SD-WAN network, an entire branch template could be generated that defines how the LAN is configured, what wireless LANs are used, how they integrate with the WAN, and what additional compute-based services need to be deployed at the branch.\nWhy is this relevant to the enterprise? Five key trends\nSo as an enterprise, why should you care about SD-Branch and what benefits could it potentially offer? As you\u2019ll see, that varies a lot by industry vertical, but let\u2019s look at five emerging trends that are worth tracking:\n\nSD-WAN is now part of almost every branch office architecture discussion. This doesn\u2019t mean every enterprise is looking at it \u2013 many are still locked into multi-year traditional WAN agreements \u2013 but it\u2019s hard to find a new WAN proposal where SD-WAN doesn\u2019t play a material role. For the purposes of this discussion, what makes this trend interesting is that most new WAN services will include the deployment of a general-purpose compute device at every branch. Add a virtualization layer and this can become a platform for multiple SD-Branch services.\nHigh-performance virtualized network services are now a reality. Only a few years ago, physical network-related appliances were the default because of performance demands. Custom ASICs were (and still are) used to meet required throughput levels. However, the momentum is starting to shift. Intel is driving a lot of this change \u2013 technologies like AES-NI (and now QAT), DPDK, SR-IOV and others are dramatically increasing the performance available on generic compute devices. This is impacting network throughput itself as well as data encryption. Specialized appliances are increasingly available as software images that can run on generic hardware. A perfect example of this? On-premise firewalls.\nIoT is driving the need for distributed compute power. As enterprises in more industry verticals invest more in IoT, we\u2019re seeing a rapid increase in the number of short-range sensors that connect to the LAN or WLAN infrastructure at branches. This could include sensors attached to various machines at a manufacturing plant, climate sensors in the logistics or food service industries, or in-store analytics sensors for retailers. What these sensors have in common is their ability to generate vast amounts of data, enough to overwhelm many branch WAN connections. To address this, we\u2019re seeing a tiered model emerge where some processing of the data is performed close to the sensors, and derived data or metadata is carried over the WAN for further processing. Some have called this \u201cfog computing,\u201d as the processing is occurring close to the ground layer. Again, this is a perfect use case for software-orchestrated compute infrastructure at each branch.\nStorage requirements at branches are changing beyond recognition. Many enterprises are moving away from traditional file servers at branches as better options have become available. In some cases this means a cloud-only solution (like Microsoft OneDrive) where the sync functionality resides on each client device. Other models have gained some popularity, including the ability to provide a virtual (software-based) file server service, that looks like a traditional network drive to the end user, but uses caching and compression to link back to cloud-based object stores like Amazon S3 or enterprise-managed NAS systems at hub sites. Providing high-performance I\/O on a generic compute device can allow more traditional appliances to be replaced.\nCentrally-orchestrated LAN and WLANs are already gaining market share. Of course, it\u2019s impossible to ignore the LAN side of branch networks. Many enterprises have complex LAN segmentation \u2013 production devices, dev\/test, IoT, guest Wi-Fi, etc. and keeping this up to date using traditional manual configs is a huge challenge. Cisco has some interesting solutions \u2013 some easy, like the Meraki product range with a friendly end-user interface \u2013 and some that require much more configuration and tweaking, like Prime. Many enterprises are already justifying the cost of orchestrating LAN \/ WLAN environments by demonstrating the benefits it provides in security audits, particularly in industry verticals that are subject to PCI DSS, HIPAA or other data integrity regulations.\n\nThe biggest challenges? Management and governance\nThe technical challenges associated with getting to an SD-Branch vision have largely been overcome. The problem is that they\u2019ve been overcome in silos. An enterprise that wants to adopt each component needs to figure out how to glue it all together. Further complicating this is the internal challenge that many enterprises face \u2013 a methodology like SD-Branch can span many functional areas of the enterprise, even outside of IT and into operational technology (OT) teams in the case of many IoT-heavy environments.\nWhat makes this situation a little more hopeful is the API-centric approach adopted in most \u201csoftware defined\u201d offerings. In the case of SD-WAN, we see some positive steps being taken to facilitate interoperability \u2013 for example, the MEF is leading a major initiative in this space. There are already software packages available that can act as an \u201corchestrator of orchestrators,\u201d sitting on top of each component and triggering various actions based on a specific workflow. Anuta Networks is a good example of this. However, it is all still very modular, and many enterprises will not have the resources to take on the implementation and management of such a system.\nWhat will happen next?\nIt\u2019s highly likely that we\u2019ll see more packaged offerings become available, that will make SD-Branch more accessible to more enterprises. Consolidation in the SD-WAN space is likely to help \u2013 look at where VeloCloud has ended up in VMware\u2019s NSX team for example. This acquisition gives VMware the ability to address many of the components needed to deliver an SD-Branch offering, including compute, storage, LAN and SD-WAN. Within specific industry verticals, we may see more customized managed service offerings become available that combine the management of the IoT infrastructure with the other branch components. Overall, this looks like an interesting space for enterprises to be aware of as they look at new branch office infrastructure models.