• United States

SD-WAN can help solve challenges of multi-cloud

Feb 12, 20194 mins
Cloud ComputingCloud ManagementCloud Security

Cooperation between SD-WAN vendors and cloud service providers contributes to easily managed cloud connections across multiple cloud providers and creates a secure, low-latency multi-cloud environment.

cloud connect comput woman carry lights
Credit: Getty Images

With SD-WAN becoming remote users’ primary access to cloud-based applications, and with organizations deploying multi-cloud environments to optimize performance, it’s important for IT pros to choose SD-WAN technology that supports secure, low-latency and easy-to-manage connectivity to their cloud providers.

What is multi-cloud?

Multi-cloud is the use of two or more cloud providers for the purpose of enabling the flexibility to run applications on the most appropriate platforms, and most enterprises have embraced it.

Most IT organizations have a mix of internal data centers, applications deployed on infrastructure-as-a-service (IaaS) platforms and multiple best-in-breed software-as-a service (SaaS) applications.  These multi-cloud environments may have come about by choice, via merger/acquisition with another company or by end-user desire to rapidly deploy new applications on cloud-based platforms.  Regardless of how they got there, IT organizations are now responsible for the security, management and quality of user experience for all cloud-based applications.

Each cloud environment has its own set of strengths, weaknesses and cost profiles.  For example, most legacy applications and some new ones are likely to remain on internal data centers for reasons of security, compliance and cost.  Each IaaS platform has a unique development environment and associated ecosystem that makes it appropriate for certain types of applications.  For example, Amazon AWS is suited for E-Commerce applications, Microsoft Azure for applications designed around SQL and Active Directory, and Google Cloud for Kubernetes-based container applications

Each SaaS platform has best-in-breed applications and cost profiles for unified communications, office suites, CRM, accounting, etc.

The challenge for IT leaders is that each IaaS or SaaS provider has a unique set of services, security mechanisms, APIs and management tools. To optimize quality of user experience, IT must navigate the connectivity offered by each IaaS and SaaS provider, such as the provider’s local point of presence.  Most IT leaders report that managing this complex mix of multi-cloud resources is very challenging.

SD-WAN capabilities

SD-WAN combines multiple physical WAN links into one logical network and provides traffic prioritization to accelerate application performance to on-premises and cloud-based applications. Using network abstraction, SD-WAN improves the economics of branch connectivity by enabling organizations to leverage inexpensive circuits such as the internet to address growing bandwidth requirements. SD-WAN is an overlay technology that maps new services – application prioritization, security, management – on top of existing physical networks.

SD-WAN may be deployed internally by IT pros or delivered as managed service by a range of service providers.  SD-WAN technology continues to improve features that include enhanced traffic identification and routing, increased network security and better centralized management.

SD-WAN to improve multi-cloud access

SD-WAN leverages its application-identification and traffic-steering capabilities to better support secure access to multi-cloud environments. IT pros can set specific business-policy metrics per application and cloud environment and have them enforced by the SD-WAN platform. They must prioritize mission-critical applications according to how much latency they can tolerate.  For example, IT can set different policy profiles for low-latency traffic like unified communcations, voice, video, office-productivity applications and general email.

To improve security, IT can set policies about what traffic should traverse which WAN link, for example, private MPLS vs. public Internet.  SD-WAN platforms provide visibility about traffic sources and destinations that can be used for black listing to block and white listing to accelerate. They can also quarantine suspicious traffic flows.  Encryption and micro-segmentation at the application or platform level can be employed to improve security as well.

Responding to customer demands, SD-WAN suppliers have improved their ability to recognize and route cloud-based traffic flows.  They have partnered with leading IaaS providers to accelerate traffic to and from their local points of presence.  They can spin up virtual instances of their SD-WAN platform on leading IaaS platforms (most support Amazon AWS and Microsoft Azure).  SD-WAN platforms can also recognize the IP addresses of most leading SaaS providers to apply appropriate business policies.

SD-WAN is a mainstream technology to enable secure and reliable remote and branch user access to applications regardless of location.  SD-WAN’s application identification, traffic steering and security capabilities can help IT connect to and manage access across multi-cloud environments.

IT pros with multi-cloud environments should judge SD-WAN providers on their ability to identify IaaS and SaaS traffic and apply appropriate traffic steering, prioritization and security policies.   SD-WAN providers should have strong partnership with the leading cloud providers to accelerate and manage traffic to/from cloud on-ramps.

lee doyle

Lee Doyle is principal analyst at Doyle Research, providing client-focused targeted analysis on the evolution of intelligent networks. He has over 25 years’ experience analyzing the IT, network, and telecom markets. Lee has written extensively on such topics as SDN, SD-WAN, NFV, enterprise adoption of networking technologies, and IT-Telecom convergence. Before founding Doyle Research, Lee was group vice president for network, telecom, and security research at IDC. Lee holds a B.A. in economics from Williams College.

More from this author