Cisco SDWAN Design Series-Part-1-Needs and Drivers

Disclaimer: Although the design options and approaches, discussed in this design blog series are based on proven design projects and not theoretical, still, this is not an official Cisco validated design document. Therefore, all the designs and recommendations provided in this blog series must be verified and tested, before considering it in a production environment.

The goal of the Cisco SDWAN Design series, is to:

  • Highlight and discuss the needs and drivers of SD-WAN
  • Analyze and discuss Cisco’s SD-WAN solution architecture
  • Analyze and explain the building blocks behind the Cisco’s SD-WAN Control and Data Planes
  • Discuss the different cloud and security capabilities and considerations
  • Analyze and discuss the possible migration approaches to Cisco SD-WAN

So why SDWAN and why now?

IDC Forecasts SD-WAN Market to Reach $8 Billion in 2021 As Enterprise Branch Network Requirements Accelerate.

This is a big number, so why did IDC make such a Forecast? And why now?

As we are moving into the digital era, applications are more important than ever before. Because today almost everything can be done through applications specifically, mobile applications. Besides, these applications can be a source of data to be processed and analyzed by organizations to support their data-driven decision-making strategy.

Again, according to IDC “In the context of digital transformation, applications are the new face of business. Applications generate revenue, drive the business, and increasingly differentiate organizations from their competitors.”

Therefore, the availability and performance of applications should be key architectural attributes when designing any technology solution for today’s organizations.

On the other hand if we compare applications’ landscape, 5 or 10 years ago to today’s trends, architectures and approaches (as illustrated in the 10000 feet view, below), we can easily notice there is major shift in the way that applications being architected, deployed and accessed, as well as, the numerous types of connectivity options required, to facilities such models (Hybrid, MultiCloud, mobile users, IoT etc.). without compromising applications’ performance and security aspects.

So, what are the challenges associated with classical WAN routing in the Digital Era?

As we all know, a chain is as strong as the weakest link. Similarly, organizations are only as agile as their least agile IT component.

In order to achieve and support a successful digital strategy, enterprises must clearly identify the role, and highlight the value, of the “foundation infrastructure” that is essential component of any digital technology. (what Cisco refers to as the IT service delivery platform) that provides agility and support for all the applications and services necessary to run an authority’s business, and must be designed to support the functionality and availability required by all business applications and services. Therefore, business agility cannot be achieved without having an agile IT infrastructure to enable it.

However, one part of IT that has yet to evolve and lacks flexibility is the enterprise wide area network (WAN). Evolving the WAN must be a top priority for every IT and business leader because  as mentioned above, organizations are only as agile as their least agile IT component—which, today, is the WAN.

With move toward a more dynamic nature of connectivity at scale, relying mainly on the classical WAN approach whether it SP or Enterprise Managed (L2, L3 or over the internet) creates some challenges or limitations, in which technology infrastructure today may not be able to move at the same speed of today’s digital businesses. There could be different opinions and  views around these challenges or limitations, the following figure illustrated the most common ones summarized as the 4As challenges or limitations.

Does this mean: Classical MPLS (L3VPN) WAN based solutions provided by SPs today are not good enough and will not be required anymore?


The Answer is: NO, because:

Unlike the Internet, Service Providers’ MPLS L3VPN WAN offerings can provide guaranteed ‘end to end’ service (through contractual SLAs). As you may noticed above, the limitation was described as “relying mainly on the classical WAN approach”. So its about the approach, it’s not about using the transport itself. Later in this blog series we will discuss how SDWAN can facilities using multiple transports (WAN, Interment etc.). the decision to choose the underlay transport has different evaluation criteria and SDWAN shouldn’t be considered as a replacement to WAN transport, unless is the main driver to consider a cheaper transport (Internet) and sacrifice the end to end contractual SLA. Or it could be adding a cheaper secondary transport (Internet) rather than considering both as MPLS WAN transports. Again the decision of selecting these transports must be evaluated based on the multiple factors such as: SLA, cost, ROI, Security, Service Availability, Service/Site Criticality etc.

Moreover, 10 years ago, considering the ability to access public cloud IaaS/SaaS was not either a requirement or a concern while you are architecting the enterprise WAN, today it’s become one of the key evaluation aspects. Also, applications’ visibility and routing based on application requirements when more one-path presented, is another key aspect in the digital era (APP Experience). Not to mention the flexibility of connectivity options, speed of provisioning, ability to provide end to end segmentations etc. are also important aspects today.

On the other hand, managing and operating WAN networks, with different polices and requirements at scale is becoming another factor that may slow the speed of IT infrastructure operation/provisioning vs. today’s businesses speed and expectations. As result, the traditional approach cannot provide sufficient dynamic management and cope with the speed, flexibility requirements of today’s digital businesses

Therefore, a new approach to WAN routing is required, Which is a Software-defined “Policy based approach” that allows the network to be built and operated “as a system” supporting dynamic policy changes and the agility required by digital businesses, as well as offers the flexibility to leverage any/all of the available transport(s). This approach is used by the Cisco SDWAN.

The subsequent blog, will discuss and analyze Cisco SDWAN architecture components.

Marwan Al-shawi – CCDE No. 20130066, Google Cloud Certified Architect, AWS Certified Solutions Architect, Cisco Press author (author of the Top Cisco Certifications’ Design Books “CCDE Study Guide and the upcoming CCDP Arch 4th Edition”). He is Experienced Technical Architect. Marwan has been in the networking industry for more than 12 years and has been involved in architecting, designing, and implementing various large-scale networks, some of which are global service provider-grade networks. Marwan holds a Master of Science degree in internetworking from the University of Technology, Sydney. Marwan enjoys helping and assessing others, Therefore, he was selected as a Cisco Designated VIP by the Cisco Support Community (CSC) (official Cisco Systems forums) in 2012, and by the Solutions and Architectures subcommunity in 2014. In addition, Marwan was selected as a member of the Cisco Champions program in 2015 and 2016.