If there’s one application that brings chills to the hearts of SD-WAN implementers it’s providing a predictable real-time voice service. So let’s talk about how SD-WANs might help.The problem with voice
We need to separate from the theory of voice and the reality of voice. The theory goes something like this. The Internet is fine for email and web browsing. It’s even pretty good for personal voice. But if I want to deliver a voice service, day-in-day out without a hiccup, then I run into a problem. Voice is a real-time protocol with strict tolerances around latency, loss and jitter. Exceed those tolerances and symptoms common to a poor voice service set in. Increased delays from traffic routing or lost packets disrupt voice calls. Outages and brownouts can cause calls to drop.To read this article in full or to leave a comment, please click here
Whenever I speak with companies starting to research SD-WANs, the question about testing invariably comes up. Like probably any enterprise device, SD-WANs are filled with features. And as with any major WAN acquisition, testing those features prior to purchase is incredibly important. SD-WAN vendors have their own nuances and strengths. You need to be sure those strengths align with your environment.RELATED: SD-WAN: What it is and why you will use it one day
As an edge device, there’s very little in terms of packet processing that needs to be tested in an SD-WAN node. But that doesn’t mean SD-WAN node testing isn’t important. Here are some tips for what you can look for when running your proof of concept (POC) from my buddy DC Palter, CEO at network testing simulator company Apposite Technologies, and our experiences here at SD-WAN Experts.To read this article in full or to leave a comment, please click here
Whenever I speak with companies starting to research SD-WANs, the question about testing invariably comes up. Like probably any enterprise device, SD-WANs are filled with features. And as with any major WAN acquisition, testing those features prior to purchase is incredibly important. SD-WAN vendors have their own nuances and strengths. You need to be sure those strengths align with your environment.RELATED: SD-WAN: What it is and why you will use it one day
As an edge device, there’s very little in terms of packet processing that needs to be tested in an SD-WAN node. But that doesn’t mean SD-WAN node testing isn’t important. Here are some tips for what you can look for when running your proof of concept (POC) from my buddy DC Palter, CEO at network testing simulator company Apposite Technologies, and our experiences here at SD-WAN Experts.To read this article in full or to leave a comment, please click here
The outage that hit Amazon Web Services' Simple Storage Service earlier this month might have been unusual in its impact, but not in its cause—a configuration error. Service providers suffer outages for all sorts of reasons. Backhoes take out local access loops. Seismic events and fishing trawlers cut underwater cables. And, yes, humans make mistakes.RELATED: SD-WAN: What it is and why you will use it one day
About three years ago, I was called in by a customer to help address a problem in their MPLS network. At the time, I ran MPLS Experts, a predecessor of SD-WAN Experts, and had developed a reputation for knowing a thing or two about global MPLS/VPLS services. The customer was noticing packets with unknown IPs on its carrier-managed private network. After we reviewed the logs, the cause became apparent: One of the carrier techs had misconfigured the VRF/VFI identifiers, accidentally connecting a different customer to their private network. To read this article in full or to leave a comment, please click here
The outage that hit Amazon Web Services' Simple Storage Service earlier this month might have been unusual in its impact, but not in its cause—a configuration error. Service providers suffer outages for all sorts of reasons. Backhoes take out local access loops. Seismic events and fishing trawlers cut underwater cables. And, yes, humans make mistakes.RELATED: SD-WAN: What it is and why you will use it one day
About three years ago, I was called in by a customer to help address a problem in their MPLS network. At the time, I ran MPLS Experts, a predecessor of SD-WAN Experts, and had developed a reputation for knowing a thing or two about global MPLS/VPLS services. The customer was noticing packets with unknown IPs on its carrier-managed private network. After we reviewed the logs, the cause became apparent: One of the carrier techs had misconfigured the VRF/VFI identifiers, accidentally connecting a different customer to their private network. To read this article in full or to leave a comment, please click here
With RSA San Francisco—one of, if not the biggest security show of the year—behind us, it’s a good time to revisit security and SD-WANs. I know, we already lived through Yoda’s prognostications about the future of networking and security. In that blog post, we spoke about vendor approaches to securing the new Internet connections created by SD-WAN. There’s another dimension, though, to SD-WAN security that we didn’t discuss and that’s about the WAN.The WAN: Risk and reward for today’s attackers
For a lot of SD-WAN vendors, security integration means inspecting incoming and outgoing Internet traffic. But while services, such as Zscaler, may inspect HTTP traffic bound for the internet, they do nothing for traffic bound to other locations. And that’s a problem because increasingly site-to-site traffic requires its own inspection and protection.To read this article in full or to leave a comment, please click here
With RSA San Francisco—one of, if not the biggest security show of the year—behind us, it’s a good time to revisit security and SD-WANs. I know, we already lived through Yoda’s prognostications about the future of networking and security. In that blog post, we spoke about vendor approaches to securing the new Internet connections created by SD-WAN. There’s another dimension, though, to SD-WAN security that we didn’t discuss and that’s about the WAN.The WAN: Risk and reward for today’s attackers
For a lot of SD-WAN vendors, security integration means inspecting incoming and outgoing Internet traffic. But while services, such as Zscaler, may inspect HTTP traffic bound for the internet, they do nothing for traffic bound to other locations. And that’s a problem because increasingly site-to-site traffic requires its own inspection and protection.To read this article in full or to leave a comment, please click here
Terms and technologies come and go. Some seem to stick around a bit longer than we’d like. I thought that it was time to retire hybrid WAN and give SD-WAN its due. Not everyone seems to agree.I received a great email from Scott Pickett, who argued in the most compelling, polite way possible that he thought I was smoking too much of that substance Massachusetts just legalized (not exactly, but grant me the literary license here). He argued that SD-WANs should be relegated to that same place as the next least-favorite term of ours—the cloud.To read this article in full or to leave a comment, please click here
Terms and technologies come and go. Some seem to stick around a bit longer than we’d like. I thought that it was time to retire hybrid WAN and give SD-WAN its due. Not everyone seems to agree.I received a great email from Scott Pickett, who argued in the most compelling, polite way possible that he thought I was smoking too much of that substance Massachusetts just legalized (not exactly, but grant me the literary license here). He argued that SD-WANs should be relegated to that same place as the next least-favorite term of ours—the cloud.To read this article in full or to leave a comment, please click here
One of the major challenges that’s long faced enterprise network is the ability to spin up new network services. SD-WANs make this a lot easier through service insertion and service chaining.Suppose for a moment you want to construct a secure perimeter around your compute resources in your data center and Amazon Web Services (AWS) implementation. Normally, you’d introduce a firewall and an Intrusion Detection System (IDS) into each location. That way, should a security incident happen in one location, such as a malware outbreak or a denial of service attack, you would be able to mitigate that event without any reengineering work. To read this article in full or to leave a comment, please click here
One of the major challenges that’s long faced enterprise network is the ability to spin up new network services. SD-WANs make this a lot easier through service insertion and service chaining.Suppose for a moment you want to construct a secure perimeter around your compute resources in your data center and Amazon Web Services (AWS) implementation. Normally, you’d introduce a firewall and an Intrusion Detection System (IDS) into each location. That way, should a security incident happen in one location, such as a malware outbreak or a denial of service attack, you would be able to mitigate that event without any reengineering work. To read this article in full or to leave a comment, please click here
All too often SD-WAN and hybrid WAN are used interchangeably—mistakenly.
SD-WANs extend software-defined networking (SDN) technologies to the WAN. As with SDNs, SD-WANs build an “overlay” or a virtual abstraction of the underlying physical network that can then be reconfigured and optimized for the applications traveling across the overlay. It’s this property that allows SD-WANs to give one application a hub-and-spoke WAN configuration, while another application a meshed WAN configuration each with their own IP addressing spaces, traffic policies and more.
Hybrid WANs combine a mix of data services to interconnect geographically dispersed locations. A network that combines MPLS and carrier Ethernet services is a hybrid WAN, so too is a WAN that combines 4G and MPLS. When you have some sites connected via MPLS and others via IP VPNs, this too was a hybrid WAN. When you have sites connected to an MPLS backbone with a secondary Internet connection, you also have a hybrid WAN.To read this article in full or to leave a comment, please click here
All too often SD-WAN and hybrid WAN are used interchangeably—mistakenly.
SD-WANs extend software-defined networking (SDN) technologies to the WAN. As with SDNs, SD-WANs build an “overlay” or a virtual abstraction of the underlying physical network that can then be reconfigured and optimized for the applications traveling across the overlay. It’s this property that allows SD-WANs to give one application a hub-and-spoke WAN configuration, while another application a meshed WAN configuration each with their own IP addressing spaces, traffic policies and more.
Hybrid WANs combine a mix of data services to interconnect geographically dispersed locations. A network that combines MPLS and carrier Ethernet services is a hybrid WAN, so too is a WAN that combines 4G and MPLS. When you have some sites connected via MPLS and others via IP VPNs, this too was a hybrid WAN. When you have sites connected to an MPLS backbone with a secondary Internet connection, you also have a hybrid WAN.To read this article in full or to leave a comment, please click here