skvoor - Fotolia
A review of SD-branch and its progression from SD-WAN
The goal of software-defined branch is to merge network functions and management into a single platform, but the branch architecture still lacks maturity, despite some early deployments.
Changes in the networking industry can take years, if not decades. Distributed enterprises have consistently searched for the coveted thin branch, which reduces the branch hardware footprint, for example. Software-defined WAN and software-defined branch can initiate this consolidation, but a few hurdles block the way. One such barrier: existing Branch networking equipment.
With SD-WAN, enterprises can capitalize on their existing WAN connectivity. SD-WAN creates a virtual overlay over the infrastructure and enables enterprises to configure policies that specify which traffic should travel over which path.
As SD-WAN continues to mature, enterprises seek additional capabilities, like security for traffic that goes to and from cloud environments or network analytics that provide granular network data. These requirements spurred vendors to respond with various partnerships and software integrations -- and they further promoted the SD-branch concept.
Ideally, SD-branch combines separate functions within a branch network -- such as switching, routing, WAN optimization, Wi-Fi and firewalls -- in a single platform. What's more, experts hope SD-branch will unify the disparate management consoles that come with each function. The increase in processing power and customizable software further supports this consolidation.
SD-branch will cause more disruption in existing infrastructure than SD-WAN. As a result, enterprises should evaluate their current vendors, products and capabilities to determine any changes they'd like to implement.
Below are four expert articles that describe the potential SD-WAN and SD-branch present for enterprises. The authors detail the phased-in approach enterprises will take in deploying these architectures, as well as the vendors that supply -- or will supply -- the needed technology and products.
Visions of software-defined branch begin to take hold
One compelling benefit of SD-branch is a minimized hardware footprint. But Lee Doyle, principal analyst at Doyle Research, said SD-branch will also drive more efficient bandwidth use, improve quality of service for applications and increase security. Further, it centralizes management to troubleshoot, secure and upgrade remote branch locations, he said.
Most enterprises won't begin the journey to SD-branch anytime soon, as they are hesitant to throw out big chunks of their existing branch networks. Instead, Doyle said the migration will take place in phases, as vendors slowly add new capabilities and integrations to their products and software. This transitional stage will likely be messy and complex, he added.
Vendor candidates for SD-branch will be incumbent suppliers with existing products, which they can update accordingly. These could include vendors in the following markets: SD-WAN, routing, Ethernet switches, Wi-Fi, network security and WAN optimization. Enterprises familiar with certain vendors will likely wait to see if those vendors add the features they want.
Explore how Doyle expects SD-branch to develop.
SD-branch networks: Why and how to deploy them
SD-branch addresses many challenges that have escalated due to the growing need for enterprises to connect branch offices. IT teams must manage multiple network devices at each branch location, deploy new branch sites, manage upgrades for existing sites and make sure each site is secure. SD-branch can help by virtualizing the separate functions and running them on a single platform, Doyle said. This speeds up deployment, while reducing hardware costs.
Again, Doyle stressed how SD-branch is only beginning to develop. Enterprises will first deploy SD-WAN in their networks and consider phasing in SD-branch consolidation as vendor options mature.
Read the rest of Doyle's discussion on why enterprises need SD-branch.
SD-WAN suppliers revamp branch security
Branch security is a monumental consideration for enterprises, especially as more device types need to connect to the distributed network. As such, the integration of SD-WAN and security is perhaps one of the more commonsense building blocks toward SD-branch. Most SD-WAN vendors have introduced partnerships with security vendors to bolster their SD-WAN software with security capabilities, like traffic inspection, policy enforcement and content filtering.
On the other end of the spectrum, firewall suppliers -- Fortinet, SonicWall, WatchGuard, Forcepoint and Barracuda Networks, for example -- have added SD-WAN software to their firewall products. Basic SD-WAN functionality is a natural evolution for firewall suppliers, Doyle said, especially because many already include routing, unified communications, VoIP and Wi-Fi capabilities in their products.
Discover more about SD-WAN integration with security.
SD-branch proves itself with growing deployments
Enterprises began deploying the first stages of SD-branch this year, although these implementations fall short of the full SD-branch concept. Companies with upcoming greenfield deployments or refresh projects are more apt to deploy SD-branch, as they are less concerned about completely overhauling their existing network infrastructure. Doyle said enterprises can also consider SD-branch when setting up temporary sites or replacing smaller branch sites.
Vendors are in the process of developing internal approaches to SD-branch, while also adding support for third-party suppliers to create a well-rounded portfolio. Enterprises should be aware that certain network and security integrations will be better than others, Doyle said. He also listed examples of SD-branch deployments, including cases from Aruba Networks, Cisco Meraki and Versa Networks.
Learn more about SD-branch deployments.