IDC Directions 2018 Insight: Intelligent Network Edge, SD-WANs & SD-Branch

Introduction:

IDC Directions is the market research firm’s annual conference, which always delivers an informative and actionable overview of the issues shaping the information technology, telecommunications, and consumer technology markets.  IDC speakers look at the current state of various markets, cutting edge trends and future IT developments that are likely to result in transformation and change.

This year’s event only had one session on networking which we cover in detail in this article. A total event summary is beyond the scope of the IEEE ComSoc techblog.

Abstract:

As the edge plays host to a growing array of new applications, the focus ultimately turns to edge networking, which must deliver the requisite connectivity, bandwidth, low-latency, and network services for both enterprise and service provider deployments. Indeed, as IoT and other edge services proliferate, a one-size-fits-all approach to edge networking and network security will not suffice. In this session, Brad Casemore of IDC examined the diversity of network requirements and solutions at the edge, covering physical, virtual, and network-as-a-service (NaaS) use cases and application scenarios.

Presentation Highlights:

According to IDC, the “Intelligent Edge” includes both the IT Edge (IT activities performed outside the data center, but within purview of IT) and the OT/Operations Technology Edge (embedded technologies that do not directly generate data for enterprise use, and are outside the direct purview of IT).

That’s in contrast to the “Core,” which is the “IT Data Center” — an information aggregation facility that is located on the firm’s own physical premises, off-premises in a collocation facility, or off-premises at a virtual location such as a public cloud.

Networking at the Intelligent Edge involves three types of sub-networks:

▪ Enterprise Cloud IT Edge (branch networking for the cloud)

▪ Enterprise Branch IT Edge (the evolution of networking at branch offices/remote sites)

▪ IoT Edge (networking to, from, and at the IoT/OT Edge)

Networking provides essential connectivity and bandwidth, but it also provides valuable network and security services that accelerate and optimize application and service performance at the edge.  Brad said that significant innovation is occurring in edge networking which are enabling better business outcomes at the intelligent edge.  Some examples of innovation are:

• Software Defined Networks (SDN)/Intent-based

• Overlay networks (such as SD-WANs)

• Network Virtualization (NV)/Network Function Virtualization (NFV)

• Network security (software-defined perimeter)

As a result, the intelligent edge network is significantly contributing to automated network intelligence, in addition to providing wireless and wireline connectivity services.

……………………………………………………………………………………………………………

Enterprise IT is being challenged to provide access to public and private clouds while also maintaining secure and effective communications with regional offices and headquarters (usually through an IP-MPLS VPN).

Enterprise WANs are not effective for Cloud access, because they lack agility, flexibility, and efficiency.

These two issues are depicted in the following two IDC figures:

 

As a result, a different Application Centric WAN architecture is needed.  Brad proposed SD-WANs for this purpose, despite the reality there is no standard definition or functionality for SD-WAN and no standards for multi-vendor inter-operability or inter-SD-WAN connections (e.g. UNI or NNI, respectively).  SD-WAN is an overlay network that provides user control via the Application layer, rather than via a “Northbound” API to/from the Control plane (as in conventional SDN).

The use cases for SD-WAN have been well established, including improving application performance by enabling use of multiple WAN links, simplifying WAN architecture, reducing reliance on MPLS, and improving SaaS performance by automatically steering traffic based on application policy instead of back hauling all traffic to the data center.

IDC believes the Internet of Things (IoT) will have a huge impact on networking infrastructure, especially at the edge where low latency/ real time control of IoT devices will be needed.

Casemore said that SD-WANs will help companies overcome issues associated with a traditional enterprise WAN, which wasn’t built for cloud and lacks operational efficiently.

In a real world example of SD-WANs for a medical device supplier, Brad noted the goals were:

• Dynamic access to all available bandwidth (underlays)
• Move away from using relatively expensive MPLS circuits for voice traffic
• Prioritize business-critical cloud apps ahead of nonproduction apps/traffic
• Need for greater visibility –quickly remediate issues and respond to evolving application/service needs

Benefits cited were the following:
• Improved resilience
• Better application performance and availability
• Cost-effective bandwidth utilization
• Better visibility (faster troubleshooting/remediation and proactive planning)
• IT department and network team now contributing to the business of making and shipping products quickly

IDC sees SD-WAN evolving to incorporate more intent based networking and intelligent automation, with business intent consistently applied to application delivery and performance, he said.

…………………………………………………………………………………………………………………….

Editor’s Note: Intent-based networking is a hot buzzword in the industry right now, generally describing technology that uses automation and machine learning to implement business policy with little or no human intervention.  Many believe that intelligent automation will be how business intent is applied to application delivery and network performance across the WAN.

…………………………………………………………………………………………………………………….

Brad also suggested the following additional attributes for future SD-WANs
▪ Machine Learning and AI – SD-WAN must become cognitive, proactive, and ultimately self-driving, continuously adapting to changing conditions
▪ Pervasive Security – Applications automatically steered over appropriate links and to appropriate security devices.   Secure segmentation provided on a per -application basis.
▪ Stepping stone toward SD-branch

“This is all moving us toward the software-defined (SD)-branch.  SD-WAN serves as the precursor and serves as the essential conduit to SD-branch and network as a service (NaaS) at the edge,” Casemore said.

In the SD-branch, routing, firewall, and WAN optimization are provided as virtual functions in a cloud-like NaaS model, replacing expensive hardware. Management is automated and services can be easily adjusted as business needs change, Casemore said.

IDC believes telcos will use SD-branch to provide virtual CPE and unversal CPE services as per this slide from IDC:

 

……………………………………………………………………………………………………………………………………

Sidebar on SD-branch from a recent Network World article:

The branch network is a critical piece of the IT infrastructure for most distributed organizations.  The branch network is responsible for providing reliable, high quality communications to and from remote locations. It must be secure, easy to deploy, able to be managed centrally and cost effective.  Requirements for branch networks continue to evolve with needs for increased bandwidth, quality of service, security and support for IoT.

SDN and network virtualization technologies have matured to the point where they can deliver significant benefits for branch networks.  For example, SD-WAN technology is rapidly being deployed to improve the quality of application delivery and reducing operational complexity.  SD-WAN suppliers are rapidly consolidating branch network functions and have reduced (or eliminated) the need for branch routers and WAN optimization.

The most compelling argument for SD-Branch is operational agility. IT organizations can rapidly deploy and provision a network branch-in-a-box solution for new locations.  Via a centralized management console, they can control and adjust all branch network and security functions.

Reducing or eliminating the need for trained IT personnel to visit remote branch locations results in significant cost and time savings. SD-Branch also promises to reduce hardware costs by deploying software on consolidated hardware as compared to many separate appliances.

Other SD-Branch benefits include:

  • Decreased cost of support and maintenance contracts because fewer vendors will be involved.
  • The ability to right-size hardware requirements for each branch thanks to software virtualization.
  • A smaller hardware footprint, which is ideal for space-constrained branches.
  • Network performance scalability. As network requirements change, the performance of any function can be tuned up or down by changing processor allocation or adding hardware resources.
  • Lower power consumption because one power-efficient platform replaces many appliances.

Over time the SD-Branch will be easier to deploy, less complex to manage, and more responsive to changing requirements at the branch.  The cost benefits in CAPEX and OPEX could be significant as the technology matures.

The broader concept of SD-Branch is still in its early stages.  During 2018, we will see a number of suppliers introduce their SD-Branch solutions.  These initial SD-Branch implementations will primarily be single-vendor and may lack state-of-the-art technology in some applications.

IT leaders should carefully evaluate the benefits of the SD-Branch architecture.   Migration to SD-Branch will likely require significant changes to the existing branch network and may require a forklift upgrade.  SD-Branch suppliers should be evaluated on their current and near-future technology, technology partnerships (e.g. security), and deployment options (do it yourself, channel partners, and managed solutions).

……………………………………………………………………………………………………………………………………

Brad believes that SD-branch is inevitable.  He provided the following rationale for that:

▪SD-Branch will be enabled by SD-WAN overlays
▪ SD-WAN will be integral component of SD-Branch, but latter will include other
virtualized (perhaps containerized) network/security services
▪ Automated provisioning, management, and orchestration results in SD-Branch that
yields dynamic network as a service (NaaS)
• Network and security services added or modified as needed
• Results in CapEx savings (separate hardware appliances no longer need for each network
function)
• Network operating costs are lower, minimized need for branch IT
• Provisioning is far more agile, resulting in faster time to revenue/business outcome
▪ It’s not enough to have virtual network appliances
• Virtual appliances are still appliances architecturally
• SD-Branch gets us to cloud-like NaaS at the branch/remote office

…………………………………………………………………………………………………………..

IDC Prediction: Edge IT goes mainstream in 2022, displacing 80% of existing edge appliances.

…………………………………………………………………………………………………………..

IDC’s Essential Guidance for Users:

  • Consider the role and value of the network not just in terms of connectivity, but in how it can contribute to intelligence at the edge.
  • Look for edge-networking solutions that abstract management complexity, provide application-centric automation, speed provisioning, and ensure application availability and security.
  • Ensure your intelligent-edge network evolves to a NaaS model, in which virtualized network and security services are dynamically provisioned as needed. The edge network must be as agile as the apps/services it supports.

IDC’s Essential Guidance for Suppliers:

  • Continually enhanced intelligent network automation and orchestration to reduce operational complexity and provide network agility.
  • Leverage ML/AI as means to the end goal of providing increasingly actionable visibility that loops back to feed intent/policy and allows for proactive remediation.
  • Provide for true NaaS at the intelligent edge, incorporating a full range of virtualized network and network-security services (through ecosystem partnerships).