Cisco SD-WAN
Cisco SD-WAN stands for Cisco Software-Defined Wide Area Network. It is a modern network architecture that allows network management and optimization from a central location using automated configurations and templates. SD-WAN is designed to bring greater flexibility, performance, and security to wide area network (WAN) environments.
Product description
The traditional approach to WANs involves placing physical devices at sites that are connected via various data connectivity to Internet providers. At these facilities, IPSEC tunnels were configured to "connect" remote offices to the central office. The encrypted connection ensured the privacy of the communication.
The Cisco SD-WAN solution is based on a central management system, through which the entire solution is managed. Individual sites are automatically connected to the network, without the need to configure the device. Using templates and automation scripts, devices can be centrally managed. Thanks to the central management, the end devices focus only on sending data, all decision-making and management is handled by dedicated elements located in the customer's network or in the cloud.
Pillars of SD-WAN:
- Controller (SD-WAN Controller): this is the central element that controls and manages the entire SD-WAN network. It provides basic functions such as policy management, traffic routing, cloud connectivity and network traffic monitoring.
- SD-WAN Edge: This is a network device (hardware or virtualized) that resides at individual branch offices or remote locations. The SD-WAN Edge provides connectivity to the customer's network over the provider's line(s), shares traffic information with the SD-WAN Controller, and performs intelligent traffic routing.
- Security: Cisco SD-WAN also includes security features such as firewall, data encryption and malware protection.
The solution can be implemented on ISR 4xxx, ISR 1000, C8000 and C8000v series routers
Central vManage can be installed in a local network or cloud environment
Features
Department of control, management and data plane
Central management of solutions from the vManage console
Support for multiple WAN connections
Routing based on application traffic
Integrated security (NGFW, IPS, AMP, UMBRELA...)
End-to-End visibility of the applications being transferred and the state of the transport network
QoS policy for infrastructure applications
Benefits
Centralized network management from one place. The solution makes it easy to configure, manage and monitor the entire network.
Optimise network traffic and enable fast and reliable connectivity for applications at all locations. Network traffic is dynamically routed over different connections (e.g. MPLS, Internet, LTE) based on current network conditions, ensuring the best possible quality of service and minimizing latency.
Direct Internet Access, allows direct access to the Internet for critical applications without the need to communicate through a central hub.
Wide possibilities for network expansion and adaptation to new requirements.
Integrated security protection for network traffic. Includes firewall, data encryption, threat protection and the ability to implement various security policies.
Monitor transport networks and select the best path for critical applications.
Optimizing cloud connectivity, thanks to DIA (Direct Internet Access). Traffic that must not be modified or decrypted can be routed directly to the Internet without the need to communicate through a central hub.
Why Alef?
- Strong technical team specialising in remote collaboration
- Unique know-how in the areas of solution design, implementation and subsequent management
- Dozens of satisfied customers
Who is the SDWAN solution for?
- For customers who have connected remote sites in a standard way (e.g. using MPLS, ADSL, L2-link...) and protect traffic with a standard VPN solution based on GRE, VTI, DMVPN technology.
- For customers consuming cloud services such as Office356, for which a direct connection is recommended, without the need for detailed traffic inspection
- For customers requiring maximum WAN monitoring, optimization of data flows based on the running application, etc...