The components – SD-WAN Edge, SD-WAN Controller (CloudStation), Service Orchestrator, SD-WAN Gateway, CloudStation Web Portal (Managed Service Portal) – of SD-WAN can be leveraged in several ways in a Hybrid WAN scenario. In a Hybrid WAN deployment, it is better to have one site with Broadband links and one site with MPLS Link in addition to one site with both types of links. They should be able to access applications behind the CloudPort Hub in the DC. Below are 5 cases of SD-WAN deployment
SD-WAN service tunnelled over Internet and MPLS WANs
The above diagram highlights a use case for software defined Wide Area Network (SD-WAN) being deployed over existing broadband (Internet) and MPLS VPN WANs between two Branches. Hybrid WAN enables subscribers to leverage an encrypted SD-WAN tunnel over the internet to augment site-to-site MPLS (VPN) bandwidth. Using two WANs allows achieve higher resilience as well.
Both Branches in the diagram are using SD-WAN edge CPE. The CSP or MSP is responsible to deliver SD-WAN service over existing set up. Hybrid WANs today are in demand because both Internet and MPLS can coexist together. Such ecosystem enables ICT teams to interconnect branches while ensuring benefits of SD-WAN over multiple WANs.
SD-WAN service tunnelled over Multiple ISPs
The above diagram highlights a scenario wherein SD-WAN service is deployed across multiple ISPs using multiple WANs. ISPs can be a broadband service using DSL or Cable Internet or a Dedicated Internet Access or a mix of all three. Now since ISPs are not really the CPS or MSP delivering SD-WAN managed services, this deployment is possible in larger SD-WAN service deployment where both branches are offNet and can be reached only through an Internet WAN. Furthermore, by having multiple ISPs and multiple Internet WANs for each site, the CSP or MSP offering the SD-WAN managed service could offer a better SLA due to the added WAN resiliency.
SD-WAN Service with SD-WAN Edge vCPE supporting multiple VNFs
In the above diagram, we notice SD-WAN service across multiple WANs leveraging SD-WAN edge CPEs in both the Branches. Using SD-WAN edge VNF on SD-WAN Edge vCPE, both Communication or Managed service providers, by adding VNFs can deliver virtual network services. Provided the vCPE has enough compute resource to support them. The SD-WAN Edge vCPE acting as NFV infrastructure requires NFV resource orchestrator to onboard additional VNFs to SD-WAN Edge VNF. This ensures leveraging the benefits SD-WAN plus additional virtual network services delivered by the VNFs on vCPE
SD-WAN Service with SD-WAN Edge VNF running in the Cloud
The above diagram illustrates an use case for enabling SD-WAN services across multiple WANs with EDGE CPE and EDGE VNF in cloud ecosystem. In this scenario, the SD-WAN service tunneling happens at the EDGE CPE (Site on the left in the Fig). The SD-WAN service terminates on the physical compute server or virtual machine (VM) where the applications are active e.g in cloud environment. By terminating SD-WAN tunnel on the server or the VM allows IT to establish secure connectivity between endpoints (sites on the left and cloud DC)
SD-WAN Service inter-operating with MPLS VPN
The final diagram illustrates an use case for SD-WAN Gateway established between sites interconnected via SD-WAN (using Internet ) and sites connected via MPLS VPN. The site (left of the fig) using SD-WAN EDGE CPE, is interconnecting to SD-WAN EDGE VNF in public cloud to an SD-WAN gateway. The SD-WAN Gateway allows communicating with sites interconnected via SD-WAN tunnels over the Internet, by interconnecting via MPLS VPN. This use case is simple, cost effective and fast to connect existing MPLS VPN sites in your existing network infrastructure with new sites using local Internet connection.