Networking

How SD-WAN Can Help Agencies Expand Their Network Reach

Software-defined wide area networking technology provides agencies with more control and flexibility over their enterprise networks.

Chris Weinert

Chris Weinert is a solution architect at CDW and a proud Army veteran. He has more than 20 years of experience helping small and large organizations plan, design, install, integrate and support their complex network, security and cloud environments

Mark Prather

Mark Prather is a General Manager - Department of Defense - at HP.

While it has been a mainstay in the private sector for many years, software-defined wide area networking (SD-WAN) technology is still slowly finding its way into the federal government. However, the benefits of SD-WAN are more critical than ever as agencies look to modernize their older network topologies and bolster cybersecurity.

Some agencies have started to adopt SD-WAN in the form of network transitions and modernizations under the General Services Administration’s $50 billion Enterprise Infrastructure Solutions (EIS) contract. The Department of Homeland Security is including a shift to SD-WAN as part of its upgrade, as is the State Department.

There are numerous benefits to SD-WAN for federal agencies, including the ability to configure and manage networks at different locations. Agencies can also prioritize traffic for mission-critical applications. Essentially, SD-WAN allows agencies to modernize their legacy systems’ networking technology to newer systems that enable both secure connectivity and higher visibility into how their WAN is performing.

SD-WAN also lets agencies deploy microsegmentation of their networks and provides insight into who and what is accessing the network, essential elements of the shift to a zero-trust architecture for cybersecurity.

Click on the banner to become an Insider and access exclusive FedTech content.

How SD-WAN Can Aid Agencies’ Network Transformations

SD-WAN applies software-defined networking (SDN) concepts to wide area networks, and it decouples the network and the control plane, abstracting traffic management and monitoring from network hardware. With that centralized management and control, agency network administrators can configure an entire WAN from one location, reducing human error and labor. Agencies can make changes to thousands of devices with relative ease, compared with traditional networking.

SD-WAN enables performance-based routing, and it can shift less latency-sensitive traffic off a multiprotocol label-switching circuit onto an internet circuit. This increases performance and reduces costs. SD-WAN also can dynamically route and reroute traffic depending on the agency’s priorities or mission needs — say, providing high-performance video streaming. Additionally, a feature called forward error correction lets mission-critical applications work well over unreliable WAN links, usually IP-based circuits.

DISCOVER: How flexible as-a-service approaches will help federal agencies modernize.

Further, SD-WAN enables agencies to use digital experience management tools to get a clearer understanding of how applications are performing from a user’s perspective. That lets network admins triage issues more quickly and easily identify different issues — or determine whether users are actually having an issue.

SD-WAN also enables agencies to bolster network security, letting them deploy next-generation firewall services on SD-WAN appliances, including URL filtering and anti-malware sandboxing. SD-WAN also gives agencies the ability to truly integrate their networks with FedRAMP-authorized security service edge providers, such as Zscaler and Netskope, letting agencies send branch or remote location traffic through those types of providers.

SD-WAN can also help agencies in their journey to zero trust. Many of the SD-WAN solutions deny by default, so anything that gets routed is allowed to happen based on policies that allow them. SD-WAN appliances can be used to perform network access control and authentication of users, especially for users seeking to connect via branch or remote locations.

Getting Your Agency Started on an SD-WAN Journey

It’s important for agency IT leadership to take a deliberate and measured approach to adopting SD-WAN and SDN in general. With a trusted partner, agencies should start by determining what their mission needs are and then determining the right technical SD-WAN capabilities to match. With their partners, agencies should also evaluate their current networking environment to see how they ready they are to move to a software-defined environment where automation, standardization, templating and network scripts are common.

After that, agency IT leaders should conduct planning and design sessions to determine the high-level design requirements for routing policy, security policy, how the agency needs to connect to the cloud and other services, and any other SDN features they want.

Those crucial decisions will have an impact on the types of hardware and software licensing the agency will need. From there, agencies will purchase networking hardware and software.

LEARN ABOUT: How the DoD is implementing a multicloud shift via multiple cloud providers.

After that, agencies might set up a proof-of-concept SD-WAN network or a small-scale deployment. This is typically done at a headquarters location and, potentially, a handful of branches. Agencies can then work through any complications that crop up, scale out the deployment, then work with partners to fine-tune the architecture and adopt additional services.

It’s still the early days for SD-WAN in the federal government, but there are many benefits agencies can and should take advantage of by moving to this new approach. With EIS and zero-trust deadlines looming, agencies should start down this path if they’re not already there.

This article is part of FedTech’s CapITal blog series. Please join the discussion on Twitter by using the #FedIT hashtag.