How SD-WAN Can Aid Agencies’ Network Transformations
SD-WAN applies software-defined networking (SDN) concepts to wide area networks, and it decouples the network and the control plane, abstracting traffic management and monitoring from network hardware. With that centralized management and control, agency network administrators can configure an entire WAN from one location, reducing human error and labor. Agencies can make changes to thousands of devices with relative ease, compared with traditional networking.
SD-WAN enables performance-based routing, and it can shift less latency-sensitive traffic off a multiprotocol label-switching circuit onto an internet circuit. This increases performance and reduces costs. SD-WAN also can dynamically route and reroute traffic depending on the agency’s priorities or mission needs — say, providing high-performance video streaming. Additionally, a feature called forward error correction lets mission-critical applications work well over unreliable WAN links, usually IP-based circuits.
Further, SD-WAN enables agencies to use digital experience management tools to get a clearer understanding of how applications are performing from a user’s perspective. That lets network admins triage issues more quickly and easily identify different issues — or determine whether users are actually having an issue.
SD-WAN also enables agencies to bolster network security, letting them deploy next-generation firewall services on SD-WAN appliances, including URL filtering and anti-malware sandboxing. SD-WAN also gives agencies the ability to truly integrate their networks with FedRAMP-authorized security service edge providers, such as Zscaler and Netskope, letting agencies send branch or remote location traffic through those types of providers.
SD-WAN can also help agencies in their journey to zero trust. Many of the SD-WAN solutions deny by default, so anything that gets routed is allowed to happen based on policies that allow them. SD-WAN appliances can be used to perform network access control and authentication of users, especially for users seeking to connect via branch or remote locations.
Getting Your Agency Started on an SD-WAN Journey
It’s important for agency IT leadership to take a deliberate and measured approach to adopting SD-WAN and SDN in general. With a trusted partner, agencies should start by determining what their mission needs are and then determining the right technical SD-WAN capabilities to match. With their partners, agencies should also evaluate their current networking environment to see how they ready they are to move to a software-defined environment where automation, standardization, templating and network scripts are common.
After that, agency IT leaders should conduct planning and design sessions to determine the high-level design requirements for routing policy, security policy, how the agency needs to connect to the cloud and other services, and any other SDN features they want.
Those crucial decisions will have an impact on the types of hardware and software licensing the agency will need. From there, agencies will purchase networking hardware and software.
After that, agencies might set up a proof-of-concept SD-WAN network or a small-scale deployment. This is typically done at a headquarters location and, potentially, a handful of branches. Agencies can then work through any complications that crop up, scale out the deployment, then work with partners to fine-tune the architecture and adopt additional services.
It’s still the early days for SD-WAN in the federal government, but there are many benefits agencies can and should take advantage of by moving to this new approach. With EIS and zero-trust deadlines looming, agencies should start down this path if they’re not already there.