Showing results for 
Search instead for 
Did you mean: 
Create Post

SD-WAN: Why We're So Interested

Product Manager

WAN History 

Wide area network (WAN) technologies have come a long way since the early 2000s. It was the age of “traditional WAN,” where dedicated leased lines, frame relay circuits, and asynchronous transfer mode (ATM) circuits were the only games in town. The Dow Jones Industrial Average was around 11k, and the information technology (IT) industry was at the peak of the Dot-com bubble, though still dragging more than a few dot-matrix printers. Multiprotocol label switching (MPLS) circuits followed, which provided a pseudo-VPN circuit transit over public transport. Then around 2010, dynamic multipoint virtual private network (DMVPN) technology popularized the “network overlay” concept.

More recently, with lessons learned from software-defined networking (SDN), Cisco began marketing “iWAN,” acquiring both Viptela and Meraki to usher in an age of “software-defined” WAN (SD-WAN) technology. In June 2015, VeloCloud, a VMware company, garnered a lot of attention at Cisco Live with a cloud-delivered SD-WAN solution. Combined, Cisco and VMware represent around half of the SD-WAN infrastructure market, which “accelerated an impressive 80% in 2019 to be worth $2.5 billion.” (1) While market growth through COVID-19 has been tepid, it’s highly likely to accelerate soon, according to our recent customer survey. (2)

WAN’s Role in Modern Computing

Enterprise WAN connections have grown far beyond simply connecting main campuses, data centers, and branch offices. The WAN is now a critical service of the bulk of operations including hybrid cloud, remote services, and most recently services at the edge. WANs have become the backbone of shared services and distributed applications across the enterprise.

Traditionally, we’ve used dedicated circuits, and while they provide reliability and security, modern networks required some rethinking. This is even more true considering the global pandemic and rise of the remote worker, which has driven wider cloud and SaaS adoption. At SolarWinds, we’ve been steering our products to support cloud infrastructure vendors like Azure and AWS through our cloud deployment options, most recently with Network Performance Monitor (NPM) 2020.2, which featured Azure VPN gateway visibility.

Cloud adoption is driving a need to simplify the management of wide-area networks and include our cloud resources more seamlessly into the network. SD-WAN is designed specifically to fill these needs.

Advantages of SD-WAN 

SD-WAN is a subset of SDN, separating control and forwarding planes to provide network orchestration services, which provision and manage the connections between our branch offices, central resources, and cloud resources. One of the major functions of SD-WAN is to eliminate the need for major traffic backhauling.

With traditional dedicated circuits, internet-bound traffic typically flows from the branch to the main site, with potentially significant speed-of-light latency and bandwidth budget bottlenecks, before leaving the enterprise to reach its destination. With regional load balancers and content delivery networks becoming increasingly ubiquitous, this obviously creates massive traffic inefficiencies.

Sample ArchitectureSample Architecture

DMVPNs solved this by using an encrypted virtual topology (an “overlay network”) for internal resources and split-tunneling for the cloud resources. DMVPNs are deployed in either Hub-and-Spoke or Spoke-to-Spoke fashion. This is the first obvious difference compared to SD-WAN—topology is intentionally much more mutable. To some degree, custom topologies are possible with DMVPN, but require a lot of manual configuration, as opposed to policies in SD-WAN where the “Hub” is just another device. With SD-WAN, it’s still important to plan for tunnel scale and adequate throughput, but losing connectivity to one WAN edge node no longer impacts others, making the entire WAN architecture much more resilient. Additionally, the control plane is entirely abstracted and can also be cloud-hosted.

SD-WAN can also be more secure and easier to secure. Where DMVPNs generally rely on either pre-shared keys or complex public key infrastructures to provide certificate-based authentication, SD-WAN vendors generally build certificate-based authentication directly into their offering.

Routing can also be simplified as well. DMVPN generally employs Open Shortest Path First (OSPF) or Enhanced Interior Gateway Routing Protocol (EIGRP) along with Border Gateway Protocol (BGP), any of which can be complex and error-prone to configure. However, SD-WAN is more straightforward, generally leveraging policy frameworks. Policy changes are made via orchestration—an easier, faster, and less error-prone method to implement traffic engineering in your network. DMVPN is still a great technology with wide adoption, but the network is configured manually. Implementing SD-WAN isn’t trivial, but once the platform of templates and orchestration is in place, it’s easier to understand configuration and consistent, multi-device deployment.

Why We’re So Interested 

Beyond implementing the network, DMVPN generally includes only limited vendor-provided monitoring or management tools. Third-party offerings, such as SolarWinds Network Automation Manager (NAM), are needed to monitor the status of the network, analyze traffic, manage configuration, and simplify troubleshooting. With SD-WAN however, at least some manageability must be a base service, generally handled via orchestration and a vendor-provided web console.

However, there are dozens of SD-WAN vendors, each with their own protocols and management interfaces. As a result, any one vendor-provided monitoring/management tool is unlikely to be a single-pane-of-glass. That’s not how hardware competition works. Providing the end-to-end visibility required to meet today’s IT operations needs for multivendor networks just isn’t in their wheelhouses. And this is where you come in.

If you haven’t noticed some of the new SD-WAN visibility features of recent Orion Platform releases, we’re highly interested in your SD-WAN visibility needs. We’re actively working on addressing them beyond what NPM does today for SD-WAN visibility, which includes basic service assurance (up/down, latency) and performance metrics (bandwidth utilization, traffic load, and errors/discards) for Cisco (Viptela/Meraki) and VMware (VeloCloud) vEdge devices. We’re also interested in how your organization determines when to transition from your traditional circuits to an SD-WAN solution.

How You Can Help

Is your organization planning to implement SD-WAN soon? What are your current challenges when you think about inter-office connectivity? As always, your feedback is an important driver to the schedule and design of SolarWinds software. Now is the perfect time to chat with us.

If you’d like to discuss your SD-WAN monitoring needs, please reach out to me at, or on social media—THWACK, LinkedIn, or Twitter.


  1. IDC: Worldwide SD-WAN Infrastructure Forecast, 2020–2024: Secular Trend Intact Despite 2020 COVID-19 Pause
  2. SolarWinds: SD-WAN Customer Survey, 2020, Post-COVID-19