Few areas of the enterprise are as ripe for change as the wide area network. And there are plenty of technologies -- from hybrid WAN services and software defined networking to better management tools -- lining up to push such a makeover closer to reality.
"There is about as much turmoil in the WAN arena as possible," said Steve Taylor, senior research fellow with Webtorials.com.
You can get the sense of the tumult by taking a look at the vendor activity in all aspects of the WAN. A ton of startups including vendors such as CloudGenix, Glue Networks, Viptela and Velocloud are offering new WAN services and products. Established vendors such as Cisco, Avaya, Alcatel-Lucent and Riverbed are also scrambling to address WAN issues with new software and hardware.
"The venture capital investment in WAN startups has been tremendous," said Cliff Grossner, research director data center, cloud and SDN with Infonetics. "For example, in the last six months 10 or more new companies have sprung up bringing SDN technology to the WAN. The growth in cloud services has made the WAN that much more strategic."
SDN may be the elixir that cures a number of WAN ills. Its proponents say SDN is quite capable of simplifying the way big companies turn up new links to branch offices, better manage the way those links are utilized -- for data, voice or video and potentially save lots of costs in the process.
"The WAN is no longer a single pipe, it's a fabric of multiple types of links, everything from 4G LTE, DSL, cable...and the [software-defined WAN] SD WAN will offer customers much more intelligence allowing them to prioritize traffic and apps based on policies they just couldn't do before," said Jason Rolleston, Cisco's senior director of product management for WAN enterprise networking. "The WAN has always been a bottleneck and a problem area in terms of complexity -- software defined networking can take away a lot of those issues."
Such complexity is only exacerbated by developing technologies such as private and public clouds, BYOD and mobility issues, observers said.
Closely associated with the upsurge of SDN is the deployment of hybrid WANs, which is the exploitation of multiple access technologies to the Internet, which then could become the WAN backbone for those adventurous enough to invest in such a strategy.
"With so many enterprises looking to move WAN traffic onto the Internet, how that traffic is handled by the service providers becomes an issue," Taylor said. He notes the recently FCC vote on net neutrality could end up impacting enterprise WANs down the line. "There are lots of companies that would pay to have their traffic prioritized on the Internet."
Beyond traffic prioritization, there are some pretty significant benefits to deploying a hybrid WAN. Andrew Lerner, Research Director for Gartner, recently wrote in his blog: The value proposition associated with hybrid WAN and the technology-solutions include:
- Reduced WAN costs via using lower-cost Internet/broadband (to supplement, complement, and/or replace traditional MPLS).
- Simplified and improved management orchestration of WAN traffic/devices, including path selection capabilities.
- Improved and unified visibility and monitoring traffic.
- Improved security, including improved scale for VPN-based solutions.
Gartner also advises that while "public cloud services and mobility are driving business needs, the Internet and MPLS play an equally important role for enterprise connectivity. Network planners must establish a unified WAN with strong integration between these two networks to avoid application performance problems."
Application, network performance and security management have been a few traditional WAN bugaboos. In a recent invitation to industry players to build improved wide area technology, the military's high-tech research arm Defense Advanced Research Projects Agency (DARPA) wrote of current WAN issues: "In current practice, when users at the network edge experience degraded or denied communication, they typically have no recourse other than to inform WAN administrators of the difficulty. Consequently, network events that affect small but mission-critical sets of users, flows, or time periods may go undetected and un-diagnosed by these systems, which will further prolong recovery times. Examples of such events are localized failures caused by router mis-configuration, and network-based, low-volume DoS attacks targeting a particular user enclave."
"Further impeding WAN administrators' effective response to network events is the fact that the WAN transports data in encrypted tunnels between enclaves (i.e., the tunnels established between encryption devices at the network edge). The WAN therefore has no detailed knowledge of user, application or mission communication requirements, impeding its ability to respond to network events in a manner that efficiently meets these needs," DARPA stated.
The networking research community has invested heavily in hardening network infrastructure to mitigate or prevent network events. Proposed methods include a variety of network-based DoS detection techniques, Byzantine fault tolerance algorithms, trust-based routing methodologies, algorithms for discovering configuration errors, and a variety of fast fail-over mechanisms, among many others, DARPA stated.
Last year DARPA detailed a new program, known as EDICT or Edge-Directed Cyber Technologies for Reliable Mission Communication, that hopes to develop advanced WAN tools to address the current weaknesses in the wide area: "The objective of the EDICT program is to bolster the resilience of communication over IP networks solely by instantiating new capabilities in computing devices within user enclaves at the WAN edge," the agency stated.
"It is envisioned that systems developed within this program will combine real-time network analytics, holistic decision systems, and dynamically configurable protocol stacks to mitigate WAN failures and attacks on the fly, in a mission-aware fashion. Protocols in scope for this program include those at the network, transport, and application layers of the five-layer protocol reference model."
Security is obviously a part of what DARPA hopes to improve with EDICT research and much more needs to be done for WANs.
Nemertes wrote in its 2014-15 Benchmark Report: WAN Best Practices and Success Factors that: "Organizations shifting to Internet as WAN need to be cautious of security threats lurking on the net. For Internet as WAN branches, encryption is table stakes, but as such it is still a key component to successful WAN. WAN encryption keeps threats on the Web at a minimum. Currently, 44% of companies use WAN encryption, with another 10% of companies showing interest in the technology in the future. With regulation requirements and general security the top drivers, encrypted WAN helps organizations achieve a security for data at rest and in motion."