As part of our “Road to Resilience” webinar series, Opengear recently hosted a panel discussion on out-of-band (OOB) device management and software defined wide area networks (SD-WANs). SD-WAN upgrades enterprise WANs in ways never possible before, aggregating multiple types of traditional enterprise network connections with internet connections for greater efficiencies and lower network costs.
Beyond offices and branches, SD-WAN deployments have extended to edge networks with a lot of diverse hardware and software. Resiliency is critical and OOB network device management, with failover to a cellular connection, has become a key solution to ensure network devices on the SD-WAN never go down.
Evolution of SD-WAN
With SD-WAN, applications considered essential for customer interaction, commerce, and employee productivity can be sent over a traditional WAN connection ― like IP/Multiprotocol Label Switching (IP/MPLS), a Layer 2 or Layer 3 VPN, or a virtual private LAN service (VPLS). Non-critical traffic, such as guest Wi-Fi and video, can be routed over a much less expensive Internet connection with requisite levels of security and guaranteed performance. Application-aware routing lets you create policies to determine which applications will travel over which transport options, with flexibility to automatically shift traffic as load and conditions change. SD-WAN allows companies to increase bandwidth while lowering network costs and introducing flexibility and choice.
“SD-WAN has its roots in SDN. SDN was popularized by the arrival of OpenFlow, a programmable network protocol designed to program the behavior of switches from various vendors,” said Roy Chua of AvidThink, a research and advisory service, who led the webinar. “The key to SDN and OpenFlow was the segregation of the management plane from the control plane and data plane. Historically, they’ve been bundled together. With SD-WAN, the same separation principle applies, with the cloud used to provide the management and control plane.”
Todd Rychecky, Vice President of Americas for Opengear, remembers that before SD-WAN, it required truck rolls and manual, box by box configurations to reprogram CPE in branch offices or at the edge. “SD-WAN changes the paradigm by using cloud-based principles to provide policy-based automation and application awareness.”
With cloud-based management, “You can create service chaining, the ability to link multiple network functions that can be either locally hosted or in the cloud,” said Saurabh Sandhir, Vice President of Product Management at Nuage Networks from Nokia. “And SD-WAN lets you utilize multiple WAN links and build virtual tunnels to create overlays on top of any transport.”
Sandhir went on to describe the three elements that are behind “SD-WAN 2.0”. Firstly, the idea of a multi cloud strategy, meaning for an enterprise to have a single pane of glass for its VPN branches and public cloud connectivity. “It’s almost becoming table stakes as the world moves to public cloud, and it plays into how an enterprise can move workloads between public cloud providers. Having network connectivity that follows along with fully redundant and resilient connectivity using MPLS, Internet and LTE”. Next, there’s a long-tail of “Value-Add” services that can be made available beyond standard network connectivity. And perhaps most importantly, end-to-end security across branch WAN and the cloud, and how it can detect threats that are enterprise wide, quickly and take proactive action.
Adding Resilience to SD-WAN
Network resilience, the ability to withstand a network disruption, is a critical component of business continuity and a highly important consideration when deploying SD-WANs because staying online is vital for every enterprise business today. Once, POTS lines were used to dial into modems that were used to access and recover a router at a branch location. “Now, OOB management is foundational to network resilience and running a sound business,” said Opengear’s Rychecky. “Using the 4G LTE cellular network as the independent management plane, a network team using OOB management solutions can remediate issues in remote offices and network edge locations quickly. Failover to cellular allows companies to continue online while a problem is being resolved.”
Rychecky sees more automation coming through Out-of-Band, with the ability to bring up a remote site or a data center without being physically present. Devices will call home to the cloud, grab configuration downloads, and configure hardware ― all directed from a centralized management console. “Sort of like NASA’s approach with the Mars Lander.”
“Resilience is a philosophy and approach that transcends network planes and functions,” believes Nuage Network’s Sandhir. “OOB management over cellular is used by one of our large customers in Canada. They use a smart OOB management solution when they need access to an on-premise device if cloud connectivity is ever lost.”
Nuage Networks also has a large European service provider customer that rolled out a global SD-WAN footprint. One of their end customers, a large consumer electronics and manufacturing company, had a large number of sites around the world. Their biggest concern moving from a traditional MPLS network to SD-WAN was resilience. Some sites were factories and for these, resilience meant getting the highest performance and SLA for access to applications running in the central data center. For consumer-facing sites, resilience meant having always-available guest Wi-Fi. Other sites were used for software development and they needed resilient access to cloud-based software-as-a-service (SaaS) applications hosted in the public cloud via the public Internet.”
Using remote OOB access, all of these different types of environments can be made highly resilient with proactive and real-time automated monitoring and management features.
Proactive and Realtime OOB Management
With SD-WAN, the distributed nature of today’s enterprise, there’s a lot of infrastructure responsible for the management, control, and data planes. Smart Out-of-Band management provides secure access to all of the infrastructure ― routers, switches, firewall, power distribution unit (PDU), and universal power supply (UPS).
“Proactive monitoring and alerting take care of the problems before they disrupt a business,” says Rychecky. “Using cellular, you can get SMS text and email alerts over the cellular line, which isn’t possible with a POTS line. One of the simplest fixes for a locked-up router is a basic power cycle, which you can do easily and quickly with OOB tools. Proactive monitoring of IoT sensors could include video cameras, door contacts, vibration, water, and smoke ― anything running on five-volt power can be connected to an OOB management interface.”
SD-WAN has provided new flexibility and value to the enterprise. Now OOB management with failover to cellular helps enterprise organizations keep those hybrid network connections up and running if data center or cloud services fail. Adding greater automation and software intelligence has made remote network management ever more precise and proactive.